Having yarn outdated is quite informative but I'd like to avoid running over package by package doing yarn upgrade.

From yarn's documentation, just yarn upgrade without arguments is said to upgrade all dependencies but there's no change in my project's package.json and yarn outdated shows the same packages versions than before.

Is there some command or argument that just bumps all my dependencies?

If not, is the practice discouraged in some way?

You can update your packages to the latest version specified in the package.json using yarn upgrade without any args.

This is taken from the docs:

yarn upgrade

This command updates all dependencies to their latest version based on the version range specified in the package.json file. The yarn.lock file will be recreated as well.

This will only update packages that are allowed to be upgraded in the package.json e.g. using ^ (e.g. ^0.13.0 would update to version 0.14.0 if it exists). This will not update your package.json file, but it will update the yarn.lock.

If you want to update dependencies in to the latest version you can use the package npm-check-updates which will update your package.json:

$ yarn global add npm-check-updates
$ npm-check-updates -u
$ yarn upgrade

If your dependencies are using a range version ("^x.x.x", "~x.x.x", etc), your package.json won't be updated if the latest version also match that range, only your yarn.lock.

If you want your package.json to be updated:

1. Change all your dependencies to a fixed version ("x.x.x")
2. Run yarn to update the yarn.lock
3. Run yarn upgrade-interactive and select all dependencies you want to upgrade

Now both your yarn.lock and package.json will reflect the exact latest versions.