I can run an interactive upgrade tool that is bundled with yarn that gives me the option to pick all versions I want to bump to latest.# upgrade packages that start with "react-" There is a simple command to also update the package.json when upgrading packages through the terminal with yarn. So next time you install this project you will get version 7.3.1 because that is the "locked" one even though it has a lower version in the package.json. Because the lock file is the only one that matters it doesn't make any difference in practice.
This is where yarn upgrade and npm update differ, the first only updates the lock file while the latter updates both the lock file and package.json. It's actually what is set in the yarn.lock that is the "truth" because the project should be locked to these exact versions. As mentioned above this is all by design and okay because it's not a MAJOR version bump, and they are both equivalent. This means that yarn.lock can actually have a version of 7.3.1 of a package while package.json has it set to ^7.2.0. The yarn.lock is a huge file that contains the complete dependency tree of all currently installed packages in your project. On the other hand eslint-plugin-react-hooks is multiple versions behind the latest but the wanted version is still the current one. If you want to dig deeper into the prepending you can read more here.Īs you see in the above image eslint is currently on 7.2.0 and the wanted version is 7.3.1. So in this case version ^7.2.0 can be upgraded to 7.3.1 but not to 8.0.0 for example. Npm packages are using Semantic Versioning (semver) so a MAJOR version is a bump that is changing the first number of the version. This means that we can upgrade to all upcoming versions of that package as long as it is not a MAJOR update. Before presenting a solution let's explain a bit why it works like this.Īs default when you install an npm package with yarn add the version of that package in package.json is prepended with a caret, like ^7.2.0. This is usually not a big problem because you have a file called yarn.lock in your root directory that keeps track of all your installed versions but if you are a perfectionist like me, you also want the package.json file to reflect what versions used in the project.
Something that those coming from using npm update finds out is that the yarn equivalent doesn't update the package.json with the new versions. It updates all packages to their latest backwards-compatible version. Updating dependencies in an npm project is pretty straight forward and easy to do with the command yarn upgrade.
0 kommentar(er)
