Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
yarn-upgrade-all
Advanced tools
This is a command line utility program to upgrade all the packages in your package.json to the latest version (potentially upgrading packages across major versions).
This is a command line utility program to upgrade all the packages in your package.json
to the latest version
(potentially upgrading packages across major versions).
yarn add --dev yarn-upgrade-all
yarn yarn-upgrade-all
yarn global add yarn-upgrade-all
npm install -g yarn-upgrade-all
:exclamation: Don't use yarn
to install it on Windows because there is a bug: yarnpkg/yarn#2224.
yarn-upgrade-all --global
For every package in package.json
, run yarn remove <package-name> && yarn add [--dev|--peer] <package-name>
.
yarn upgrade --latest
?Most of the time yarn upgrade --latest
works. But I did meet some cases when it didn't work. I am not sure of the reason, maybe it's yarn's bug.
This library is very robust because it goes the hard way.
In that case, that package will be skipped and an error message will be printed.
You need to read the error message and manually install that package.
It is the recommended flow. Because if a package failed to install, most of the time, you need to manually troubleshoot the issue and fix the issue.
You can add the following to package.json
file:
...
"yarn-upgrade-all": {
"ignore": [
"react"
]
}
...
With configuration above, yarn-upgrade-all
won't upgrade react
for you.
FAQs
This is a command line utility program to upgrade all the packages in your package.json to the latest version (potentially upgrading packages across major versions).
The npm package yarn-upgrade-all receives a total of 22,432 weekly downloads. As such, yarn-upgrade-all popularity was classified as popular.
We found that yarn-upgrade-all demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
Security News
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.