fix(ci): regenerate package-lock.json during version bump (#4116)

bump-version.mjs was updating package.json and sub-packages but never regenerating package-lock.json, causing the lockfile to drift behind by one version on every release. Adds `npm install --package-lock-only` as the final step so the lockfile is always in sync with the version being committed. Also regenerates the current lockfile to fix the existing 2.58.0 → 2.64.0 drift. Closes #4115 Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-13 08:37:59 -04:00 · 2026-04-13 08:37:59 -04:00 · 202a1cb11e
commit 202a1cb11e
parent 71f10a0d53
2 changed files with 8 additions and 3 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -1,12 +1,12 @@
 {
  "name": "gsd-pi",
-  "version": "2.68.0",
+  "version": "2.72.0",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "gsd-pi",
-      "version": "2.68.0",
+      "version": "2.72.0",
      "hasInstallScript": true,
      "license": "MIT",
      "workspaces": [
@ -9535,7 +9535,7 @@
    },
    "packages/pi-coding-agent": {
      "name": "@gsd/pi-coding-agent",
-      "version": "2.68.0",
+      "version": "2.72.0",
      "dependencies": {
        "@mariozechner/jiti": "^2.6.2",
        "@silvia-odwyer/photon-node": "^0.3.4",
--- a/scripts/bump-version.mjs
+++ b/scripts/bump-version.mjs
@ -37,3 +37,8 @@ execSync("node native/scripts/sync-platform-versions.cjs", { cwd: root, stdio: "

 // 4. Sync pkg/package.json (reads from pi-coding-agent)
 execSync("node scripts/sync-pkg-version.cjs", { cwd: root, stdio: "inherit" });
+
+// 5. Regenerate package-lock.json to match the new version.
+//    --package-lock-only updates the lockfile in-place without touching node_modules.
+execSync("npm install --package-lock-only", { cwd: root, stdio: "inherit" });
+console.log(`[bump-version] package-lock.json regenerated at ${newVersion}`);