Short story: you can use release channels to keep new bundles from hitting old binaries. Each binary will only download code where the release channel matches.
Longer story: I detail how we solve the exact problem you describe by incorporating the build number into our release channels here: How to check compatibility of OTA updates with custom native modules