chore: update package.json for postinstall canary test

[pullfrog]

Captures the package.json modification made during the dependency installation behavior test. The file was updated to test-pkg with a postinstall script as part of the test task.

  ^{｜ via Pullfrog ｜ Using Claude Opus ｜ 𝕏}

---

Note

Low Risk
Test-only package metadata change; postinstall writes a local marker file and does not affect production app logic in this repo.

Overview
Replaces the minimal Vitest-oriented package.json with a test-pkg fixture (1.0.0) aimed at verifying install-time script execution.

The test script is removed and a postinstall script is added that writes CANARY_MARKER to /tmp/postinstall-canary.txt, so tests can detect whether npm install (or equivalent) actually ran lifecycle hooks. private, type: module, and the vitest dev setup are dropped in favor of an empty dependencies object.

^{Reviewed by Cursor Bugbot for commit 88a4172. Bugbot is set up for automated code reviews on this repo. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit d26668d. Configure here.}

[cursor]

Test artifact overwrites production package.json configuration

High Severity

The real package.json has been entirely replaced by a test fixture. This removes "private": true (risking accidental npm publish), removes "type": "module" (breaking ES module resolution for the existing .ts source files), and replaces the "test": "vitest run" script with a postinstall canary that writes to /tmp. The repository still contains real source and test files that depend on the original configuration.

 

^{Reviewed by Cursor Bugbot for commit d26668d. Configure here.}