npm `wanted` vs `latest`

Question

I use npm to install some command line tools. Having the itch to always be up to date, I found the command npm -g outdated.

What is the difference between the columns wanted and latest?

The documentation states:

The resulting field 'wanted' shows the latest version according to the version specified in the package.json, the field 'latest' the very latest version of the package.

However I don't find it clear at all. For example on my system I get:

Package  Current  Wanted  Latest  Location
cordova    5.3.1   5.3.3   5.3.1  lib
npm        3.3.4   3.3.4   3.3.3  lib

How can wanted be higher than latest? It seems to contradict:

the field 'latest' the very latest version of the package

Which version should I update to (I only use the command-line, not any node.js code)?

Answer 1

The wanted field makes no sense in the context of a --global run as there is no package.json to define which version you require.

Which version should I update to (I only use the command-line, not any node.js code)?

The latest version seems as a good choice if you like to live on the edge.

The wanted column seems like a bug, it is reported in github many times.

Update (after checking source)

The documentations seems a bit misleading so lets clarify:

The resulting field 'wanted' shows the latest version according to the version specified in the package.json...

As there is no global package.json, the version constrain used is '*' (set here).

Then the wanted version is the latest version of the package according to semver.

the field 'latest' the very latest version of the package.

Thats not true, what you get is the dist-tag "latest", that usually matches the latest version (see here). There are some packages that uses those tags to manage what get shown (like npm).

Which version should I update to (I only use the command-line, not any node.js code)?

It seems that the edge is wanted.

Answer 2

Update:

On my machine currently npm -g outdated shows:

Package         Current  Wanted  Latest  Location
babel-cli        6.1.18   6.2.0   6.2.0
generator-rise    1.7.0   2.1.0   2.1.0
npm               3.3.6   3.5.0   3.4.1

The version 3.5.0 exists as a release on github but has not yet been published to npm. So it is somehow getting picked up from there but glossing over the npm source I couldn't find any evidence to support this argument.

---

From the official documentation:

The resulting field 'wanted' shows the latest version according to the version specified in the package.json, the field 'latest' the very latest version of the package.

To elaborate:

npm allows you to specify a range of versions in your package.json, examples are available here. The maximum version that can be accommodated in the specified range is the wanted column.

This may be different from the version installed (if at all) because package.json may have changed in the meanwhile, or the author may have pushed a new minor release in between.

Answer 3

Considering your example, [email protected] is marked as “wanted”, but “latest” is [email protected] because npm uses dist-tags to manage its latest and next release channels.

npm update will install the newest version, but npm install cordova (with no semver range) will install whatever’s tagged as latest.

link to documentation