pnpm: Aliased packages are incorrectly resolved

Verify latest release

• I verified that the issue exists in the latest pnpm release

pnpm version

9.0.2

Which area(s) of pnpm are affected? (leave empty if unsure)

Dependencies resolver

Link to the code that reproduces this issue or a replay of the bug

No response

Reproduction steps

• Run pnpm add ui-kit@npm:@org/repo@x.x.x, where @org/repo@x.x.x is any private package (the only important thing is to use version which doesn’t match any of existing versions of the public ui-kit package).
• Observe an error complaining that there is no such version of the ui-kit package

Describe the Bug

We have a private package aliased as ui-kit the following way:

"ui-kit": "npm:@org/repo@x.x.x",

After migrating to pnpm 9, installing a new version of any package results in the following error:

ERR_PNPM_NO_MATCHING_VERSION  No matching version found for ui-kit@x.x.x`
This error happened while installing a direct dependency of ...

The latest release of ui-kit is "0.20.10".

If I get it correctly, there’s a public ui-kit package, which has nothing to do with our private one. However pnpm prefers this this package over the private one that we specified in package.json using alias.

Expected Behavior

pnpm should respect aliases and correctly resolve private package without trying to resolve the public one first.

Which Node.js version are you using?

20.12.1

Which operating systems have you used?

• macOS
• Windows
• Linux

If your OS is a Linux based, which one it is? (Include the version if relevant)

No response