https://github.com/cssnr/npm-outdated-action
NPM Outdated Check Action
https://github.com/cssnr/npm-outdated-action
actions
Last synced: 17 days ago
JSON representation
NPM Outdated Check Action
- Host: GitHub
- URL: https://github.com/cssnr/npm-outdated-action
- Owner: cssnr
- License: gpl-3.0
- Created: 2025-03-20T01:27:11.000Z (about 1 year ago)
- Default Branch: master
- Last Pushed: 2025-11-07T22:56:42.000Z (7 months ago)
- Last Synced: 2025-11-08T00:20:16.042Z (7 months ago)
- Topics: actions
- Language: JavaScript
- Homepage: https://actions.cssnr.com
- Size: 398 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
[](https://github.com/cssnr/npm-outdated-action/tags)
[](https://github.com/cssnr/npm-outdated-action/releases)
[](https://github.com/cssnr/npm-outdated-action/releases/latest)
[](https://github.com/cssnr/npm-outdated-action/blob/master/src)
[](https://github.com/cssnr/npm-outdated-action/blob/master/action.yml)
[](https://github.com/cssnr/npm-outdated-action/actions/workflows/release.yaml)
[](https://github.com/cssnr/npm-outdated-action/actions/workflows/test.yaml)
[](https://github.com/cssnr/npm-outdated-action/actions/workflows/lint.yaml)
[](https://sonarcloud.io/summary/new_code?id=cssnr_npm-outdated-action)
[](https://github.com/cssnr/npm-outdated-action/pulse)
[](https://codeberg.org/cssnr/npm-outdated-action)
[](https://github.com/cssnr/npm-outdated-action/graphs/contributors)
[](https://github.com/cssnr/npm-outdated-action?tab=readme-ov-file#readme)
[](https://github.com/cssnr/npm-outdated-action)
[](https://github.com/cssnr/npm-outdated-action/forks)
[](https://github.com/cssnr/npm-outdated-action/discussions)
[](https://github.com/cssnr/npm-outdated-action/stargazers)
[](https://cssnr.github.io/)
[](https://discord.gg/wXy6m2X8wY)
[](https://ko-fi.com/cssnr)
# NPM Outdated Check
- [Inputs](#Inputs)
- [Permissions](#Permissions)
- [Outputs](#Outputs)
- [Comment Options](#Comment-Options)
- [Comment Examples](#Comment-Examples)
- [Examples](#Examples)
- [Tags](#Tags)
- [Features](#Features)
- [Planned](#Planned)
- [Support](#Support)
- [Contributing](#Contributing)
Action to report `npm outdated` packages on a pull request and add a [customizable comment](#Comment-Options),
also includes output of `npm-check-updates` and `npm update --dry-run`.
This action will comment on a PR if packages are outdated. As packages are updated, the comment is updated.
No comment is added on pulls when everything is up-to-date to reduce spam.
You can customize the heading, column visibility, column order, and reporting on wanted or latest.
Check out the [Comment Examples](#Comment-Examples) to see more.
> [!NOTE]
> This action is under active development.
> Please [request any features](https://github.com/cssnr/npm-outdated-action/discussions/categories/feature-requests)
> you would like to see and [report any issues](https://github.com/cssnr/npm-outdated-action/issues) you find.
## Inputs
| Input | Req. | Default Value | Input Description |
| :------ | :--: | :----------------------- | :------------------------------------------------------ |
| columns | - | `n,c,w,l` | Customize Table Columns [⤵️](#Comment-Options) |
| latest | - | `true` | Report if Latest > Wanted [⤵️](#Comment-Options) |
| heading | - | `### NPM Outdated Check` | Comment Heading [⤵️](#Comment-Options) |
| open | - | `true` | Details Open by Default [⤵️](#Comment-Options) |
| ncu | - | `true` | Show npm-check-updates Output [⤵️](#Comment-Options) |
| update | - | `true` | Show npm update --dry-run Output [⤵️](#Comment-Options) |
