Timeline: surface install-script added/removed events

[JamieMagee]

Describe the feature

The timeline already flags version-to-version changes as sub-events: install size, dependency count, license, etc. I'd like to also surface when a package adds or removes its install scripts (preinstall, install, postinstall).

npm v12, due around July 2026, flips allowScripts to off by default, so dependency install scripts won't run unless you allowlist them. It's already behind warnings in npm 11.16.0+. See the npm v12 breaking changes.

Maintainers are getting ahead of it and dropping install scripts from popular packages. sharp is one example. v0.35.0 removed its install script outright:

• https://github.com/lovell/sharp/releases/tag/v0.35.0
• npm RFC #868 will block this package's install script by default lovell/sharp#4533
• lovell/sharp@e1bad54

npmx already detects install scripts on the package page, but there's no way to see when a package added or removed them.

I'd like to propose adding an installScript sub-event. Removing scripts is a positive event, since the package is shrinking its install-time execution surface and getting ahead of npm v12. Adding them is a negative one, since it's new install-time code that consumers will have to allowlist under v12.

Additional information

• Would you be willing to help implement this feature?

Final checks

• Read the contribution guide.
• Check existing issues.