intent stale returns null currentVersion for private/scoped packages

[RazorAlexMachin]

Bug Report

TanStack Intent version: v0.0.23
Runtime: Node.js v24.x
Package manager: npm v10.x

Description

Running intent stale --json in a monorepo with private scoped packages (published to GitHub Packages) returns currentVersion: null for every package, preventing version drift detection from working.

Root cause: fetchNpmVersion() in staleness.ts hardcodes https://registry.npmjs.org/ — any package not on the public npm registry returns a 404, silently breaking drift detection.

Steps to reproduce

1. Create a package with tanstack-intent keyword and skills/ directory
2. Add library_version to skill frontmatter
3. Publish to a private registry (GitHub Packages, Artifactory, etc.)
4. Run npx @tanstack/intent@latest stale --json
5. Observe currentVersion: null and versionDrift: null

Expected: currentVersion should reflect the package's actual version. Since checkStaleness already receives packageDir, reading the local package.json version would work for both maintainer workspaces and consumer node_modules.

Minimal Reproducible Example

Any package scoped to a private registry (e.g. @myorg/my-lib on GitHub Packages). The fetchNpmVersion function always queries registry.npmjs.org, which returns 404 for packages not published there.

Additional context

I noticed #102 fixes monorepo path resolution for stale — this is the complementary fix for version resolution. I am also opening a PR with a suggested fix that reads the local package.json version first, falling back to the npm registry.

Two related documentation gaps worth noting (separate from this fix):

1. library_version is the expected frontmatter field for drift detection but is not documented in the maintainer quick-start guide
2. sync-state.json is read by the staleness checker but no CLI command generates it, so source-level staleness tracking does not function yet