singularity-forge/scripts/bump-version.mjs

#!/usr/bin/env node
/**
 * Bump version in package.json, then sync platform packages and pkg/package.json.
 * Usage: node scripts/bump-version.mjs <new-version>
 */
import { readFileSync, writeFileSync, existsSync } from "fs";
import { resolve, dirname } from "path";
import { execSync } from "child_process";
import { fileURLToPath } from "url";

const __dirname = dirname(fileURLToPath(import.meta.url));
const root = resolve(__dirname, "..");

const newVersion = process.argv[2];
if (!newVersion || !/^\d+\.\d+\.\d+$/.test(newVersion)) {
  console.error("Usage: node scripts/bump-version.mjs <X.Y.Z>");
  process.exit(1);
}

// 1. Update root package.json
const pkgPath = resolve(root, "package.json");
const pkg = JSON.parse(readFileSync(pkgPath, "utf-8"));
const oldVersion = pkg.version;
pkg.version = newVersion;
writeFileSync(pkgPath, JSON.stringify(pkg, null, 2) + "\n");
console.log(`[bump-version] package.json: ${oldVersion} → ${newVersion}`);

// 2. Update all non-private workspace packages under packages/
//    These share the root version to keep the repo's source of truth coherent
//    with what ships. Private packages (studio, web) are skipped — they're not
//    published and have their own lifecycle.
const workspacePackages = [
  "daemon",
  "mcp-server",
  "native",
  "pi-agent-core",
  "pi-ai",
  "pi-coding-agent",
  "pi-tui",
  "rpc-client",
];
for (const name of workspacePackages) {
  const wsPath = resolve(root, "packages", name, "package.json");
  if (!existsSync(wsPath)) continue;
  const ws = JSON.parse(readFileSync(wsPath, "utf-8"));
  const wsOld = ws.version;
  ws.version = newVersion;
  // Bump any internal @singularity-forge/* or @singularity-forge/* dep references to match.
  for (const field of ["dependencies", "devDependencies", "peerDependencies"]) {
    if (!ws[field]) continue;
    for (const dep of Object.keys(ws[field])) {
      if (workspacePackages.some((n) => dep === `@singularity-forge/${n}` || dep === `@singularity-forge/${n}`)) {
        ws[field][dep] = `^${newVersion}`;
      }
    }
  }
  writeFileSync(wsPath, JSON.stringify(ws, null, 2) + "\n");
  console.log(`[bump-version] ${name}: ${wsOld} → ${newVersion}`);
}

// 3. Sync platform package versions (reads from root package.json)
execSync("node rust-engine/scripts/sync-platform-versions.cjs", { cwd: root, stdio: "inherit" });

// 4. Sync pkg/package.json (reads from pi-coding-agent)
execSync("node scripts/sync-pkg-version.cjs", { cwd: root, stdio: "inherit" });

// 5. Regenerate root package-lock.json to match the new version.
//    --package-lock-only updates the lockfile in-place without touching node_modules.
execSync("npm install --package-lock-only --ignore-scripts", { cwd: root, stdio: "inherit" });
console.log(`[bump-version] package-lock.json regenerated at ${newVersion}`);

// 6. Regenerate web/package-lock.json if the web app is present.
const webDir = resolve(root, "web");
if (existsSync(webDir)) {
  execSync("npm install --package-lock-only --ignore-scripts", { cwd: webDir, stdio: "inherit" });
  console.log(`[bump-version] web/package-lock.json regenerated`);
}
feat(ci): automate prod-release with version bump, changelog, and tag push (#1194) When the prod environment gate is approved, the pipeline now automatically determines the semver bump from conventional commits, generates a changelog entry, bumps all package versions, commits + tags + pushes (triggering build-native.yml for npm @latest), creates a GitHub Release, and posts to Discord. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-03-18 11:17:43 -06:00			`#!/usr/bin/env node`
			`/**`
			`* Bump version in package.json, then sync platform packages and pkg/package.json.`
			`* Usage: node scripts/bump-version.mjs <new-version>`
			`*/`
fix(ci): address 5 pipeline integrity issues from release audit (#4119) - version-stamp.mjs: regenerate package-lock.json after dev version stamp (mirrors the same fix applied to bump-version.mjs in #4116) - bump-version.mjs: regenerate root and web/package-lock.json after version bump so both lockfiles are always in sync at release time - pipeline.yml: add post-bump validation step that verifies all package.json files parse as valid JSON before the release commit is made - pipeline.yml: split "Commit, tag, and push" — commit+tag+rebase happen before build, but git push is deferred until after build and npm publish both succeed, preventing a broken tag from landing on main - pipeline.yml: emit a ::warning:: annotation when live LLM tests fail so failures are visible in the Actions UI instead of silently swallowed Closes #4118 Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-04-13 08:56:12 -04:00			`import { readFileSync, writeFileSync, existsSync } from "fs";`
feat(ci): automate prod-release with version bump, changelog, and tag push (#1194) When the prod environment gate is approved, the pipeline now automatically determines the semver bump from conventional commits, generates a changelog entry, bumps all package versions, commits + tags + pushes (triggering build-native.yml for npm @latest), creates a GitHub Release, and posts to Discord. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-03-18 11:17:43 -06:00			`import { resolve, dirname } from "path";`
			`import { execSync } from "child_process";`
			`import { fileURLToPath } from "url";`

