Skip to content

fix: sync npm package version and prevent root publish#67

Open
lacymorrow wants to merge 1 commit into
mainfrom
fix/npm-bin-field-sync
Open

fix: sync npm package version and prevent root publish#67
lacymorrow wants to merge 1 commit into
mainfrom
fix/npm-bin-field-sync

Conversation

@lacymorrow

@lacymorrow lacymorrow commented May 23, 2026

Copy link
Copy Markdown
Owner

Summary

  • Root cause: Releases v1.8.12-v1.8.15 were published from the repo root instead of packages/lacy/, so the published npm package had no bin field, causing npx lacy to fail with "could not determine executable to run"
  • Fix: Sync packages/lacy/package.json version to 1.8.15, update bin/lacy VERSION_FALLBACK, and add "private": true to root package.json to prevent accidental root publishes in the future
  • After merge: A new release (v1.8.16) must be published using bun run release so the npm package gets the correct bin field from packages/lacy/

Fixes LAC-2055. Related: LAC-1963.

Test plan

  • Merge this PR
  • Run bun run release patch to publish v1.8.16 from the correct directory
  • Verify npx lacy works: npm view lacy@latest bin should show { lacy: "index.mjs" }
  • Verify npm publish from root fails with "private" error (safeguard)

@lacymorrow
fix: sync npm package version and prevent root publish
2190195 
Releases v1.8.12-v1.8.15 were published from the root directory instead
of packages/lacy/, so the published npm package had no bin field, causing
"could not determine executable to run" on npx lacy.

- Sync packages/lacy/package.json version to 1.8.15
- Sync packages/lacy/package-lock.json version
- Update bin/lacy VERSION_FALLBACK to 1.8.15
- Add "private": true to root package.json to prevent future accidental
  publishes from root (npm publish from root will now error)
gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 23, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the project version to 1.8.15 across several files, including the shell script fallback and package manifests, while also marking the root package as private. Feedback identifies that the package-lock.json was previously significantly out of sync with the package version, suggesting that the release automation script should be updated to ensure lockfiles are correctly synchronized during future releases.

Comment thread packages/lacy/package-lock.json
{
"name": "lacy",
"version": "1.7.2",
"version": "1.8.15",

@gemini-code-assist gemini-code-assist Bot May 23, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The lockfile was significantly out of sync with the package version (1.7.2 vs 1.8.11). This suggests that the release automation in script/release.ts is manually updating package.json files but omitting the corresponding package-lock.json updates. To prevent future drift, the release script should be updated to either use npm version or explicitly update and stage the lockfiles during the release process.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer
@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments
Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lacymorrow