You can clone with
HTTPS or Subversion.
npm outdated reports which versions can be updated. However, when an exact version is provided as a dependency, npm outdated will never show that it can be updated.
How it should work:
/* package.json */
$ npm upgradeable
firstname.lastname@example.org node_modules\semver current=1.1.1
In my mind, this should also report if a version has a major bump. If I have an X@1.2 and there is an X@2.0, this should report X@2.0, regardless of the range I have package.json. Essentially, this should provide information to the user so they can see what packages can be upgraded to the latest, and decide if they want to change package.json to use a newer version.
@bryanburgers not an npm solution but you can use alanshaw/david to achieve this.
The recent updates to npm outdated have actually added this feature; we now show current, wanted, and latest.