Do you want to request a feature or report a bug?
Bug
What is the current behavior?
yarn upgrade
doesn't update package.json unless you go package by package yarn upgrade @angular
, and using yarn upgrade-interactive
puts a lot of responsibility on knowing exactly what package depend on what as our team found out when the version of codelyzer, tslint, zone.js, and typescript were updated beyond what Angular and Angular CLI required.
What is the expected behavior?
Package.json would have the version changes added.
Please mention your node.js, yarn and operating system version.
Yarn v0.22.0
Windows 10
Node 7.7.2
The documented behavior of yarn upgrade
is:
This command updates all dependencies to their latest version based on the version range specified in the package.json file.
So running a yarn upgrade
should not result in anything needing to change in your package.json
. The yarn.lock
file, on the other hand, should contain the newest versions of packages that fit the semver range in package.json.
yarn upgrade <package_name>
and yarn upgrade-interactive
on the other hand resolves to the newest release of packages, _ignoring_ the semver range in package.json
, so both the package.json and yarn.lock files would see updates if there were new versions of packages.
@rally25rs you are right @bestander we should close this.
For a decent workaround, see https://github.com/yarnpkg/yarn/issues/2042#issuecomment-269601927
For those of you like myself who were confused by @rally25rs comment:
yarn update <package_name>
andyarn upgrade-interactive
on the other hand resolves to the newest release of packages
There's a small typo on the first command, it's yarn upgrade
, not yarn update
:
yarn upgrade <package_name>
Otherwise, I can confirm that it works as expected!
oops, sorry for the confusion. NPM and Bower both have an update
command. I always forget that Yarn doesn't until I try it and it errors. I edited/corrected my previous comment.
yarn upgrade-interactive
does not update package.json
for me. Perhaps this is the desired behaviour and I misunderstand the documentation.
@MrHubble from the docs for upgrade
yarn upgrade
This command updates dependencies to their latest version based on the version range specified in the package.json file. The yarn.lock file will be recreated as well.
yarn upgrade --latest
The upgrade --latest command upgrades packages the same as the upgrade command, but ignores the version range specified in package.json. Instead, the version specified by the latest tag will be used (potentially upgrading the packages across major versions).
The package.json file will be updated to reflect the latest version range.
The same is true for upgrade-interactive
since it is basically just upgrade
with a UI.
Not updating the package.json file is the as-designed behavior since there is nothing to update. The version upgraded to will match the semver range specified in package.json.
Adding the --latest
flag will ignore the semver range in package.json, so the version upgraded to may not fit that range, so the package.json file is updated to reflect the new latest version.
Hope that makes sense. There was a discussion thread in an issue somewhere about a feature request to still update package.json to whatever new version is installed no matter what, but that has not been implemented yet.
I want to update a package from 1.0.10 to last version (1.0.13).
yarn upgrade mypackage
does not update my package.json.
I guess I'm still going with this dirty workaround: delete line in package.json and yarn add
¯\_(ツ)_/¯
what does yarn add [email protected]
say?
On 8 November 2017 at 09:58, Maxime Vasse notifications@github.com wrote:
I want to update a package from 1.0.10 to last version (1.0.13).
yarn upgrade mypackage does not update my package.json.I guess I'm still going with this dirty workaround: delete line in
package.json and yarn add ¯_(ツ)_/¯—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
https://github.com/yarnpkg/yarn/issues/3266#issuecomment-342901396, or mute
the thread
https://github.com/notifications/unsubscribe-auth/ACBdWKTYVK64ZDcH2xqQ-QQwImEcw_cCks5s0evEgaJpZM4NJvLj
.
what does
yarn add [email protected]
say?
This works!
I juste tried yarn add mypackage@latest
, which is working as well.
Still don't know why yarn upgrade
does not work here, but if yarn add
does, this is cool! 😄
Thank you very much @bestander!
@webdif yarn upgrade [email protected]
seemed to work for me. It updated both yarn.lock and package.json.
yarn upgrade --latest
still doesn't seem to have the intended effect for us with yarn 1.9.4
. I.e. it doesn't upgrade major versions neither in yarn.lock
nor in package.json
.
