taze vs npm-check-updates vs npm-check: Dependency Update Checking in Node.js (2026)
·PkgPulse Team
TL;DR
taze is the modern dependency update checker — by Anthony Fu, supports monorepos, interactive mode, filters by major/minor/patch, works with pnpm/npm/yarn. npm-check-updates (ncu) is the classic updater — upgrades package.json versions, semver range filtering, extensive CLI options, the most widely used. npm-check is the interactive updater — shows unused deps, has a TUI for selecting updates, color-coded output. In 2026: taze for modern monorepo workflows, npm-check-updates for automated CI pipelines, npm-check for interactive dependency review.
Key Takeaways
- taze: ~200K weekly downloads — monorepo support, interactive, modern DX, by Anthony Fu
- npm-check-updates (ncu): ~2M weekly downloads — the standard, CI-friendly, extensive filters
- npm-check: ~500K weekly downloads — interactive TUI, unused dep detection, color output
- All three check for outdated dependencies and can update package.json
- taze has the best monorepo support (workspaces, recursive)
- npm-check-updates has the most filtering options (semver ranges, regex)
taze
taze — modern dependency checker:
CLI usage
# Check for updates:
npx taze
# Output:
# 2 dependencies updated
# vue 3.4.0 → 3.5.0 (minor)
# typescript 5.4.0 → 5.6.0 (minor)
# 1 devDependency updated
# vitest 2.0.0 → 2.1.0 (minor)
# Write changes to package.json:
npx taze -w
# Interactive mode — select which to update:
npx taze -I
# Filter by update type:
npx taze major # Only show major updates
npx taze minor # Only show minor updates
npx taze patch # Only show patch updates
Monorepo support
# Check all workspace packages:
npx taze -r
# Output:
# packages/app
# vue 3.4.0 → 3.5.0
# pinia 2.1.0 → 2.2.0
#
# packages/ui
# vue 3.4.0 → 3.5.0
# radix-vue 1.8.0 → 1.9.0
#
# packages/utils
# (all up to date)
# Write all workspace updates:
npx taze -r -w
# Interactive monorepo:
npx taze -r -I
Interactive mode
npx taze -I
# Interactive TUI:
# ┌ Select packages to update
# │
# │ ◻ vue 3.4.0 → 3.5.0 (minor)
# │ ◻ typescript 5.4.0 → 5.6.0 (minor)
# │ ◻ vitest 2.0.0 → 2.1.0 (minor)
# │ ◼ eslint 8.50.0 → 9.0.0 (major)
# │
# └ Space to toggle, Enter to confirm
Configuration
// taze.config.ts
import { defineConfig } from "taze"
export default defineConfig({
// Exclude specific packages:
exclude: [
"eslint", // Wait for ecosystem to catch up
"typescript", // Pin to specific version
],
// Package manager:
packageMode: {
"vue": "minor", // Only allow minor updates
"typescript": "patch", // Only allow patches
"/eslint/": "latest", // Regex pattern
},
// Monorepo:
recursive: true,
// Write mode:
write: false,
// Include:
depFields: {
dependencies: true,
devDependencies: true,
peerDependencies: false,
},
})
npm-check-updates (ncu)
npm-check-updates — the standard updater:
CLI usage
# Check for updates (doesn't modify anything):
npx ncu
# Output:
# Checking /Users/royce/project/package.json
# [====================] 15/15 100%
#
# vue ^3.4.0 → ^3.5.0
# typescript ~5.4.0 → ~5.6.0
# vitest ^2.0.0 → ^2.1.0
# eslint ^8.50.0 → ^9.0.0
#
# Run ncu -u to upgrade package.json
# Update package.json:
npx ncu -u
# Update and install:
npx ncu -u && npm install
Filtering
# Filter by package name:
npx ncu -f vue,typescript
npx ncu -f "/eslint/" # Regex
# Exclude packages:
npx ncu -x eslint,typescript
# Filter by update type:
npx ncu --target minor # Only minor updates
npx ncu --target patch # Only patches
npx ncu --target newest # Absolute newest (ignore ranges)
npx ncu --target greatest # Greatest version matching range
npx ncu --target semver # Respect semver ranges
