Clarify how libraries should use yarn.lock

[Pauan]

In yarnpkg/yarn#1067 there was a discussion about whether libraries should check in yarn.lock or not.

In other ecosystems like Ruby or Rust, the advice is that applications should check in the lock file, but libraries should not.

Yarn seems to take a different approach, always advocating for checking in yarn.lock. This leads to confusion for library authors.

I tried to create a summary of the various reasons to check in (or not check in) yarn.lock

I think it would be useful for the Yarn documentation to clarify how libraries should treat yarn.lock

Even if the consensus is that libraries should always check in yarn.lock, it would be useful to have a paragraph saying "you should always check in yarn.lock, even for libraries"

[jamiebuilds]

All projects (applications and libraries) should check in the yarn.lock file. I made that more specific on the site a few days ago: https://yarnpkg.com/en/docs/yarn-lock#toc-check-into-source-control

[Pauan]

@thejameskyle Thanks, that helps a lot! 👍