chore: enforce npm usage

.github/actions/lockfiles/action.yml

@@ -0,0 +1,21 @@
+name: 'Lockfile'
+description: 'Forbid non-npm lockfiles'
+runs:
+    using: composite
+    steps:
+        - name: Check lockfiles
+          uses: actions/github-script@v6
+          with:          
+            script: |
+              const {existsSync} = require('fs');
+              ['yarn.lock', 'pnpm-lock.yaml'].forEach(forbiddenLockFile => {
+                if(existsSync(forbiddenLockFile)) {
+                  const error = `Lockfile ${forbiddenLockFile} is not allowed in this repo, remove it.`;
+                  core.error(
+                    error,
+                    {title: 'Forbidden lockfile', file: forbiddenLockFile}
+                  );
+                  process.exitCode=1
+                }
+              });
+

.github/workflows/ci.yml

@@ -15,6 +15,8 @@ jobs:
               uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
             - name: Setup
               uses: ./.github/actions/setup
+            - name: Check lockfiles
+              uses: ./.github/actions/lockfiles
             - name: Tests
               run: npm test
             - name: Build