Aliased dependencies are not linked correctly

### Describe the bug

The npmx interface links to the wrong package when a package specifies a dependency through an alias (e.g., `"foo": "npm:bar@1.2.3"` in package.json) in the "Dependencies" section of the sidebar. See for example `string-width-cjs   npm:string-wi...` in the preview below:

<img width="1031" height="741" alt="Image" src="https://github.com/user-attachments/assets/001d78d9-b348-4166-b465-406cdf1ea5c9" />

which currently links to <https://npmx.dev/package/string-width-cjs> but should link to <https://npmx.dev/package/string-width> per <https://npmx.dev/package-code/@isaacs/cliui/v/8.0.2/package.json#L53>.

### Additional context

Example:

- For <https://npmx.dev/package/@isaacs/cliui/v/8.0.2> the `*-cjs` dependencies link to the wrong package and should instead link to the aliased package.
- Compare that to <https://www.npmjs.com/package/@isaacs/cliui/v/8.0.2?activeTab=dependencies> which only links to the correct dependencies[^1].

[^1]: this appears to be a quite recent change because I definitely remember them linking to the alias-named package not too long ago. See also <https://snyk.io/blog/exploring-extensions-of-dependency-confusion-attacks-via-npm-package-aliasing/>.

### Logs

```shell-script
n/a
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Aliased dependencies are not linked correctly #2010

Describe the bug

Additional context

Logs

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Aliased dependencies are not linked correctly #2010

Description

Describe the bug

Additional context

Logs

Footnotes

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions