Skip to content
Latchkey

yarn install: Usage, Options & Common CI Errors

Install dependencies from yarn.lock.

yarn install resolves dependencies and writes node_modules (or a PnP store) from package.json and yarn.lock. In CI you want it to fail if the lockfile would change.

What it does

Resolves the dependency graph, fetches packages, links them, and updates yarn.lock if needed. In CI use --immutable (Yarn 2+/Berry) or --frozen-lockfile (Yarn 1) so a stale lockfile fails the build instead of being silently rewritten.

Common usage

.github/workflows/ci.yml
yarn install                    # install everything
yarn install --immutable        # Yarn 2+: fail if lockfile changes
yarn install --frozen-lockfile  # Yarn 1: same intent (classic)
yarn install --production       # Yarn 1: skip devDependencies

Common CI error: lockfile would change

CI fails with "Your lockfile needs to be updated, but yarn was run with --frozen-lockfile" (Yarn 1) or "YN0028 / The lockfile would have been modified by this install" (Berry). package.json changed without updating yarn.lock. Run yarn install locally and commit the updated yarn.lock; keep CI immutable.

Terminal
# locally:
yarn install
git add yarn.lock && git commit -m "update lockfile"

Key options

FlagEffect
--immutableYarn 2+: error if lockfile/store would change
--frozen-lockfileYarn 1: error if lockfile would change
--productionYarn 1: skip devDependencies
--check-cacheRe-validate cached package integrity

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →