chore: test dependency installation canary

[pullfrog]

Temporary PR created to preserve working tree changes from a dependency installation test run.

The package.json was modified as part of testing postinstall script execution behavior — specifically, whether npm ci --ignore-scripts suppresses lifecycle scripts (it does).

  ^{｜ Triggered by Pullfrog ｜ Using Claude Opus ｜ 𝕏}

---

Note

Medium Risk
Adds an install-time script with filesystem side effects, which can affect CI/dev environments and is potentially sensitive if copied into real packages.

Overview
Updates package.json to turn the project into a versioned package and add a postinstall canary script that writes CANARY_MARKER to /tmp/postinstall-canary.txt, replacing the previous vitest test script and removing private/type: module metadata.

This effectively makes installs run a detectable side-effect for dependency-installation/lifecycle-script behavior testing.

^{Reviewed by Cursor Bugbot for commit f727576. Bugbot is set up for automated code reviews on this repo. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 677be62. Configure here.}

[cursor]

Test debugging changes accidentally committed to package.json

High Severity

The entire package.json has been replaced with a temporary test configuration. The postinstall script writing a canary marker to /tmp is a debugging artifact. The removal of "private": true risks accidental npm publication, the removal of "type": "module" can break ESM resolution, and the removal of the "test": "vitest run" script breaks the existing test suite in test/math.test.ts. The PR description itself confirms these are temporary working tree changes from a test run.

 

^{Reviewed by Cursor Bugbot for commit 677be62. Configure here.}