yarn creates yarn.lock (whereas npm creates package-lock.json). They both use package.json with the same structure (but with different algorithms).
You should follow the official guide.
# check version
yarn --version
# 4.1.1
Official: yarn remove | Yarn
# Remove a package
yarn remove <package>
Official: yarn info | Yarn
yarn info lodash
# npx like?
# No, just use npx!
Official: yarn up | Yarn
# to the latest release
yarn up lodash
# with confirm
yarn up lodash -i
# with version
yarn up [email protected]
# all packages inside
yarn up @babel/*
# all packages containing "jest"
yarn up *jest*
yarn version patch # 1.0.0 -> 1.0.1 (fixes)
yarn version minor # 1.0.1 -> 1.1.0 (new features )
yarn version major # 1.1.0 -> 2.0.0 (completely new APIs)