# Filter by dependency type:
npx ncu --dep dev # Only devDependencies
npx ncu --dep prod # Only dependencies
npx ncu --dep dev,prod # Both
Interactive mode
npx ncu -i
# Interactive:
# ? Choose which packages to update
# ◯ vue ^3.4.0 → ^3.5.0 (minor)
# ◯ typescript ~5.4.0 → ~5.6.0 (minor)
# ◯ vitest ^2.0.0 → ^2.1.0 (minor)
# ◯ eslint ^8.50.0 → ^9.0.0 (MAJOR)
# Group by update type:
npx ncu -i --format group
CI integration
# Check if any updates available (exits with code 1 if outdated):
npx ncu --errorLevel 2
# Output as JSON:
npx ncu --jsonUpgraded
# → { "vue": "^3.5.0", "typescript": "~5.6.0" }
# Doctor mode — test each update:
npx ncu --doctor -u
# Updates one package at a time, runs tests after each
# Reverts if tests fail
# Peer dependencies:
npx ncu --peer
Configuration
// .ncurc.json
{
"upgrade": false,
"target": "minor",
"reject": ["eslint", "typescript"],
"dep": "dev,prod",
"format": ["group"],
"packageManager": "pnpm"
}
npm-check
npm-check — interactive dependency review:
CLI usage
# Check for updates with color-coded output:
npx npm-check
# Output:
# ❤️ vue MINOR 3.4.0 → 3.5.0
# ❤️ vitest MINOR 2.0.0 → 2.1.0
# ⚠️ eslint MAJOR 8.50.0 → 9.0.0
# 🔲 old-lib UNUSED? not imported anywhere
# Interactive update:
npx npm-check -u
# Skip unused check:
npx npm-check -s
Interactive update
npx npm-check -u
# Interactive TUI:
# ? Choose which packages to update.
#
# Minor Update New backwards-compatible features.
# ❯ ◯ vue 3.4.0 → 3.5.0 https://vuejs.org
# ◯ vitest 2.0.0 → 2.1.0 https://vitest.dev
#
# Major Update Potentially breaking API changes.
# ◯ eslint 8.50.0 → 9.0.0 https://eslint.org
#
# Non-Semver Versions less than 1.0.0
# ◯ beta-pkg 0.9.0 → 0.10.0
Unused dependency detection
npx npm-check
# Detects potentially unused packages:
# 🔲 lodash UNUSED? Could not find import or require
# 🔲 moment UNUSED? Could not find import or require
#
# Note: May have false positives for:
# - Config-only packages (eslint plugins)
# - Peer dependencies
# - Dynamically imported packages
Global packages
# Check global packages:
npx npm-check -g
# Update global packages interactively:
npx npm-check -g -u
Feature Comparison
| Feature | taze | npm-check-updates | npm-check |
|---|---|---|---|
| Check outdated | ✅ | ✅ | ✅ |
| Update package.json | ✅ (-w) | ✅ (-u) | ✅ (-u) |
| Interactive mode | ✅ (-I) | ✅ (-i) | ✅ (-u) |
| Monorepo/workspaces | ✅ (-r) | ✅ (--workspaces) | ❌ |
| Unused detection | ❌ | ❌ | ✅ |
| Doctor mode | ❌ | ✅ | ❌ |
| JSON output | ❌ | ✅ | ❌ |
| Regex filtering | ✅ | ✅ | ❌ |
| Config file | ✅ (taze.config.ts) | ✅ (.ncurc.json) | ❌ |
| Per-package mode | ✅ (packageMode) | ✅ (target) | ❌ |
| CI exit code | ❌ | ✅ (errorLevel) | ❌ |
| TypeScript config | ✅ | ❌ (JSON) | ❌ |
| Weekly downloads | ~200K | ~2M | ~500K |
When to Use Each
Use taze if:
- Working with monorepos (pnpm workspaces, npm workspaces)
- Want a modern interactive TUI
- Need per-package version mode control
- Prefer TypeScript configuration (taze.config.ts)
Use npm-check-updates if:
- Need CI integration (exit codes, JSON output)
- Want doctor mode (test each update individually)
- Need the most filtering options (regex, semver targets)
- Building automated update pipelines
Use npm-check if:
- Want to find unused dependencies
- Prefer a visual, color-coded overview
- Need interactive updates with package descriptions
- Want to audit global packages
Methodology
Download data from npm registry (weekly average, February 2026). Feature comparison based on taze v0.16.x, npm-check-updates v17.x, and npm-check v6.x.
Compare dependency management and developer tooling on PkgPulse →