bun-lockfile-update

# Bun Lockfile Update

Comprehensive guidance for updating Bun lockfiles (`bun.lockb`) with proper dependency management practices.

## When to Use

Use this skill automatically when:
- User requests lockfile update or dependency refresh
- User mentions outdated dependencies or security vulnerabilities
- User wants to update specific packages or all dependencies
- Lockfile conflicts occur during git operations
- User needs to audit or verify dependency integrity

## Core Commands

### Update All Dependencies
```bash
# Update all dependencies to latest versions (respecting semver ranges in package.json)
bun update

# Update all dependencies AND modify package.json to latest versions
bun update --latest
```

### Update Specific Dependencies
```bash
# Update specific package(s) to latest compatible version
bun update <package-name>
bun update <package1> <package2>

# Update specific package to latest version (ignoring semver range)
bun update --latest <package-name>
```

### Regenerate Lockfile
```bash
# Regenerate lockfile from package.json (clean install)
rm bun.lockb
bun install

# Or force regeneration
bun install --force
```

## Update Strategies

### 1. Safe Update (Recommended)
Respects semver ranges in `package.json`:

```bash
# Updates within semver constraints (^1.2.3 → 1.x.x, ~1.2.3 → 1.2.x)
bun update

# Review changes
git diff bun.lockb package.json

# Test thoroughly
bun test
bun run build
```

**When to use:**
- Regular maintenance updates
- CI/CD pipeline updates
- Production deployments
- When stability is priority

### 2. Aggressive Update
Updates to absolute latest versions:

```bash
# Updates AND modifies package.json to latest versions
bun update --latest

# Review ALL changes carefully
git diff bun.lockb package.json

# Test exhaustively (breaking changes likely)
bun test
bun run build
bun run lint
```

**When to use:**
- Major version upgrades
- Modernization efforts
- Security vulnerability fixes requiring latest versions
- Development/experimen