You can use [Gemnasium][0] too, to get email notifications when new versions of things you depend upon have been released.
I'd say you have to update once in a while or if you run into walls because of bugs that have been fixed in later releases. Other than that I feel like being obsessed with updating your dependencies is a waste of time for little gain, because Node-folk update their packages pretty frequently..
[0]: https://gemnasium.com/
Thanks for your input Nico. Actually, that's pretty much what I've been doing, and what I believe mostly everyone is doing : only updating in case I need to use new features.
It's always good to have someone else point of view though.
For what is worth, Gemnasium just emailed me about a new feature where they seemingly have a CLI that auto-updates deps in your projects granted that your tests pass after the update... May be another approach