fix(images): wire fetch-github-images into fetch-data chain

[castrojo]

The fetch-github-images.js script existed but was never added to the fetch-data npm script. As a result, static/data/images.json was never generated during npm start or npm run build, causing the /images page to render blank (the component falls back to an empty product list when the fetch returns 404).

Adds the fetch-github-images script entry and inserts it into the fetch-data chain so images.json is generated on every build and dev server start.

Assisted-by: Claude Sonnet 4.6 via OpenCode

[gemini-code-assist]

Code Review

This pull request adds a new script fetch-github-images to the project and updates the fetch-data command to include it. A critical issue was identified in package-lock.json where the typescript dependency is listed with a non-existent version (6.0.2) and an integrity hash that matches version 5.0.2. This mismatch will cause installation failures and indicates potential manual tampering or a supply chain risk, requiring the lockfile to be regenerated.

[gemini-code-assist]

The typescript package entry in package-lock.json contains a critical inconsistency. The version is listed as 6.0.2 (which does not exist in the official npm registry), yet the integrity hash (sha512-bGdAIr...) corresponds to version 5.0.2. This mismatch will cause npm install to fail with an integrity check error. Furthermore, using a non-existent version of a core dependency from the public registry is a strong indicator of a potential supply chain attack or manual tampering. Please revert any manual edits to the lockfile and regenerate it by running npm install to ensure all dependencies are correctly resolved and verified.