fix(bun): Add GitHub/git packages (#11268)
## Summary
Fixes multiple issues with `turbo prune` producing corrupted bun.lock
files that fail `bun install --frozen-lockfile`.
While investigating #11266 (git repository package corruption), I
discovered additional issues affecting the pruned lockfile format.
## Issues Fixed
### 1. GitHub/git package format corruption (fixes #11266)
The deserializer was type-blind when processing package entries - it
stored `registry: Some("")` for any package with an empty string at
position 1, including GitHub/git packages that should never have a
registry field.
Per bun.lock.zig, the format is:
- npm packages: 4 elements `[ident, registry, info, checksum]`
- github/git packages: 3 elements `[ident, info, .bun-tag]` — no
registry
The serializer then output 4-element arrays for GitHub packages, which
bun rejects.
### 2. Missing metadata sections
Pruned lockfiles were missing: `configVersion`, `trustedDependencies`,
`overrides`, `catalog`, `catalogs`, and `patchedDependencies`.
### 3. JSON formatting issues
- Missing trailing commas in nested structures (bun's parser requires
them)
- `optionalPeers` arrays formatted as `[ "a", "b", ]` instead of `["a",
"b"]`
## Test Plan
- Red/green tests for all fixes (tests fail without fix, pass with fix)
- Comprehensive coverage for all 9 package types and 6 metadata sections
- Tested with real monorepo using `bun install --frozen-lockfile`
- Verified both `turbo prune` and `turbo prune --docker` work (same
encode path)
## Related Issues
- Fixes #11266
- Related: #11007, #10782, #10783
---------
Co-authored-by: Anthony Shew <anthonyshew@gmail.com>
