Updating JS dependencies

Sometimes security problems (or other reasons) make it necessary to update Javascript dependencies. In general it's a good idea to follow this process:

yarn why <pkg> (tells us what is pulling pkg in)
yarn info <pkg> (figure out which versions are available)
consult package.json, try updating the version
run yarn install && yarn test
verify in git diff if all occurrences in yarn.lock were updated

Sometimes an old leaf package is pulled in through a bit which hasn't updated its pinned dependencies in a while, so an old version is still pulled in.

Using nvm to get the right version of node can sometimes be necessary.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Updating JS dependencies

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally