diff --git a/.github/workflows/ci-code-review.yml b/.github/workflows/ci-code-review.yml
index 56886b0c..9d24f690 100644
--- a/.github/workflows/ci-code-review.yml
+++ b/.github/workflows/ci-code-review.yml
@@ -19,6 +19,9 @@ jobs:
           node-version: '18'
           cache: 'yarn'
 
+      - name: Check dep dupes
+        run: yarn ci-dupe-check
+      
       - name: Install dependencies
         run: yarn ci
 
diff --git a/README.md b/README.md
index 74f45093..5a8c7421 100644
--- a/README.md
+++ b/README.md
@@ -8,13 +8,13 @@ When updating dependencies, there are various files that must be kept up-to-date
 
 - Instead of running `yarn` or `yarn install`, run `yarn setup` to ensure the `yarn.lock` file is in sync and that dependency scripts are run according to the `allowScripts` policy (set in `packages.json`)
 - If `lavamoat` detects new scripts that are not explicitely allowed/denied, it'll throw and error with details (see below)
-- The `postinstall` step will dedupe the `yarn.lock` file to rationalise the dependency tree
+- Running `yarn setup` will also dedupe the `yarn.lock` file to reduce the dependency tree. Note CI will fail if there are dupes in `yarn.lock`!
 
 The `allowScripts` configuration in `package.json`:
 
 - There are two ways to configure script policies:
-  ⋅⋅* Update the allow-scripts section manually by adding the missing package in the `allowScripts` section in `package.json`
-  ⋅⋅* Run `yarn allow-scripts auto` to update the `allowScripts` configuration automatically
+  1. Update the allow-scripts section manually by adding the missing package in the `allowScripts` section in `package.json`
+  2. Run `yarn allow-scripts auto` to update the `allowScripts` configuration automatically
 - Review each new package to determine whether the install script needs to run or not, testing if necessary.
 - Use `npx can-i-ignore-scripts` to help assessing whether scripts are needed
 
diff --git a/package.json b/package.json
index b61d7659..2b255c65 100644
--- a/package.json
+++ b/package.json
@@ -4,7 +4,7 @@
   "private": true,
   "scripts": {
     "setup": "yarn install && npx yarn-deduplicate && yarn allow-scripts && yarn bigint-fix",
-    "ci": "yarn ci-dupe-check && yarn install --frozen-lockfile --network-concurrency 1 --color=always && yarn allow-scripts && yarn bigint-fix",
+    "ci": "yarn install --frozen-lockfile --network-concurrency 1 --color=always && yarn allow-scripts && yarn bigint-fix",
     "ci-dupe-check": "npx yarn-deduplicate --list --fail",
     "bigint-fix": "cd node_modules/bigint-buffer && yarn rebuild && cd ../../",
     "dev": "rm -rf .next && next dev",