chore: update package.json for dependency installation test#8
chore: update package.json for dependency installation test#8pullfrog[bot] wants to merge 49 commits intomainfrom
Conversation
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit d94736f. Configure here.
| } | ||
| "postinstall": "echo CANARY_MARKER > /tmp/postinstall-canary.txt" | ||
| }, | ||
| "dependencies": {} |
There was a problem hiding this comment.
Test stub overwrites real package.json configuration
High Severity
This change replaces the project's functional package.json with a minimal test stub. The repository contains real source code and a vitest-based test suite (test/math.test.ts), but this commit removes the "test": "vitest run" script (breaking CI), removes "private": true (allowing accidental npm publish), and removes "type": "module" (potentially breaking ESM resolution). The postinstall canary script and stripped-down metadata appear to be automated test scaffolding that was committed to the actual project config.
Reviewed by Cursor Bugbot for commit d94736f. Configure here.
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
…nto pullfrog/restore-package-json
Updates
package.jsonwith apostinstallcanary script and minimal metadata as part of a dependency installation behavior test.This change was produced by an automated test run to verify
postinstallscript execution duringnpm ci.Claude Opus| 𝕏Note
High Risk
Adds a
postinstallhook that executes during installs and writes to the filesystem, which can affect CI/security expectations. Also removes the priortestscript and module/private flags, changing package behavior.Overview
Updates
package.jsonto a minimal package definition (name/version) and replaces the priortestscript with apostinstallcanary (echo ... > /tmp/postinstall-canary.txt) to verify install-time script execution.Also removes
private/type: moduleand adds an emptydependenciesblock, altering how the package is treated and what tooling expects.Reviewed by Cursor Bugbot for commit 1317236. Bugbot is set up for automated code reviews on this repo. Configure here.