diff --git a/lib/manager/npm/package.js b/lib/manager/npm/package.js
index 22e8f774bac952cc16570538aea064257d84b632..8201e950f898ce813f04c4984d6d6831721819e9 100644
--- a/lib/manager/npm/package.js
+++ b/lib/manager/npm/package.js
@@ -45,8 +45,8 @@ async function getPackageUpdates(config) {
         )}`
       );
     }
-  } else {
-    if (config.updateLockFiles && config.yarnLock) {
+  } else if (config.updateLockFiles && config.yarnLock) {
+    if (config.repoIsOnboarded) {
       // Config error
       const error = new Error('config-validation');
       error.configFile = config.packageFile;
@@ -56,7 +56,18 @@ async function getPackageUpdates(config) {
       error.validationMessage =
         'This dependency lookup failure will cause all lock file updates to fail. Please either remove the dependency, or remove the lock file, or add npm authentication, or set `updateLockFiles` to false in your config.';
       throw error;
+    } else {
+      // If dependency lookup fails then error and return
+      const result = {
+        type: 'error',
+        message: `Failed to look up dependency ${
+          config.depName
+        }. This will prevent yarn.lock from being updated.`,
+      };
+      results = [result];
+      logger.info({ dependency: config.depName }, result.message);
     }
+  } else {
     // If dependency lookup fails then warn and return
     const result = {
       type: 'warning',
diff --git a/test/manager/npm/__snapshots__/package.spec.js.snap b/test/manager/npm/__snapshots__/package.spec.js.snap
index b3802a82da270917d886d8f1f971a687d96a6f77..09d27c448c4c835015d2de89607feaf58e359e2e 100644
--- a/test/manager/npm/__snapshots__/package.spec.js.snap
+++ b/test/manager/npm/__snapshots__/package.spec.js.snap
@@ -6,6 +6,16 @@ Array [
 ]
 `;
 
+exports[`lib/workers/package/npm getPackageUpdates returns error if no npm scoped dep found 1`] = `
+Array [
+  Object {
+    "message": "Failed to look up dependency @foo/something. This will prevent yarn.lock from being updated.",
+    "repositoryUrl": null,
+    "type": "error",
+  },
+]
+`;
+
 exports[`lib/workers/package/npm getPackageUpdates returns warning if no npm dep found 1`] = `
 Array [
   Object {
diff --git a/test/manager/npm/package.spec.js b/test/manager/npm/package.spec.js
index 38edda94130afdbaf5802d47077d1db9564ff61e..1065b840a8121298bacedf7ae6024aea78fbab01 100644
--- a/test/manager/npm/package.spec.js
+++ b/test/manager/npm/package.spec.js
@@ -48,7 +48,8 @@ describe('lib/workers/package/npm', () => {
       expect(res[0].type).toEqual('warning');
       expect(npmApi.getDependency.mock.calls.length).toBe(1);
     });
-    it('throws error if no npm dep found and yarn.lock', async () => {
+    it('throws error if onboarded and no npm dep found and yarn.lock', async () => {
+      config.repoIsOnboarded = true;
       config.yarnLock = 'some package lock';
       let e;
       try {
@@ -59,15 +60,12 @@ describe('lib/workers/package/npm', () => {
       expect(e).toBeDefined();
     });
     it('returns error if no npm scoped dep found', async () => {
+      config.repoIsOnboarded = false;
       config.depName = '@foo/something';
       config.yarnLock = '# some yarn lock';
-      let e;
-      try {
-        await npm.getPackageUpdates(config);
-      } catch (err) {
-        e = err;
-      }
-      expect(e).toBeDefined();
+      const res = await npm.getPackageUpdates(config);
+      expect(res).toHaveLength(1);
+      expect(res).toMatchSnapshot();
     });
     it('returns warning if warning found', async () => {
       npmApi.getDependency.mockReturnValueOnce({});