feat: only return false on 404 in hasNpmPackage

[CGA1123]

Currently, if the registry returns anything that is not a 200 status
code this function returns false. In the case where we are trying to
check whether the package associated with a friendly name and the registry
returns a 503 this will result in fetching and installing
the wrong package.

i.e. Doing heroku plugins:install api

• Attempt to see if @heroku-cli/plugin-api exists
• NPM returns 503
• Installs api!!

In this case, this is fairly harmless as that particularly library
doesn't do much. However, it could be used maliciously!

I think it may be better to re-raise the initial error in this scenario if we
can't be sure that the package does not exist.

[salesforce-cla]

Thanks for the contribution! Before we can merge this, we need @CGA1123 to sign the Salesforce.com Contributor License Agreement.

[codecov]

Codecov Report

Merging #96 into master will not change coverage.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master     #96   +/-   ##
======================================
  Coverage    0.00%   0.00%           
======================================
  Files           5       5           
  Lines          93      93           
  Branches       17      17           
======================================
  Misses         93      93           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5ef24a1...2f227fa. Read the comment docs.

[RasPhilCo]

Interestingly - say you wanted to install api right now, you couldn't.

Can you fix the merge conflict and I can merge this?

[CGA1123]

@RasPhilCo Done ✅

[RasPhilCo]

🏄

[CGA1123]

Thanks @RasPhilCo 🚀