Why is my Node.js build failing because of an outdated Yarn lockfile?

Issue

When you use Yarn to install node modules, it generates a yarn.lock file which contains a list of the exact modules that it installed when you ran the command. If the dependencies in package.json change, but a new yarn.lock file is not generated by the Yarn executable we fail the build to prevent subtle bugs and security issues that could affect your application at runtime.

Resolution

This issue commonly occurs when your application uses Yarn but some other tool modifies the package.json file without invoking yarn install. An example would be using npm to install a new module instead of Yarn, or manually updating a version requirement by hand.

To resolve this, run yarn install and check in the updated yarn.lock file.

$ yarn install
$ git add yarn.lock
$ git commit -m "Updated Yarn lockfile"
$ git push heroku master