Managing packages with Yarn
I need to update old dependencies because of security reasons in a project, that uses Yarn and I would like to know the best way to do this. I have used yarn add package-name@latest and yarn upgrade package-name@latest with the same result. The old version package definition remains. Is that acceptable? Since I have to update the old version for security, I think the old version should be removed. Is there a command that updates a package to a specific version and removes the old package definition?
The situation you are describing should only arise if you also have transitive dependencies that come from other dependencies.
So you may have another package that depends on acorn in a lower version.
If this is not the case I would try:
yarn upgrade package-name --latest
To update all packages to the latest versions, I recommend:
yarn upgrade-interactive --latest
- Why is WSL extremely slow when compared with native Windows NPM/Yarn processing?
- How to Use Yarn Version command to update to released version from prerelease version
- Change package manager in Expo
- Yarn - There appears to be trouble with your network connection. Retrying
- NestJS Application, `Cannot find module "express"` when installing dependencies in production mode with pnpm
- Why does Yarn fail with "no candidates found" errors?
- error An unexpected error occurred: "EPERM: operation not permitted, unlink 'path_to_project\\node_modules\\prisma\\query_engine-windows.dll.node'
- Node corepack is ignoring packageManager and won't let me set yarn version
- punycode is deprecated in npm - what should I replace it with?
- yarn build - error Command failed with exit code 137 - Bitbucket Pipelines out of memory - Using max memory 8192mb
- Why do I get this error: Couldn't find the node_modules state file - running an install might help (findPackageLocation)?
- npm ERR! Unsupported URL Type "workspace:": workspace:*
- Github actions, 401 unauthorized when installing a Github Package with npm or yarn
- React Native App with Expo - QR code not loading
- yarn dlx not found. Why?! How to run yarn dlx command?
- NPM always uses AWS Codeartifact
- How can I run a yarn app/How to run a yarn dev server?
- Yarn - How do I update each dependency in package.json to the latest version?
- How to use Google Cloud Build with Yarn 2+
- Error when installing Bootstrap with yarn in symfony Project
- Problem with Django and Python (the current path api/ did not match of these)
- Why there isn't any file and folder except 'node_modules' and 'package.json' anymore when creating a project with 'npx create-react-app' command?
- Should I commit the yarn.lock file and what is it for?
- Node js server not showing changes to files even after restart
- How can I get cordova to use yarn js instead of npm for adding plugins
- GitLab CI Pipeline Job gives error JavaScript heap out of memory
- Installing private package from Github Package registry using Yarn fails with not authorized
- How to disable auto-setting of `packageManager` when corepack is enabled
- Yarn package manager: install dependencies from private Bitbucket repository
- Issues Installing Package from Private Azure DevOps Registry with Yarn