docs(tutorial): explain how to upgrade dependencies

Related: angular/angular-seed#439

Author: gkalpak

docs/content/tutorial/index.ngdoc

@@ -282,6 +282,33 @@ the application as a whole is executing correctly. It is very common to run E2E
 a new commit of changes to a remote repository.
 
 
+### Updating dependencies
+
+In order to avoid surprizes, all dependencies listed in `package.json` are pinned to specific
+versions (this is what the [package-lock.json][package-lock] file is about). This ensures that the
+same version of a dependency is installed every time.
+
+Since all dependencies are acquired via npm, you can use the same tool to easily update them as
+well (although you probably don't need to for the purpose of this tutorial). Simply run the
+preconfigured script:
+
+```
+npm run update-deps
+```
+
+This will update all packages to the latest version that satisfy their version ranges (as specified
+in `package.json`) and also copy the necessary files into `app/lib/`. For example, if `package.json`
+contains `"some-package": "1.2.x"`, it will be updated to the latest 1.2.x version (e.g. 1.2.99),
+but not to 1.3.x (e.g. 1.3.0).
+
+If you want to update a dependency to a version newer than what the specificed range would permit,
+you can change the version range in `package.json` and then run `npm run update-deps` as usual.
+
+<div class="alert alert-info">
+  See [here][semver-ranges] for more info on the various version range formats.
+</div>
+
+
 ### Common Issues
 
 <br />
@@ -336,5 +363,7 @@ Now that you have set up your local machine, let's get started with the tutorial
 [npm]: https://www.npmjs.com/
 [nvm]: https://github.com/creationix/nvm
 [nvm-windows]: https://github.com/coreybutler/nvm-windows
+[package-lock]: https://docs.npmjs.com/files/package-lock.json
 [protractor]: https://github.com/angular/protractor
 [selenium]: https://docs.seleniumhq.org/
+[semver-ranges]: https://docs.npmjs.com/misc/semver#ranges