We are gradually rolling out lockfile support. If a yarn.lock or package-lock.json file is present in a project, we will auto detect these and process the project as lockfile based. The most common reason for receiving "Out of sync package.json and package-lock.json/yarn.lock detected." is having out of sync manifest and lockfiles. This can be remedied by running `npm install` or `yarn install` and pushing the updated lockfiles to the branch.
Snyk can sometimes test your branch and your base branch to compare both test results and report only new vulnerabilities (depending on the organisation settings), for this reason it may be necessary to push the updated lockfile all the way to the master branch before starting to see passing status checks again.
We are actively working on improving our user experience around this new feature with more specific errors, watch this space.