[donatj]

I'd say safely merging YAML diffs however could be trouble.

I don't know how restricted their YAML subset is, but in my experience it's so loose a format the only way to be sure YAML says what you think it says is to run it through a parser.

[DuskStar]

I think if you're merging lockfile diffs, you're doing something wrong! Merge the package.json diffs and regenerate the lockfile.

[tlrobinson]

Yarn automatically resolves conflicts in yarn.lock if you run "yarn": https://github.com/yarnpkg/yarn/pull/3544

[shados]

If you're regenerating lock files, you're losing all your locks for the stuff that didn't change, which can lead to unpredictable bugs.

Fortunately as someone else replied, both yarn and npm have safe and easy ways to resolve merge conflicts in their lock files.

[drodgers]

> safely merging YAML diffs however could be trouble

Yarn will actually do the merging automatically — if you have conflict markers in your lockfile, just running yarn will parse them along with the rest of the file and produce a new lockfile with the changes from both diffs (unless there's a genuine conflict).

I assume that this feature won't go away with the new lockfile format

[Vinnl]

I hope so, but that feature wasn't there from the start: https://github.com/yarnpkg/yarn/pull/3544

Hopefully they'll be able to re-use much of that work for the Yaml file.

[Vinnl]

They do say "subset of YAML", so presumably that can make it easier. And hopefully they'll keep handling this for you.