			`const __dirname = dirname(fileURLToPath(import.meta.url));`
			`const root = resolve(__dirname, "..");`

			`const newVersion = process.argv[2];`
			`if (!newVersion \|\| !/^\d+\.\d+\.\d+$/.test(newVersion)) {`
			`console.error("Usage: node scripts/bump-version.mjs <X.Y.Z>");`
			`process.exit(1);`
			`}`

			`// 1. Update root package.json`
			`const pkgPath = resolve(root, "package.json");`
			`const pkg = JSON.parse(readFileSync(pkgPath, "utf-8"));`
			`const oldVersion = pkg.version;`
			`pkg.version = newVersion;`
			`writeFileSync(pkgPath, JSON.stringify(pkg, null, 2) + "\n");`
			console.log(`[bump-version] package.json: ${oldVersion} → ${newVersion}`);

fix(release): sync all workspace versions and harden release scripts Two bugs were causing version drift across the repo: 1. Root package.json was silently reverted from 2.74.0 → 2.73.1 during commit b03c9401c (a CI optimization rebase). Tag v2.74.0 is already published on npm, so the next release would have computed 2.73.2 — lower than what's already out — and shipped a broken version. 2. scripts/bump-version.mjs only touches pi-coding-agent + pkg + native platform shims. Other workspace packages drift independently: - @gsd-build/mcp-server: stuck at 2.52.0 (22 minor versions behind) - @gsd-build/rpc-client: stuck at 2.52.0 - @gsd/pi-ai, pi-tui, pi-agent-core: stuck at 0.57.1 - @gsd/native, @gsd-build/daemon: stuck at 0.1.0 Changes: - Bump all non-private workspace packages to 2.74.0 to match the latest release tag. Update daemon + mcp-server's internal rpc-client dep from ^2.52.0 → ^2.74.0. Regenerate root lockfile. - scripts/generate-changelog.mjs: compute newVersion from max(latest stable tag, package.json) instead of package.json alone. Prevents version regressions when package.json is accidentally clobbered by rebases or merges. - scripts/bump-version.mjs: extend to sync all eight non-private workspace packages (daemon, mcp-server, native, pi-agent-core, pi-ai, pi-coding-agent, pi-tui, rpc-client) including their internal deps on each other. Private packages (studio, web) are left alone. Studio and web remain on their own versioning (private: true, never published). The native platform shims under native/npm/* are still synced via native/scripts/sync-platform-versions.cjs from the root version as before. 2026-04-14 19:35:28 -05:00			`// 2. Update all non-private workspace packages under packages/`
			`// These share the root version to keep the repo's source of truth coherent`
			`// with what ships. Private packages (studio, web) are skipped — they're not`
			`// published and have their own lifecycle.`
			`const workspacePackages = [`
			`"daemon",`
			`"mcp-server",`
			`"native",`
			`"pi-agent-core",`
			`"pi-ai",`
			`"pi-coding-agent",`
			`"pi-tui",`
			`"rpc-client",`
			`];`
			`for (const name of workspacePackages) {`
			`const wsPath = resolve(root, "packages", name, "package.json");`
			`if (!existsSync(wsPath)) continue;`
			`const ws = JSON.parse(readFileSync(wsPath, "utf-8"));`
			`const wsOld = ws.version;`
			`ws.version = newVersion;`
Rename @sf-run/* → @singularity-forge/* package scope - All 373 source files updated - Package.json scopes in all workspace packages - Loader workspace symlink dir updated - RpcClient import unified from pi-coding-agent (fixes type mismatch) - Scripts, configs, flake.nix updated - Workspace symlinks rebuilt 2026-04-15 22:56:33 +02:00			`// Bump any internal @singularity-forge/* or @singularity-forge/* dep references to match.`
fix(release): sync all workspace versions and harden release scripts Two bugs were causing version drift across the repo: 1. Root package.json was silently reverted from 2.74.0 → 2.73.1 during commit b03c9401c (a CI optimization rebase). Tag v2.74.0 is already published on npm, so the next release would have computed 2.73.2 — lower than what's already out — and shipped a broken version. 2. scripts/bump-version.mjs only touches pi-coding-agent + pkg + native platform shims. Other workspace packages drift independently: - @gsd-build/mcp-server: stuck at 2.52.0 (22 minor versions behind) - @gsd-build/rpc-client: stuck at 2.52.0 - @gsd/pi-ai, pi-tui, pi-agent-core: stuck at 0.57.1 - @gsd/native, @gsd-build/daemon: stuck at 0.1.0 Changes: - Bump all non-private workspace packages to 2.74.0 to match the latest release tag. Update daemon + mcp-server's internal rpc-client dep from ^2.52.0 → ^2.74.0. Regenerate root lockfile. - scripts/generate-changelog.mjs: compute newVersion from max(latest stable tag, package.json) instead of package.json alone. Prevents version regressions when package.json is accidentally clobbered by rebases or merges. - scripts/bump-version.mjs: extend to sync all eight non-private workspace packages (daemon, mcp-server, native, pi-agent-core, pi-ai, pi-coding-agent, pi-tui, rpc-client) including their internal deps on each other. Private packages (studio, web) are left alone. Studio and web remain on their own versioning (private: true, never published). The native platform shims under native/npm/* are still synced via native/scripts/sync-platform-versions.cjs from the root version as before. 2026-04-14 19:35:28 -05:00			`for (const field of ["dependencies", "devDependencies", "peerDependencies"]) {`
