Use bun outdated to check for outdated dependencies in your project. This command displays a table of dependencies that have newer versions available.
| Package | Current | Update | Latest |
| ------------------------------ | ------- | --------- | ---------- |
| @sinclair/typebox | 0.34.15 | 0.34.16 | 0.34.16 |
| @types/bun (dev) | 1.2.0 | 1.2.23 | 1.2.23 |
| eslint (dev) | 8.57.1 | 8.57.1 | 9.20.0 |
| eslint-plugin-security (dev) | 2.1.1 | 2.1.1 | 3.0.1 |
| eslint-plugin-sonarjs (dev) | 0.23.0 | 0.23.0 | 3.0.1 |
| expect-type (dev) | 0.16.0 | 0.16.0 | 1.1.0 |
| prettier (dev) | 3.4.2 | 3.5.0 | 3.5.0 |
| tsup (dev) | 8.3.5 | 8.3.6 | 8.3.6 |
| typescript (dev) | 5.7.2 | 5.7.3 | 5.7.3 |
The output table shows three version columns:
- Current: The version currently installed
- Update: The latest version that satisfies your package.json version range
- Latest: The latest version published to the registry
Dependency Filters
bun outdated supports searching for outdated dependencies by package names and glob patterns.
To check if specific dependencies are outdated, pass the package names as positional arguments:
bun outdated eslint-plugin-security eslint-plugin-sonarjs
| Package | Current | Update | Latest |
| ------------------------------ | ------- | ------ | --------- |
| eslint-plugin-security (dev) | 2.1.1 | 2.1.1 | 3.0.1 |
| eslint-plugin-sonarjs (dev) | 0.23.0 | 0.23.0 | 3.0.1 |
You can also pass glob patterns to check for outdated packages:
| Package | Current | Update | Latest |
| ------------------------------ | ------- | ------ | ---------- |
| eslint (dev) | 8.57.1 | 8.57.1 | 9.20.0 |
| eslint-plugin-security (dev) | 2.1.1 | 2.1.1 | 3.0.1 |
| eslint-plugin-sonarjs (dev) | 0.23.0 | 0.23.0 | 3.0.1 |
For example, to check for outdated @types/* packages:
| Package | Current | Update | Latest |
| ------------------ | ------- | ------ | ------ |
| @types/bun (dev) | 1.2.0 | 1.2.23 | 1.2.23 |
Or to exclude all @types/* packages:
| Package | Current | Update | Latest |
| ------------------------------ | ------- | --------- | ---------- |
| @sinclair/typebox | 0.34.15 | 0.34.16 | 0.34.16 |
| eslint (dev) | 8.57.1 | 8.57.1 | 9.20.0 |
| eslint-plugin-security (dev) | 2.1.1 | 2.1.1 | 3.0.1 |
| eslint-plugin-sonarjs (dev) | 0.23.0 | 0.23.0 | 3.0.1 |
| expect-type (dev) | 0.16.0 | 0.16.0 | 1.1.0 |
| prettier (dev) | 3.4.2 | 3.5.0 | 3.5.0 |
| tsup (dev) | 8.3.5 | 8.3.6 | 8.3.6 |
| typescript (dev) | 5.7.2 | 5.7.3 | 5.7.3 |
Workspace Filters
Use the --filter flag to check for outdated dependencies in a different workspace package:
bun outdated --filter='@monorepo/types'
| Package | Current | Update | Latest |
| ------------------ | ------- | ------ | ------ |
| tsup (dev) | 8.3.5 | 8.3.6 | 8.3.6 |
| typescript (dev) | 5.7.2 | 5.7.3 | 5.7.3 |
You can pass multiple --filter flags to check multiple workspaces:
bun outdated --filter @monorepo/types --filter @monorepo/cli
| Package | Current | Update | Latest |
| ------------------------------ | ------- | ------ | ---------- |
| eslint (dev) | 8.57.1 | 8.57.1 | 9.20.0 |
| eslint-plugin-security (dev) | 2.1.1 | 2.1.1 | 3.0.1 |
| eslint-plugin-sonarjs (dev) | 0.23.0 | 0.23.0 | 3.0.1 |
| expect-type (dev) | 0.16.0 | 0.16.0 | 1.1.0 |
| tsup (dev) | 8.3.5 | 8.3.6 | 8.3.6 |
| typescript (dev) | 5.7.2 | 5.7.3 | 5.7.3 |
You can also pass glob patterns to filter by workspace names:
bun outdated --filter='@monorepo/{types,cli}'
| Package | Current | Update | Latest |
| ------------------------------ | ------- | ------ | ---------- |
| eslint (dev) | 8.57.1 | 8.57.1 | 9.20.0 |
| eslint-plugin-security (dev) | 2.1.1 | 2.1.1 | 3.0.1 |
| eslint-plugin-sonarjs (dev) | 0.23.0 | 0.23.0 | 3.0.1 |
| expect-type (dev) | 0.16.0 | 0.16.0 | 1.1.0 |
