Feature request - last update date of a package

[emish89]

Hi guys,
from my point of view can be very useful to see when was the last update date of a package. In this way, you can find potentially abandoned or deprecated dependencies.
The age is a data that I think can be exposed by NCU and I will be pleased to try to help to add it.
Can you give me some info on where start to check?

Thanks a lot for the help and for this fantastic package!

[raineorshine]

Hi, thanks for the proposal. The --format option would be a great place for this feature, as it allows additional information to be added to the output.

Take a look at how the "repo" format adds information to the output table:

npm-check-updates/lib/logging.js

Lines 88 to 91 in 419d286

	const repoUrl = format.includes('repo')
	? getRepoUrl(dep) || ''
	: ''
	return [dep, from, '→', toColorized, ownerChanged, repoUrl]

Ideally you should get the time along with the upgraded version rather than making a separate request. This happens in https://github.com/raineorshine/npm-check-updates/blob/main/lib/package-managers/npm.js. Unfortunately there is not an existing mechanism to return the time along with the version; the function signature currently only returns the version number.

The other complication is that ncu currently supports five different targets. I'm guessing latest (default) is the desired target for you, and you could just implement for latest and ignore the other targets if you wanted. The possible targets are latest, newest, greatest, minor, and patch (represented by individual functions in package-managers/npm.js). Accessing the time of the upgraded version may vary slightly between the different target getters. e.g. newest already requests the time, but latest gets the version published on the latest tag directly.

[Nettsentrisk]

It would be great to be able to target versions of packages that have existed for X amount of time, or since X date. If you would like to update versions that aren't the bleeding edge but have been used for a good amount of time, then you would want some kind of option like this.

[raineorshine]

@Nettsentrisk I think that would be a useful feature. That issue is being tracked in #833.

[srmagura]

@raineorshine Do you think this would be a useful feature? I'm not sure.

OP (@emish89) said they thought this would be useful to find abandoned packages, but only packages with updates available will appear in the npm-check-updates output. And, if a package is abandoned, there is a good chance you are already on the latest version.

Maybe there is another use case where the publish date would be useful? Or maybe we should just close this and work on #833 instead?

[raineorshine]

They are two separate features.

This issue is for a new --format option that shows the publish date.

#833 is for filtering by publish date.

Both features are natural additions to npm-check-updates. Just need a motivated individual to make a PR. However, I agree that npm-check-updates is not the ideal tool to identify abandoned packages.