feat: detect extranous root level dependencies
This detects extranous root level dependencies in yarn.lock. If a
yarn.lock file contains extra dependencies that aren't declared, yarn
will modify yarn.lock but it will not error, not even with
--frozen-lockfile
.
We can simply circumvent this problem, if we check that all packages listed in yarn.lock either have dependants or are declared in the accompanying package.json.
Fixes #17
Edited by Lukas Eipert