| tsup (dev) | 8.3.5 | 8.3.6 | 8.3.6 |
| typescript (dev) | 5.7.2 | 5.7.3 | 5.7.3 |
Catalog Dependencies
bun outdated supports checking catalog dependencies defined inpackage.json:
┌────────────────────┬─────────┬─────────┬─────────┬────────────────────────────────┐
│ Package │ Current │ Update │ Latest │ Workspace │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ body-parser │ 1.19.0 │ 1.19.0 │ 2.2.0 │ @test/shared │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ cors │ 2.8.0 │ 2.8.0 │ 2.8.5 │ @test/shared │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ chalk │ 4.0.0 │ 4.0.0 │ 5.6.2 │ @test/utils │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ uuid │ 8.0.0 │ 8.0.0 │ 13.0.0 │ @test/utils │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ axios │ 0.21.0 │ 0.21.0 │ 1.12.2 │ catalog (@test/app) │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ lodash │ 4.17.15 │ 4.17.15 │ 4.17.21 │ catalog (@test/app, @test/app) │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ react │ 17.0.0 │ 17.0.0 │ 19.1.1 │ catalog (@test/app) │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ react-dom │ 17.0.0 │ 17.0.0 │ 19.1.1 │ catalog (@test/app) │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ express │ 4.17.0 │ 4.17.0 │ 5.1.0 │ catalog (@test/shared) │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ moment │ 2.24.0 │ 2.24.0 │ 2.30.1 │ catalog (@test/utils) │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ @types/node (dev) │ 14.0.0 │ 14.0.0 │ 24.5.2 │ @test/shared │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ @types/react (dev) │ 17.0.0 │ 17.0.0 │ 19.1.15 │ catalog:testing (@test/app) │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ eslint (dev) │ 7.0.0 │ 7.0.0 │ 9.36.0 │ catalog:testing (@test/app) │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ typescript (dev) │ 4.9.5 │ 4.9.5 │ 5.9.2 │ catalog:build (@test/app) │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ jest (dev) │ 26.0.0 │ 26.0.0 │ 30.2.0 │ catalog:testing (@test/shared) │
├────────────────────┼─────────┼─────────┼─────────┼────────────────────────────────┤
│ prettier (dev) │ 2.0.0 │ 2.0.0 │ 3.6.2 │ catalog:build (@test/utils) │
└────────────────────┴─────────┴─────────┴─────────┴────────────────────────────────┘
CLI Usage
General Options
Specify path to config file (bunfig.toml)
Display outdated dependencies for each matching workspace
Output & Logging
Excessively verbose logging
Dependency Scope & Target
Don’t install devDependencies
Exclude dev, optional, or peer dependencies from install
Lockfile & Package.json
Write a yarn.lock file (yarn v1)
Don’t update package.json or save a lockfile
Save to package.json (true by default)
Disallow changes to lockfile
Save a text-based lockfile
Generate a lockfile without installing dependencies
Add to trustedDependencies in the project’s package.json and install the
package(s)
Network & Registry
Provide a Certificate Authority signing certificate
Same as —ca, but as a file path to the certificate
Use a specific registry by default, overriding .npmrc, bunfig.toml and
environment variables
Maximum number of concurrent network requests (default 48)
Caching
Store & load cached data from a specific directory path
Ignore manifest cache entirely
Execution Behavior
Always request the latest versions from the registry & reinstall all dependencies
Skip verifying integrity of newly downloaded packages
Skip lifecycle scripts in the project’s package.json (dependency scripts are never
run)
--backend
string
default:"clonefile"
Platform-specific optimizations for installing dependencies. Possible values:
clonefile (default), hardlink, symlink,
copyfile
Maximum number of concurrent jobs for lifecycle scripts (default 5)