Skip to main content

Updating Dependencies with Yarn Audit, Outdated and Upgrade

If you get a bunch of warnings in the git command output about vulnerabilities, similar to this: remote: Github found 80 vulnerabilities on <branch>..., you can examine these vulnerabilities with yarn audit, get a list of outdated packages with yarn outdated, and update each dependency using yarn update

Yarn Audit Checks for known security issues with the installed packages. Issue the command from the root of your project. The output is a list of known issues.

Usage:

yarn audit

yarn audit usage in terminal

Yarn Outdated generates a list of outdated packages and all the info you need to make decisions about updating their versions, such as whether a major update that is NOT backwards compatible is available. A handy link to the repository is provided so you can read about the consequences of updating that dependency in your project.

Usage:

yarn outdated

yarn outdated usage in terminal

Yarn Upgrade updates the version of a given package to the latest, or to a specific version if you specify it. Be sure to provide an argument to this command; otherwise, it will update all dependencies to their latest versions, which is usually not what you want.

Usage:

yarn upgrade-interactive
yarn upgrade-interactive --latest

yarn upgrade-interactive usage in terminal

Is this page still up to date? Did it work for you?