Migrate to Yarn v2 to resolve duplicate dependency issues

I’ve looked at migrating to yarn v2 before - one major problem for us is the lack of support from some of the tools we use right now; for example, Dependabot only supports npm and yarn v1; we’d need to find another tool to use to do that.

See https://github.com/dependabot/dependabot-core/issues/1297#issuecomment-804491821 - GitHub says that yarn 2 adoption is low; and cites it as the primary reason for them to delay implementing support for it; though yarn maintainers disagree.

https://github.com/renovatebot/renovate does support yarn however; its a discussion on if it would be worth switching tools for it to work.

In addition, vscode is still on yarn 1, and “re-migrating” everytime we pull the VSCode tree may not be worth the effort; we’d end up having a split between yarn 2 for our main package and yarn 1 inside lib/vscode (which should work, but may be confusing/cumbersome to newcomers), or we’d have to re-migrate every time we update vscode, which is not ideal.

I also looked at moving to npm v7 (which does support reading yarn.lock v1 files) but VSCode’s preinstall/postinstall script has a check if its being called by npm and forces an exit - we might be able to get away with simply patching out the warning, but I did not know if I’d uncover other issues and there were higher-priority issues than tooling at the time.

It’s ultimately a question if the migration has benefits that outweigh the cost (potential confusion because v1/v2 mix; migrating from dependabot to renovatebot)

Another important note that I didn’t add above; npm v7 currently doesn’t have an alternative to yarn’s resolutions functionality - they’re planning to add overrides in a future 7.x release - https://github.com/npm/rfcs/pull/129 - but there’s nothing yet.