			`if (!ws[field]) continue;`
			`for (const dep of Object.keys(ws[field])) {`
Rename @sf-run/* → @singularity-forge/* package scope - All 373 source files updated - Package.json scopes in all workspace packages - Loader workspace symlink dir updated - RpcClient import unified from pi-coding-agent (fixes type mismatch) - Scripts, configs, flake.nix updated - Workspace symlinks rebuilt 2026-04-15 22:56:33 +02:00			if (workspacePackages.some((n) => dep === `@singularity-forge/${n}` \|\| dep === `@singularity-forge/${n}`)) {
fix(release): sync all workspace versions and harden release scripts Two bugs were causing version drift across the repo: 1. Root package.json was silently reverted from 2.74.0 → 2.73.1 during commit b03c9401c (a CI optimization rebase). Tag v2.74.0 is already published on npm, so the next release would have computed 2.73.2 — lower than what's already out — and shipped a broken version. 2. scripts/bump-version.mjs only touches pi-coding-agent + pkg + native platform shims. Other workspace packages drift independently: - @gsd-build/mcp-server: stuck at 2.52.0 (22 minor versions behind) - @gsd-build/rpc-client: stuck at 2.52.0 - @gsd/pi-ai, pi-tui, pi-agent-core: stuck at 0.57.1 - @gsd/native, @gsd-build/daemon: stuck at 0.1.0 Changes: - Bump all non-private workspace packages to 2.74.0 to match the latest release tag. Update daemon + mcp-server's internal rpc-client dep from ^2.52.0 → ^2.74.0. Regenerate root lockfile. - scripts/generate-changelog.mjs: compute newVersion from max(latest stable tag, package.json) instead of package.json alone. Prevents version regressions when package.json is accidentally clobbered by rebases or merges. - scripts/bump-version.mjs: extend to sync all eight non-private workspace packages (daemon, mcp-server, native, pi-agent-core, pi-ai, pi-coding-agent, pi-tui, rpc-client) including their internal deps on each other. Private packages (studio, web) are left alone. Studio and web remain on their own versioning (private: true, never published). The native platform shims under native/npm/* are still synced via native/scripts/sync-platform-versions.cjs from the root version as before. 2026-04-14 19:35:28 -05:00			ws[field][dep] = `^${newVersion}`;
			`}`
			`}`
			`}`
			`writeFileSync(wsPath, JSON.stringify(ws, null, 2) + "\n");`
			console.log(`[bump-version] ${name}: ${wsOld} → ${newVersion}`);
			`}`
feat(ci): automate prod-release with version bump, changelog, and tag push (#1194) When the prod environment gate is approved, the pipeline now automatically determines the semver bump from conventional commits, generates a changelog entry, bumps all package versions, commits + tags + pushes (triggering build-native.yml for npm @latest), creates a GitHub Release, and posts to Discord. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-03-18 11:17:43 -06:00
			`// 3. Sync platform package versions (reads from root package.json)`
sf snapshot: pre-dispatch, uncommitted changes after 47m inactivity 2026-04-30 20:21:12 +02:00			`execSync("node rust-engine/scripts/sync-platform-versions.cjs", { cwd: root, stdio: "inherit" });`
feat(ci): automate prod-release with version bump, changelog, and tag push (#1194) When the prod environment gate is approved, the pipeline now automatically determines the semver bump from conventional commits, generates a changelog entry, bumps all package versions, commits + tags + pushes (triggering build-native.yml for npm @latest), creates a GitHub Release, and posts to Discord. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-03-18 11:17:43 -06:00
			`// 4. Sync pkg/package.json (reads from pi-coding-agent)`
			`execSync("node scripts/sync-pkg-version.cjs", { cwd: root, stdio: "inherit" });`
fix(ci): regenerate package-lock.json during version bump (#4116) bump-version.mjs was updating package.json and sub-packages but never regenerating package-lock.json, causing the lockfile to drift behind by one version on every release. Adds `npm install --package-lock-only` as the final step so the lockfile is always in sync with the version being committed. Also regenerates the current lockfile to fix the existing 2.58.0 → 2.64.0 drift. Closes #4115 Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-04-13 08:37:59 -04:00
