### What does this PR do?
fixes#7157, fixes#14662
migrates pnpm-workspace.yaml data to package.json & converts
pnpm-lock.yml to bun.lock
---
### How did you verify your code works?
manually, tests and real world examples
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Dylan Conway <dylan.conway567@gmail.com>
## Summary
Fixes index out of bounds panic in `PackageJSONEditor` when removing
duplicate trusted dependencies.
The issue occurred when iterating over
`trusted_deps_to_add_to_package_json.items` with a `for` loop and
calling `swapRemove()` during iteration. The `for` loop captures the
array length at the start, but `swapRemove()` modifies the array length,
causing the loop to access indices that are now out of bounds.
## Root Cause
In `PackageJSONEditor.zig:408`, the code was:
```zig
for (manager.trusted_deps_to_add_to_package_json.items, 0..) |trusted_package_name, i| {
// ... find duplicate logic ...
allocator.free(manager.trusted_deps_to_add_to_package_json.swapRemove(i));
}
```
When `swapRemove(i)` is called, it removes the element and decreases the
array length, but the `for` loop continues with the original captured
length, leading to index out of bounds.
## Solution
Changed to iterate backwards using a `while` loop:
```zig
var i: usize = manager.trusted_deps_to_add_to_package_json.items.len;
while (i > 0) {
i -= 1;
// ... same logic ...
allocator.free(manager.trusted_deps_to_add_to_package_json.swapRemove(i));
}
```
Backwards iteration is safe because removing elements doesn't affect
indices we haven't processed yet.
## Test Plan
Manually tested the reproduction case:
```bash
# This command previously panicked, now works
bun install -g --trust @google/gemini-cli
```
Fixes#22261🤖 Generated with [Claude Code](https://claude.ai/code)
Co-authored-by: Claude Bot <claude-bot@bun.sh>
Co-authored-by: Claude <noreply@anthropic.com>
Replace `catch bun.outOfMemory()`, which can accidentally catch
non-OOM-related errors, with either `bun.handleOom` or a manual `catch
|err| switch (err)`.
(For internal tracking: fixes STAB-1070)
---------
Co-authored-by: Dylan Conway <dylan.conway567@gmail.com>