| link | - | `true` | Use Hyperlink for Names [⤵️](#Comment-Options) |
| exclude | - | - | CSV of Package Names to Exclude [⤵️](#Comment-Options) |
| fail | - | `false` | Fail Job if Updates are Found [⤵️](#Comment-Options) |
| summary | - | `true` | Add Workflow Job Summary \* |
| token | - | `github.token` | For use with a PAT |
**summary:** Will add result details to the job summary on the workflow run.
👀 View Example Job Summary
---
PR Comment: [#4](https://github.com/cssnr/npm-outdated-action/pull/4#issuecomment-2742441847)
_PR Comment will Appear Here_
Config
columns: ["n","c","w","l"]
latest: true
heading: "### NPM Outdated Check"
open: true
ncu: true
update: true
link: true
summary: true
---
At a minimum, you need to checkout the repository. The workspace should also be somewhat "clean".
The action will run a npm clean-install `npm ci`. If this fails it will report the errors and skip the checks.
```yaml
- name: 'Checkout'
uses: actions/checkout@v4
- name: 'NPM Outdated Check'
uses: cssnr/npm-outdated-action@master
continue-on-error: true
```
Note: `continue-on-error: true` is used to prevent the workflow from failing if the action fails.
If you want the job to fail, remove `continue-on-error` and set `fail: true`.
See the [Comment Options](#Comment-Options) for more details on inputs.
You can also view more [Examples](#Examples) below.
### Permissions
This action requires the following permissions to add pull request comments:
```yaml
permissions:
pull-requests: write
```
Permissions documentation for [Workflows](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token) and [Actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication).
## Outputs
| Output | Empty | Output Description |
| :------- | :---: | :------------------------ |
| outdated | `{}` | Outdated JSON Object |
| ncu | ` ` | NPM Check Updates Output |
| update | ` ` | NPM Update Dry Run Output |
| markdown | - | Results Markdown Output |
This outputs the `outdated` JSON object string, `ncu` output, `npm update` output, and the `markdown` results.
```yaml
- name: 'NPM Outdated Check'
id: outdated
uses: cssnr/npm-outdated-action@master
- name: 'Echo Output'
env:
OUTDATED: ${{ steps.outdated.outputs.outdated }}
NCU: ${{ steps.outdated.outputs.ncu }}
UPDATE: ${{ steps.outdated.outputs.update }}
MARKDOWN: ${{ steps.outdated.outputs.markdown }}
run: |
echo "outdated: '${{ env.OUTDATED }}'"
echo "ncu: '${{ env.NCU }}'"
echo "update: '${{ env.UPDATE }}'"
echo "markdown: '${{ env.MARKDOWN }}'"
```
Note: due to the way `${{}}` expressions are evaluated, multi-line output gets executed in a run block.
JSON Schema
```json
{
"@package/name": {
"current": "1.0.0",
"wanted": "1.0.1",
"latest": "2.0.0",
"dependent": "npm-outdated-action",
"location": "node_modules/name"
}
}
```
> More Output Examples Coming Soon...
## Comment Options
**latest:** To disable reporting of latest and ONLY show wanted, set this to `false`.
**heading:** You can customize the `heading` or set to an empty string to remove it.
**open:** Set to `false` for sections to be closed (collapsed/not open) by default.
**ncu:** Set this to `false` to disable reporting the output of `npx npm-check-updates`.
**update:** Set this to `false` to disable reporting the output of `npm update --dry-run`.
**link:** Set this to `false` to use plain text for package names instead of hyperlinks.
**exclude:** Packages to ignore/omit when running checks; example `@eslint/js,tsparticles`.
**fail:** Set this to `true` to fail if updates are found to enforce this through status checks.
**columns:** Customize column visibility and order.
This must be a perfectly formatted CSV with any combination of these keys:
Default value: `n,c,w,l`
| Key | Column | Description |
| :-: | :----------- | :---------------- |
| `n` | Package Name | Name of Package |
| `c` | Current | Current Version |
| `w` | Wanted | Wanted Version |
| `l` | Latest | Latest Version |
| `d` | Dependent | Dependent Package |
| `p` | Location | Path of Package |
👀 View the Column Map
```javascript
const maps = {
n: { align: 'l', col: 'Package Name' },
c: { align: 'c', col: 'Current' },
w: { align: 'c', col: 'Wanted' },
l: { align: 'c', col: 'Latest' },
d: { align: 'l', col: 'Dependent' },
p: { align: 'l', col: 'Location' },
}
```
## Comment Examples
_Note: the examples are generated with no heading and default options._
🔷 Full Example Closed
---
npm outdated
| Package Name | Current | Wanted | Latest |
| :------------------------------------------- | :-----: | :----: | :----: |
| [axios](https://www.npmjs.com/package/axios) | 1.8.3 | 1.8.4 | - |
npm-check-updates
```text
@eslint/js ^9.20.0 → ^9.22.0
axios ^1.8.3 → ^1.8.4
```
npm update --dry-run
```text
change undici 5.28.5 => 5.29.0
change axios 1.8.3 => 1.8.4
change @pkgr/core 0.1.1 => 0.1.2
change @octokit/types 13.8.0 => 13.10.0
change @octokit/openapi-types 23.0.1 => 24.2.0
change @octokit/core 5.2.0 => 5.2.1
changed 6 packages in 4s
32 packages are looking for funding
run `npm fund` for details
```
---
🔷 Full Example Open
---
npm outdated
| Package Name | Current | Wanted | Latest |
| :------------------------------------------- | :-----: | :----: | :----: |
| [axios](https://www.npmjs.com/package/axios) | 1.8.3 | 1.8.4 | - |
npm-check-updates
```text
@eslint/js ^9.20.0 → ^9.22.0
axios ^1.8.3 → ^1.8.4
```
npm update --dry-run
```text
change undici 5.28.5 => 5.29.0
change axios 1.8.3 => 1.8.4
change @pkgr/core 0.1.1 => 0.1.2
change @octokit/types 13.8.0 => 13.10.0
change @octokit/openapi-types 23.0.1 => 24.2.0
change @octokit/core 5.2.0 => 5.2.1
changed 6 packages in 4s
32 packages are looking for funding
run `npm fund` for details
```
---
🔷 Only One Outdated Package
---
npm outdated
| Package Name | Current | Wanted | Latest |
| :------------------------------------------------------------------- | :-----: | :-----: | :----: |
| [npm-check-updates](https://www.npmjs.com/package/npm-check-updates) | 17.1.15 | 17.1.16 | - |
npm-check-updates
```text
npm-check-updates ^17.1.15 → ^17.1.16
```
npm update --dry-run
```text
change npm-check-updates 17.1.15 => 17.1.16
changed 1 package
```
---
🔷 After Everything Updated
---
✅ All packages are up-to-date.
---
Note: this only appears if a previous comment is edited and does not show up on a new PR with no outdated packages.
> More Comment Examples Coming Soon...
## Examples
💡 _Click on an example heading to expand or collapse the example._
Custom Heading
```yaml
- name: 'Package Changelog Action'
uses: cssnr/npm-outdated-action@master
continue-on-error: true
with:
heading: '**NPM Changelog**'
```
Remove Heading
```yaml
- name: 'Package Changelog Action'
uses: cssnr/npm-outdated-action@master
continue-on-error: true
with:
heading: ''
```
This puts latest before current and adds dependent.
Fail Status Check if Outdated
```yaml
- name: 'Package Changelog Action'
uses: cssnr/npm-outdated-action@master
with:
fail: true
```
Custom Column Order
```yaml
- name: 'Package Changelog Action'
uses: cssnr/npm-outdated-action@master
continue-on-error: true
with:
columns: 'n,l,c,w,d'
```
This puts latest before current and adds dependent.
Disable NCU Check
```yaml
- name: 'Package Changelog Action'
uses: cssnr/npm-outdated-action@master
continue-on-error: true
with:
ncu: false
```
This puts latest before current and adds dependent.
