A Better Yarn Upgrade

10/12/20191 Min Read — In DevTools

Yarn is my package manager of choice for the JavaScript ecosystem.

When I started programming, yarn was superior to NPM - faster, more secure, better dependency lock. Nowadays, in 2019, npm, the default package manager for node, has caught up. It doesn't really matter which tool you use.
But now I have yarn on my system.

But yarn comes with problems, too.

For example, yarn upgrade doesn't update your package.json file. The command updates dependencies in your lockfile (yarn.lock), but it won't show in package.json.

Here is a workaround:

$ yarn upgrade && npx syncyarnlock -s -k && yarn install

You can make an alias for your shell. For Fish:

$ alias yup 'yarn upgrade && npx syncyarnlock -s -k && yarn install'
$ funcsave yup

The command uses syncyarnlock to update package.json and keeps prefixes (like the ^ for dynamic packages).

You can install syncyarnlock globally for a faster experience, but I prefer using npx for a temporary install. This way, the package won't clutter my system.

Alternatively, you can install pnpm, a new package manager that only saves one version of a package on your disk. The tool uses symlinks to save disk space.