It seems to me that a lot of use cases where people ask for package private accessibility what they want/need is actually friend declarations (give access to a much smaller set of types. None of the use cases needs package that is broader than internal (which Java’s package accessibility actually is).
File private (which is provided by Kotlin) covers most of the friend needs. For those methods that are “safe” but should not be part of the API internal visibility works well. For those methods that are not safe if not used carefully, you want all code that manipulates that to be in the same file and certainly not visible to random other files/classes in the same module. That only really leaves the testing of these unsafe methods. This is not really any other problem than testing private methods in general with the exception that now private can be multiple types that live in the same file.