Disable Update Check
```yaml
- name: 'Package Changelog Action'
uses: cssnr/npm-outdated-action@master
continue-on-error: true
with:
update: false
```
This puts latest before current and adds dependent.
Full Workflow Example
If you don't have a pull_request workflow already you can use this one.
Simply create a file called `pull.yaml` in the `.github/workflows` directory: `.github/workflows/pull.yaml`
Then add the below content to the file, save, commit, and create a PR...
```yaml
name: 'Pull'
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
pull:
name: 'Pull'
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
pull-requests: write
steps:
- name: 'Checkout'
uses: actions/checkout@v4
- name: 'NPM Outdated Check'
uses: cssnr/npm-outdated-action@master
```
> More Examples Coming Soon...
## Tags
The following rolling [tags](https://github.com/cssnr/npm-outdated-action/tags) are maintained.
| Version Tag | Rolling | Bugs | Feat. | Name | Target | Example |
| :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :-----: | :--: | :---: | :-------: | :------: | :------- |
| [](https://github.com/cssnr/npm-outdated-action/releases/latest) | ✅ | ✅ | ✅ | **Major** | `vN.x.x` | `vN` |
| [](https://github.com/cssnr/npm-outdated-action/releases/latest) | ✅ | ✅ | ❌ | **Minor** | `vN.N.x` | `vN.N` |
| [](https://github.com/cssnr/npm-outdated-action/releases/latest) | ❌ | ❌ | ❌ | **Micro** | `vN.N.N` | `vN.N.N` |
You can view the release notes for each version on the [releases](https://github.com/cssnr/npm-outdated-action/releases) page.
The **Major** tag is recommended. It is the most up-to-date and always backwards compatible.
Breaking changes would result in a **Major** version bump. At a minimum you should use a **Minor** tag.
## Features
- Automatically report npm outdated packages on a PR and add a comment.
- Report wanted and latest with option to only report wanted.
- Option to exclude packages by name from being reported.
- Option to customize columns visibility and columns order.
- Option to display results expanded or collapsed.
- Option to display `npx npm-check-updates` output.
- Option to display `npm update --dry-run` output.
- Outputs outdated, ncu, update, and markdown results.
### Planned
- Custom Column Alignment
- Custom Column Titles
- Custom Section Text
Want to show package changes on release notes? Check out: [cssnr/package-changelog-action](https://github.com/cssnr/package-changelog-action?tab=readme-ov-file#readme)
Want to automatically updated tags on release? Check out: [cssnr/update-version-tags-action](https://github.com/cssnr/update-version-tags-action?tab=readme-ov-file#readme)
If you would like to see a new feature, please [submit a feature request](https://github.com/cssnr/npm-outdated-action/discussions/categories/feature-requests).
# Support
For general help or to request a feature, see:
- Q&A Discussion: https://github.com/cssnr/npm-outdated-action/discussions/categories/q-a
- Request a Feature: https://github.com/cssnr/npm-outdated-action/discussions/categories/feature-requests
If you are experiencing an issue/bug or getting unexpected results, you can:
- Report an Issue: https://github.com/cssnr/npm-outdated-action/issues
- Chat with us on Discord: https://discord.gg/wXy6m2X8wY
- Provide General Feedback: [https://cssnr.github.io/feedback/](https://cssnr.github.io/feedback/?app=Update%20Release%20Notes)
For more information, see the CSSNR [SUPPORT.md](https://github.com/cssnr/.github/blob/master/.github/SUPPORT.md#support).
# Contributing
If you would like to submit a PR, please review the [CONTRIBUTING.md](#contributing-ov-file).
Please consider making a donation to support the development of this project
and [additional](https://cssnr.com/) open source projects.