fix(ci): address 5 pipeline integrity issues from release audit (#4119) - version-stamp.mjs: regenerate package-lock.json after dev version stamp (mirrors the same fix applied to bump-version.mjs in #4116) - bump-version.mjs: regenerate root and web/package-lock.json after version bump so both lockfiles are always in sync at release time - pipeline.yml: add post-bump validation step that verifies all package.json files parse as valid JSON before the release commit is made - pipeline.yml: split "Commit, tag, and push" — commit+tag+rebase happen before build, but git push is deferred until after build and npm publish both succeed, preventing a broken tag from landing on main - pipeline.yml: emit a ::warning:: annotation when live LLM tests fail so failures are visible in the Actions UI instead of silently swallowed Closes #4118 Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-04-13 08:56:12 -04:00			`// 5. Regenerate root package-lock.json to match the new version.`
fix(ci): regenerate package-lock.json during version bump (#4116) bump-version.mjs was updating package.json and sub-packages but never regenerating package-lock.json, causing the lockfile to drift behind by one version on every release. Adds `npm install --package-lock-only` as the final step so the lockfile is always in sync with the version being committed. Also regenerates the current lockfile to fix the existing 2.58.0 → 2.64.0 drift. Closes #4115 Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-04-13 08:37:59 -04:00			`// --package-lock-only updates the lockfile in-place without touching node_modules.`
fix(ci): address 5 pipeline integrity issues from release audit (#4119) - version-stamp.mjs: regenerate package-lock.json after dev version stamp (mirrors the same fix applied to bump-version.mjs in #4116) - bump-version.mjs: regenerate root and web/package-lock.json after version bump so both lockfiles are always in sync at release time - pipeline.yml: add post-bump validation step that verifies all package.json files parse as valid JSON before the release commit is made - pipeline.yml: split "Commit, tag, and push" — commit+tag+rebase happen before build, but git push is deferred until after build and npm publish both succeed, preventing a broken tag from landing on main - pipeline.yml: emit a ::warning:: annotation when live LLM tests fail so failures are visible in the Actions UI instead of silently swallowed Closes #4118 Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-04-13 08:56:12 -04:00			`execSync("npm install --package-lock-only --ignore-scripts", { cwd: root, stdio: "inherit" });`
fix(ci): regenerate package-lock.json during version bump (#4116) bump-version.mjs was updating package.json and sub-packages but never regenerating package-lock.json, causing the lockfile to drift behind by one version on every release. Adds `npm install --package-lock-only` as the final step so the lockfile is always in sync with the version being committed. Also regenerates the current lockfile to fix the existing 2.58.0 → 2.64.0 drift. Closes #4115 Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-04-13 08:37:59 -04:00			console.log(`[bump-version] package-lock.json regenerated at ${newVersion}`);
fix(ci): address 5 pipeline integrity issues from release audit (#4119) - version-stamp.mjs: regenerate package-lock.json after dev version stamp (mirrors the same fix applied to bump-version.mjs in #4116) - bump-version.mjs: regenerate root and web/package-lock.json after version bump so both lockfiles are always in sync at release time - pipeline.yml: add post-bump validation step that verifies all package.json files parse as valid JSON before the release commit is made - pipeline.yml: split "Commit, tag, and push" — commit+tag+rebase happen before build, but git push is deferred until after build and npm publish both succeed, preventing a broken tag from landing on main - pipeline.yml: emit a ::warning:: annotation when live LLM tests fail so failures are visible in the Actions UI instead of silently swallowed Closes #4118 Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-04-13 08:56:12 -04:00
			`// 6. Regenerate web/package-lock.json if the web app is present.`
			`const webDir = resolve(root, "web");`
			`if (existsSync(webDir)) {`
			`execSync("npm install --package-lock-only --ignore-scripts", { cwd: webDir, stdio: "inherit" });`
			console.log(`[bump-version] web/package-lock.json regenerated`);
			`}`