fix(npm): read version from package.json instead of hard-coding

The release workflow runs 'npm version $tag' to bump package.json from
the git tag, but install.js had its own hard-coded VERSION = '0.3.0'
constant that nothing was updating. So at release time the package
metadata says (e.g.) 0.4.0 while the postinstall still downloads the
0.3.0 binary archive, silently shipping an older binary to anyone
running 'npm install -g stacklit'.

Reading the version from ./package.json makes that release-time bump
the single source of truth. No new dependency, no extra release step,
and the version stays correct for pre-releases ('0.4.0-beta.1' style)
since goreleaser uses the same scheme for its archive names.

Author: thegdsks

npm/install.js

@@ -4,7 +4,11 @@ const path = require('path');
 const https = require('https');
 const { execFileSync } = require('child_process');
 
-const VERSION = '0.3.0';
+// Read the version from package.json so the npm publish workflow's
+// `npm version <tag>` bump is the single source of truth. Previously this was
+// a hard-coded constant that drifted from package.json on every release,
+// causing the postinstall to pull an outdated binary archive.
+const VERSION = require('./package.json').version;
 const REPO = 'glincker/stacklit';
 
 const PLATFORM_MAP = {