diff --git a/lang/en/docs/cli/upgrade.md b/lang/en/docs/cli/upgrade.md
index dcf43ae4f..c72e1ac4b 100644
--- a/lang/en/docs/cli/upgrade.md
+++ b/lang/en/docs/cli/upgrade.md
@@ -93,3 +93,9 @@ Examples:
 yarn upgrade --scope @angular
 yarn upgrade -S @angular
 ```
+
+**Note:**
+Users should be aware that when yarn.lock is present, indirect dependencies
+will only be updated by `yarn upgrade` without a package name.  In order to
+maintain the security of their applications, users should ensure that `yarn
+upgrade` is a regular part of their development process.