Display separate error for packages fixed on GitHub but not on npm

[RichardLitt]

Many of these packages have been fixed on GitHub, but have not been pushed in a new version (or patch) to npm. We can probably get these by checking the most recent github version of the package.json for the final ones we catch here.

[kemitchell]

Yes, there are many. docopt is particularly close to my heart.

Unfortunately, things on GitHub don't do anyone any good when they download and audit tarballs from npm. We need those folks to publish.

[RichardLitt]

Agreed; what I mean is, instead of just saying 'Fix this', instead have a different icon which says, 'Suggest that the owner up their version number' or something else, for the purpose of helping people on npm1k know that they don't need to submit another PR for a license change.