[Bug?]: yarn workspace up changes package.json of unrelated workspace

[rarkins]

Self-service

• I'd be willing to implement a fix

Describe the bug

Running an upgrade command on a specific workspace results in the range of the same dependency in another workspace being changed.

To reproduce

Run git clone https://github.com/renovate-reproductions/20281 && cd 20281 && yarn workspace @renovate-yarn-repro/package-2 up '@types/express@^4.17.16'.

git diff then reveals (truncated for brevity):

diff --git a/packages/package-1/package.json b/packages/package-1/package.json
index 9057fe3..9759a33 100644
--- a/packages/package-1/package.json
+++ b/packages/package-1/package.json
@@ -4,6 +4,6 @@
   "license": "UNLICENSED",
   "private": true,
   "devDependencies": {
-    "@types/express": "*"
+    "@types/express": "^4.17.16"
   }
 }

Environment

System:
    OS: macOS 13.2.1
    CPU: (8) arm64 Apple M1 Pro
  Binaries:
    Node: 16.16.0 - /private/var/folders/q_/8zp8yd4169nbwftw00ywxdlw0000gr/T/xfs-70396952/node
    Yarn: 3.4.1 - /private/var/folders/q_/8zp8yd4169nbwftw00ywxdlw0000gr/T/xfs-70396952/yarn
    npm: 9.6.2 - ~/.nvm/versions/node/v16.16.0/bin/npm

Additional context

Our goal here is to bump the locked version from 4.16.16 to 4.16.17, but the change of range in package-1's package.json is undesired. Any other command(s) which would achieve the same would be an acceptable workaround for us.

[merceyz]

This is working as expected / documented:

This command upgrades the packages matching the list of specified patterns to their latest available version across the whole project (regardless of whether they're part of dependencies or devDependencies - peerDependencies won't be affected). This is a project-wide command: all workspaces will be upgraded in the process.
https://yarnpkg.com/cli/up