feat: version update in package-lock.json

[Sec-ant]

Description

should also update packages[""].version in package-lock.json.

Linked Issues

Additional context

https://docs.npmjs.com/cli/v10/configuring-npm/package-lock-json#packages

[antfu]

I am not so sure. I honestly think they shouldn't put the version in the lock - but anyway, isn't that you are supposed to run npm i after bumping the versions - in which you should have the lock updated as well?

[Sec-ant]

isn't that you are supposed to run npm i after bumping the versions

I've been doing exactly this before I decided to use this tool.

npm i will update these two values together. bumpp already bumps the version field in package-lock.json, I see no reason to exclude packages[""].version?

And the default behavior of bumpp doesn't give me an opportunity to run npm i before I commit and push. I love the default commit message and tags so this packages[""].version thing is the only part that I need for a one-pass solution without further configuration.