comparison · verified 2026-07-09
inup vs taze
taze is the closest tool to inup in spirit: modern, monorepo-first, and one of the very few upgraders that handles pnpm catalogs properly — including named catalogs. The differences are in what happens inside the interactive session and around it.
| Feature | inup | taze |
|---|---|---|
| One tool for npm, yarn, pnpm & bun | ||
| Interactive upgrade UI | ||
| Monorepos & workspaces | ||
| Vulnerability audit in the picker | ||
| Changelogs in the terminal | ||
| Search & dep-type toggles in the UI | ||
| pnpm catalogs, comments preserved | ||
| CI gate + JSON report | ||
| GitHub Action included | ||
| Actively maintained (2026) | ||
| Cooldown / publish-age delay | ||
| Per-package upgrade rules | ||
| Config file with typed defineConfig | ||
| Programmatic API |
Where inup is stronger
- Context inside the picker. Vulnerability audit (
s) with advisories cross-referenced against upgrade targets, changelogs (i), search (/), and live dependency-type toggles. taze's interactive mode selects versions; inup's helps you decide. - CI & automation surface. A guaranteed-read-only
--checkgate, a versioned JSON schema for scripts and agents, and a GitHub Action that maintains one rolling upgrade PR.
Where taze is stronger — use it if you need these
- Per-package update policy. taze's
packageModemaps exact names or regexes to major/minor/patch/ignore — “majors for typescript, minors for all@types/*”. inup's config can only ignore or exclude packages. - Typed configuration.
taze.config.tswithdefineConfig, shared across runs and CI. - A programmatic API (
CheckPackages()).
Honest verdict: if you want codified per-package update policy, taze wins today. If you want the richest interactive session — audit, changelogs and search while you pick — inup wins. Both respect your pnpm-workspace.yaml.
Try it in any project: npx inup
Frequently asked questions
What is the main difference between inup and taze?
Both are modern, monorepo-first interactive upgraders with pnpm catalog support. inup adds a vulnerability audit, changelog viewer and search inside the picker, plus a CI gate, JSON report and GitHub Action; taze offers per-package update rules and a typed config file.
Can taze show vulnerabilities or changelogs while picking upgrades?
No. taze selects versions interactively but has no built-in audit or changelog viewer. inup shows both without leaving the terminal.
When should I choose taze over inup?
When you want codified per-package update policy: taze.config.ts with packageMode maps package names or regexes to major/minor/patch/ignore. inup config currently supports only ignore and exclude.
Sources: taze documentation, inup source. Verified 2026-07-09. Also see inup vs npm-check-updates and inup vs npm-check.