If I run yarn upgrade-interactive --latest
afterwards however, that does correctly detect the upgrades. But we would like to upgrade all packages automatically without interactive prompt (in a CI).
best solution
install global package
npm i -g npm-check-updates
in your project dir
ncu -u
yarn install
This helped me: https://www.npmjs.com/package/syncyarnlock
$ yarn upgrade-interactive && syncyarnlock
This is a modified version of @harlantwood 's comment here using npx
npx npm-check-updates --upgrade --upgradeAll && yarn upgrade
I do following to update package.json:
yarn global add syncyarnlock // install syncyarnlock globally
yarn upgrade // update dependencies, updates yarn.lock
syncyarnlock -s -k // updates package.json with versions installed from yarn.lock
yarn install // updates yarn.lock with current version constraint from package.json
If this is still giving anyone troubles the comment from homerjam and cpxPratik made reference to this: https://www.npmjs.com/package/syncyarnlock
It solved the issue for me in ten minutes.
hey *nix guys, what about this:
jq '.dependencies | keys | .[]' package.json | xargs yarn add
jq '.devDependencies | keys | .[]' package.json | xargs yarn add --dev
Just using " yarn upgrade-interactive " works for me! yarn vesion: 1.7.0
Using yarn upgrade-interactive
with yarn version 1.13.0
is _NOT_ upgrading the package.json
for me, and the reason I'm using upgrade-interactive is because I'm doing selective upgrades, so upgrade-alls isn't an option for me.
I can't understand what upgrade command do,
because i could only upgrade express using:
yarn add express@latest
@felipe-coelho you could also use the --latest
flag: yarn upgrade express --latest
but the @latest
specification also works.
Without latest
it gets the newest version that still fits the version range specified in pacakge.json
. With latest
it ignores the range specified in package.json
and gets the newest version according to the registry.
I found a solution.
At first I tried all the possible combinations of yarn upgrade without any results.
Reading the documentation from npm, found the following:
MAJOR version for when there are incompatible API changes (Ex * or x)
MINOR version for when functionality is added in a backwards compatible manner (Ex 1 or 1.x or ^1.0.4)
PATCH version for when backwards compatible bug fixes are done (Ex 1.0 or 1.0.x or ~1.0.4)
Notice the package version is prefixed with '^' (example: "@angular/material": "^8.1.1"), meaning only minor version upgrades will be applied.
I changed the packages from prefix '^' to '' (example: "@angular/material": "8.1.1"), and then after running the yarn command:
yarn install
yarn upgrade --latest
yarn install is required after modifying the package.json. The lock file needs to be updated by running the command -> yarn install
The result was the packages upgraded to the latest version at the time -> "@angular/material": "8.2.3".
I hope this helps.
@rubensurf - When you have a large monorepo (e.g. Lerna), you absolutely do not want to go that route.
If you have multiple dependencies, several of which have MAJOR version changes, you can end up spending a LOT of time tracking down root breaking changes that have _broken_ your app (i.e. things in your app that broke _because_ a dependency had a MAJOR version change).
My workflow is to regularly run yarn upgrade-interactive --latest
, select all the PATCH and MINOR dependency changes, then apply them and run all my tests (i.e. verify there were no breaking changes). If our sprint has the time to deal with potential breaking changes, then and only then do I run yarn upgrade-interactive --latest
and select a single MAJOR dependency change to update, then I re-run all my tests. This means that I _know_ which MAJOR change has an impact on my repo, because I only change one of them at a time. I could absolutely do that from a more simplistic yarn add package@^new.version
, but to be honest the yarn upgrade-interactive
provides a very useful overview (particularly when run from a mono-repo that depends on multiple dependencies from other mono-repos that must be kept in sync). I genuinely appreciate that overview when making such updates!
The only problem is that yarn upgrade-interactive --latest
_doesn't_ automatically update the package.json when there is a update, which can lead to other problems, because the package.json no longer accurately represents the _current_ dependency's versions.
Most helpful comment
This works!
I juste tried
yarn add mypackage@latest
, which is working as well.Still don't know why
yarn upgrade
does not work here, but ifyarn add
does, this is cool! 😄Thank you very much @bestander!