CommandBox does more than help you install packages. It also helps you keep them up to date as well. Remember, you can always get a quick list of all the dependencies installed your app with the list
command.
To check and see if any of your installed packages can be updated to a newer version, run the update
command.
Entering "yes" will install the newest version of the package. Use the --force flag to automatically answer "yes". It is also possible to get a list of outdated dependencies without the prompt to update them with the outdated
command.
If you are using a ForgeBox package, the update
command will comply with the semantic versioning range you specify. For example, if you have a dependency installed with a version saved of ^2.0.0
it will update you all the way to 2.9.9
but it will never install 3.0.0
until you ask it to. This is because breaking changes come in major versions, but minor releases are supposed to be compatible.
The way CommandBox determines whether there is a new version of a package differs based on the endpoint that installed the package. Versions are always treated as a semantic version (Major.Minor.Patch).
ForgeBox - The ForgeBox REST API is used to get the latest package version.
HTTP(S) - Package is always considered outdated, and re-downloaded.
File - The box.json's version is used from the zip. If box.json doesn't exist, the package is always considered outdated.
Folder - The box.json's version is used from the folder. If box.json doesn't exist, the package is always considered outdated.
Git - Package is always considered outdated, and re-cloned.
If you want to integrate your package updates with an external process, you can get this data back as JSON so it can be parsed and used by another system.