[](https://ko-fi.com/cssnr)
Additionally, you can support other GitHub Actions I have published:
- [Stack Deploy Action](https://github.com/cssnr/stack-deploy-action?tab=readme-ov-file#readme)
- [Portainer Stack Deploy Action](https://github.com/cssnr/portainer-stack-deploy-action?tab=readme-ov-file#readme)
- [Docker Context Action](https://github.com/cssnr/docker-context-action?tab=readme-ov-file#readme)
- [Actions Up Action](https://github.com/cssnr/actions-up-action?tab=readme-ov-file#readme)
- [VirusTotal Action](https://github.com/cssnr/virustotal-action?tab=readme-ov-file#readme)
- [Mirror Repository Action](https://github.com/cssnr/mirror-repository-action?tab=readme-ov-file#readme)
- [Update Version Tags Action](https://github.com/cssnr/update-version-tags-action?tab=readme-ov-file#readme)
- [Docker Tags Action](https://github.com/cssnr/docker-tags-action?tab=readme-ov-file#readme)
- [Update JSON Value Action](https://github.com/cssnr/update-json-value-action?tab=readme-ov-file#readme)
- [JSON Key Value Check Action](https://github.com/cssnr/json-key-value-check-action?tab=readme-ov-file#readme)
- [Parse Issue Form Action](https://github.com/cssnr/parse-issue-form-action?tab=readme-ov-file#readme)
- [Cloudflare Purge Cache Action](https://github.com/cssnr/cloudflare-purge-cache-action?tab=readme-ov-file#readme)
- [Mozilla Addon Update Action](https://github.com/cssnr/mozilla-addon-update-action?tab=readme-ov-file#readme)
- [Package Changelog Action](https://github.com/cssnr/package-changelog-action?tab=readme-ov-file#readme)
- [NPM Outdated Check Action](https://github.com/cssnr/npm-outdated-action?tab=readme-ov-file#readme)
- [Label Creator Action](https://github.com/cssnr/label-creator-action?tab=readme-ov-file#readme)
- [Algolia Crawler Action](https://github.com/cssnr/algolia-crawler-action?tab=readme-ov-file#readme)
- [Upload Release Action](https://github.com/cssnr/upload-release-action?tab=readme-ov-file#readme)
- [Check Build Action](https://github.com/cssnr/check-build-action?tab=readme-ov-file#readme)
- [Web Request Action](https://github.com/cssnr/web-request-action?tab=readme-ov-file#readme)
- [Get Commit Action](https://github.com/cssnr/get-commit-action?tab=readme-ov-file#readme)
❔ Unpublished Actions
These actions are not published on the Marketplace, but may be useful.
- [cssnr/create-files-action](https://github.com/cssnr/create-files-action?tab=readme-ov-file#readme) - Create various files from templates.
- [cssnr/draft-release-action](https://github.com/cssnr/draft-release-action?tab=readme-ov-file#readme) - Keep a draft release ready to publish.
- [cssnr/env-json-action](https://github.com/cssnr/env-json-action?tab=readme-ov-file#readme) - Convert env file to json or vice versa.
- [cssnr/push-artifacts-action](https://github.com/cssnr/push-artifacts-action?tab=readme-ov-file#readme) - Sync files to a remote host with rsync.
- [smashedr/update-release-notes-action](https://github.com/smashedr/update-release-notes-action?tab=readme-ov-file#readme) - Update release notes.
- [smashedr/combine-release-notes-action](https://github.com/smashedr/combine-release-notes-action?tab=readme-ov-file#readme) - Combine release notes.
---
📝 Template Actions
These are basic action templates that I use for creating new actions.
- [js-test-action](https://github.com/smashedr/js-test-action?tab=readme-ov-file#readme) - JavaScript
- [ts-test-action](https://github.com/smashedr/ts-test-action?tab=readme-ov-file#readme) - TypeScript
- [py-test-action](https://github.com/smashedr/py-test-action?tab=readme-ov-file#readme) - Python (Dockerfile)
- [docker-test-action](https://github.com/smashedr/docker-test-action?tab=readme-ov-file#readme) - Docker (Image)
Note: The `docker-test-action` builds, runs and pushes images to [GitHub Container Registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry).
---
For a full list of current projects visit: [https://cssnr.github.io/](https://cssnr.github.io/)