Updating Packages
CommandBox does more than help yo install packages. It also helps you keep them up to date as well. Remember, you can always get a quick list of all the dependencies installed your app with the list command.
CommandBox> listDependency Hierarchy myApp (1.0.0)├── coldbox (4.2.0)└─┬ cbvalidation (1.0.0)└── cbi18n (1.0.0)
To check and see if any of your installed packages can be updated to a newer version, run the update command.
CommandBox> updateResolving Dependencies, please wait...Found (1) Outdated Dependency* cbvalidation (1.0.0) ─> new version: 1.0.3Would you like to update the dependency? (yes/no) :
Entering "yes" will install the newest version of the package. It is also possible to get a list of outdated dependencies without the prompt to update them with the outdated command.
outdated
If you are using a ForgeBox package, the update command will comply with the semantic versioning range you specify. For example, if you have a dependency installed with a version saved of ^2.0.0 it will update you all the way to 2.9.9 but it will never install 3.0.0 until you ask it to. This is because breaking changes come in major versions, but minor releases are supposed to be compatible.
The way CommandBox determines whether there is a new version of a package differs based on the endpoint that installed the package. Versions are always treated as a semantic version (Major.Minor.Patch).
ForgeBox - The ForgeBox REST API is used to get the latest package version.
HTTP(S) - Package is always considered outdated, and re-downloaded.
File - The box.json's version is used from the zip. If box.json doesn't exist, the package is always considered outdated.
Folder - The box.json's version is used from the folder. If box.json doesn't exist, the package is always considered outdated.
Git - Package is always considered outdated, and re-cloned.
If you want to integrate your package updates with an external process, you can get this data back as JSON so it can be parsed and used by another system.
CommandBox> outdated --JSONResolving Dependencies, please wait...[{"SHORTDESCRIPTION":"This module provides server side validation to ColdBox applications","VERSION":"1.0.0","SLUG":"cbvalidation","NAME":"ColdBox Validation","DEV":false,"NEWVERSION":"1.0.3","PACKAGEVERSION":"1.0.0"}]