Currently there is both a package-lock.json and a yarn.lock file.
There should only be one of these files. If there are differences between the two (entirely possible), this could cause confusion if, for example, a developer works with NPM (using packge-lock.json), tests pass locally, commits, tests fail in CI (which uses Yarn and therefore yarn.lock).
I'd suggest just removing package-lock.json and using Yarn everywhere.
Currently there is both a package-lock.json and a yarn.lock file.
There should only be one of these files. If there are differences between the two (entirely possible), this could cause confusion if, for example, a developer works with NPM (using packge-lock.json), tests pass locally, commits, tests fail in CI (which uses Yarn and therefore yarn.lock).
I'd suggest just removing package-lock.json and using Yarn everywhere.