fix(ci): publish resilience + deps:tree fix + GitNexus license correction

[carlos-alm]

Summary

Combines all pending unmerged work from stale branches into one PR.

• fix(ci): move deps:tree to scripts/gen-deps.cjs — the inline node -e had backticks that sh on Linux interpreted as command substitution (sh: 1: n+t+: not found), and npm ls non-zero exit on ELSPROBLEMS threw in execSync. New script handles both with try/catch.
• fix(ci): make publish idempotent on re-runs — add npm view checks before each platform package publish (skip if already on npm), and gate both publish steps on a check-main output so re-running a partially failed publish doesn't 409.
• fix(ci): validate version input in workflow_dispatch — prevent empty or malformed version overrides.
• docs: fix GitNexus license to PolyForm NC — was incorrectly listed as MIT. Add "Commercial use allowed" row to README feature comparison table.

Branches superseded by this PR

• fix/publish-resilience (fix(ci): fix deps:tree publish failure and add publish resilience #35)
• fix/deps-omit-dev
• fix/publish-workflow-dispatch
• docs/add-gitnexus-competitor
• feat/multi-repo-mcp (tagline change skipped — HEAD content is better)

Test plan

• Merge and re-trigger 2.1.0 stable publish via workflow_dispatch
• Verify native packages are skipped ("already published — skipping")
• Verify main @optave/codegraph publishes successfully
• Verify npm run deps:tree works on Linux CI without backtick errors

[greptile-apps]

Greptile Summary

Combines 4 bug fixes and 1 documentation correction:

• CI resilience: workflow now skips already-published packages on re-runs (checks @optave/codegraph first, then per-platform packages), preventing 409 conflicts from partial failures
• Backtick fix: moved deps:tree from inline node -e (which sh interpreted backticks as command substitution) to scripts/gen-deps.cjs with proper error handling for ELSPROBLEMS non-zero exits
• Version validation: workflow_dispatch input now validates semver format and strips v prefix
• License correction: GitNexus was incorrectly listed as MIT — corrected to PolyForm NC (non-commercial) in both README and COMPETITIVE_ANALYSIS.md, plus added "Commercial use allowed" row to feature comparison table

The workflow changes enable safe retries of failed stable releases via workflow_dispatch.

Confidence Score: 4/5

• safe to merge with minor validation suggested
• all changes are well-scoped fixes for real CI issues. the workflow idempotency logic is sound (main package check gates both publish steps, per-platform checks prevent duplicate publishes). the script properly handles npm ls non-zero exits. documentation corrections are factually accurate. one minor check recommended: ensure PACKAGES map stays in sync with build matrix platforms.
• verify .github/workflows/publish.yml PACKAGES map matches build-native matrix exactly

Important Files Changed

Filename	Overview
.github/workflows/publish.yml	Adds version validation, idempotency checks for re-runs, and resilience to partial failures
scripts/gen-deps.cjs	New script to fix backtick command substitution issue and handle npm ls non-zero exits gracefully

_{Last reviewed commit: 73a1e6b}

[greptile-apps]

_{5 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

verify that all 4 platforms in PACKAGES map exactly to the 4 matrix builds in the build-native job. if the matrix changes but PACKAGES doesn't update, publishes could be incomplete.