Update indirect dependencies in yarn.lock. `ruby rejuvenation.rb & yarn install`

rejuvenation.rb

#!/usr/bin/env ruby

# USAGE: `$> ruby rejuvenation.rb`

require 'json'

EXTRACT_DEPENDENCY_NAME = /"?(.+?)@.+?"?(?:,\s+|\Z)/.freeze
EXTRACT_DEPENDENCY_DETAILS = /(^((?!= ).*?):\n.*?(?:\n\n|\Z))/m.freeze

def direct_dependencies_names
  package_json = JSON.parse(File.open('package.json').read)
  direct_dependencies = package_json.fetch_values('dependencies', 'devDependencies', 'peerDependencies') { }
  direct_dependencies.compact.inject([]) { |memo, v| memo.concat(v.keys) }
end

@dependencies = direct_dependencies_names

yarn_lock_content = File.open('yarn.lock').read

File.open('yarn.lock', 'w') do |file|
  yarn_lock_content.scan(EXTRACT_DEPENDENCY_DETAILS).map do |dependency_block|
    direct_dep = @dependencies.include?(dependency_block[1].match(EXTRACT_DEPENDENCY_NAME).to_a[1])
    file.puts dependency_block[0] if direct_dep
  end
end

`yarn install`

Yarn Upgrade Indirect Dependencies.md

$> curl "https://gist.githubusercontent.com/pftg/fa8fe4ca2bb4638fbd19324376487f42/raw/f9056244c416d2f56d6d94290e5ecef5960abf66/rejuvenation.rb" | ruby

or

$> ruby rejuvenation.rb
$> yarn install

Yarn does not upgrade indirect versions

As niklasholm and others have stated in that thread, that isn't true. "yarn upgrade" will upgrade indirect dependencies. The issue you linked to is a request for enhancement that would allow yarn to upgrade specific indirect dependencies without upgrading all of them.

But upgrading all of the indirect dependencies is what your script appears to do, and what "yarn upgrade" does.

Yeah you are right. This script had been created before, yarn could upgrade indirect deps. So now it’s redundant even for
v1

@gordonmessmer thank you