Shotgun upgrade your npm dependencies with yarn upgrade --latest

Every now and then I do a quick checkup of a project's npm dependencies. I like to keep them up to date by often doing small upgrades. It's a lot less painful than doing large upgrades once a year.

One annoying part of this process is ensuring every dependency is on the latest major version. For example, if a project requires lint-staged@^8.0.0, yarn upgrade won't upgrade it to lint-staged@^9.0.0 (luckily of course, it's the behaviour I want during everyday development).

Today I learned about yarn upgrade --latest, which will upgrade all dependencies to the highest available version, despite the version constraints in your package.json file. lint-staged@^8.0.0 would happily upgrade to lint-staged@^9.0.0, even if it breaks semver boundaries.

This means yarn modifies your package.json file.

"devDependencies": {
- "lint-staged": "^8.0.0"
+ "lint-staged": "^9.0.0"

Breaking changes will occur, so double check everything before committing these changes!

You can also use yarn upgrade-interactive --latest, which provides an overview and lets you cherry pick available upgrades.

? Choose which packages to update.
name range from to url
❯◉ @fullhuman/postcss-purgecss latest 1.3.0 ❯ 2.1.2
◯ tailwindcss latest 1.2.0 ❯ 1.3.5