How To Perform Yarn Upgrades To The Latest Version

How To Perform Yarn Upgrades To The Latest Version
Table of Contents

Yarn is a popular package manager that lets you reliably install JavaScript packages with consistent results. Performing Yarn upgrades provides you with its most up-to-date dependency management capabilities and takes your development experience to the next level.

Let’s start by talking about how Yarn ensures that an installation that works in one development environment will work in the same manner in another environment.

How Yarn handles dependency versioning

Yarn writes all the dependencies of a project to a file called package.json, which is found at the root of the project’s working directory. It also saves the dependency files into the node_modules folder if using Yarn v1. Note that if you’re using Yarn v2, it’s not necessary to install node_modules. 

In the package.json file, each dependency is versioned based on the semantic versioning (SemVer) scheme. This versioning system reflects the types of changes in every updated version of a dependency, like a bug fix or a new feature.

Before updating any Yarn dependencies, you can check their current version in the file.

Here is an example of a package.json file that specifies the name and version ranges of dependencies (notice that the version ranges are specified using operators):

{
  "dependencies": {
    "package-one": ">=4.0.0 <7.1.4",
    "package-two": "^2.6.2",
    "package-three": "~5.4.3"
  }
}

Yarn also provides an autogenerated file called yarn.lock, which contains the entries of the exact versions of all dependencies (including transitive) that are used by the project — after determining semantic versioning constraints stipulated in the package.json file.

The purpose of the lock file is to “lock”, as its name suggests, the dependencies to their specific versions during installation. It ensures that each installation of a dependency leads to the exact similar file structure in node_modules across all environments.

Since new package versions are usually released frequently, your code can break if it is not compatible with the newest versions of certain dependencies. Therefore, the ability to lock dependencies to a fixed version is an exciting Yarn feature that means you can be assured of getting the exact same dependencies installed every time.

How to install Yarn

Prerequisites:

Before installing Yarn, you need to ensure the Node.js JavaScript runtime environment is installed on your system. If you do not have it installed, you can download it from its official website

After installing Node.js, you can run the following command on the terminal to verify if it exists on your system:

node –version

or (shortened method):

node -v

Node.js is a prerequisite for installing Yarn because the package manager is written in Node.js and needs it as a runtime.

Installation:

If you want to install Yarn using npm, you can simply run the following command on the terminal:

npm install -g yarn

The above command installs Yarn globally on your system — because of the g (global) flag. 

Although Yarn is available as an npm package, the Yarn core team does not recommend the npm installation approach. Other system-specific methods for installing it are listed here

For example, on macOS, you can use the Homebrew package manager to install it.

Here is the command to run:

brew install yarn

Each operating system comes with its own package manager that will make the process of installing Yarn fast and smooth. 

Whichever the method you use, after a successful installation, the yarn command will be available on your system.

How to check your Yarn version

After installing Yarn, you can run the following command to check its version:

yarn –version

How to add Yarn dependencies

To include a new package into your project, Yarn lets you add it as a dependency. 

Here is the command to use:

yarn add [package-name]

For example, if you want to add a package called lodash, you can run the following command:

yarn add lodash

The above command will also automatically update the package.json file and the yarn.lock file with details of the installed dependency. This way any developer working on this project when using yarn will get the same dependencies. 

If you want to add a package globally, run the following command:

yarn global add [package-name]

If you want to use a specific version of a package, you can run this command:

yarn add [package-name]@[version]

On the other hand, if your package.json file already contains a list of dependencies, but the packages have not been added yet, you can run this command:

yarn

or

yarn install

How to update Yarn dependencies

To update Yarn dependencies use any of the following commands:

yarn upgrade

yarn upgrade [package-name]

yarn upgrade [package-name]@[version]

If you do not specify a package name, all of the project’s dependencies will be upgraded to their latest patching versions based on the version range stipulated in the package.json file, and the yarn.lock file will also be recreated. Otherwise, if a package name is specified, Yarn will only update the stated packages.

If you want the stipulated version ranges in package.json to be ignored when updating packages, you can use the upgrade –latest command, instead of the upgrade command.

This way, the version indicated by the latest tag will be used, which allows updating of all of the packages even across major versions. As a result, the package.json file will be modified to be in sync with the latest version range. 

Here are examples:

yarn upgrade –latest

yarn upgrade lodash –latest

If you want to display the outdated packages before choosing the ones to update, you can use the upgrade-interactive command. 

With this command, you can select which packages to update rather than blindly updating all of them. Yarn will keep to the version ranges specified in package.json when settling on the dependency version to update to.

Here is how to run the command:

yarn upgrade-interactive

Updating Yarn dependencies automatically

While the above Yarn update dependencies methods allow you to upgrade to the latest package versions, which can greatly improve your development experience, they are time-consuming, tedious, and difficult to keep track of.

Instead of trying to perform Yarn upgrades manually, you can use the Mend Renovate tool. Mend Renovate helps you automate dependency updates using pull requests, so that you can stop worrying about outdated dependencies. 

Renovate will help you to save time and reduce the risks of trying to upgrade your packages manually.

Recent resources

What is LDAP Injection? Types, Examples and How to Prevent It

Learn what LDAP Injection is, its types, examples, and how to prevent it. Secure your applications against LDAP attacks.

Read more

How to Use Dependency Injection in Java: Tutorial with Examples

Learn how to use Dependency Injection in Java with this comprehensive tutorial. Discover its benefits, types, and practical examples.

Read more

Idempotency: The Microservices Architect’s Shield Against Chaos

Discover the power of idempotency in microservices architecture. Learn how to maintain data consistency and predictability.

Read more