Remove package-lock.json and/or yarn.lock from Git ignored files

[angelaraya]

It is highly recommended you commit the generated package lock to source control: this will allow anyone else on your team, your deployments, your CI/continuous integration, and anyone else who runs npm install in your package source to get the exact same dependency tree that you were developing on.
Source

Right now there is no lock file being committed with the repository so the builds can vary from one to another. Another option is to pin the dependencies to an specific version instead of a range.

[angelaraya]

@elf-pavlik I've run into several problems because I keep using npm instead of yarn which seems to work better along lerna. I I can build and commit the yarn.lock file and update the readme to mention that yarn is a requirement.

[elf-pavlik]

SGTM, if any issue comes up with requiring yarn we can always look at a different setup.