# Takumi Guard: Yarn v1 Lockfile Behavior Change for Reliable Package Blocking

Takumi Guard now handles requests from Yarn clients differently to ensure **package blocking works reliably regardless of Yarn version**. Yarn v1 users will see Takumi Guard's registry URL in their `yarn.lock` files.

## Overview

To ensure that blocked packages remain blocked across all Yarn versions, Takumi Guard now processes package metadata differently for Yarn clients. This strengthens policy enforcement so that packages flagged by your organization's policies cannot bypass blocking through lockfile-based resolution.

## What Changes

### Yarn v1

After this change, `yarn.lock` entries will contain Takumi Guard's registry URL instead of the upstream registry URL. **This is expected behavior** and cannot be avoided — it is necessary to ensure that blocked packages are consistently enforced when resolved through the lockfile.

### Yarn v2–v4 (Berry)

Yarn v2–v4 users are **not affected** by this lockfile change.

### npm, pnpm, and Bun

No change. These package managers are unaffected.

## Recommendation

For new projects, we recommend using **pnpm** over Yarn. pnpm works seamlessly with Takumi Guard and offers strong supply chain security features out of the box.