fix: correctly pick npm-lock-v2 pkg version and prune within subtrees only

[JamesPatrickGill]

What this does

There are two fixes in this PR:

1. Fixed a bug in the choosing of a child node key which did not respect the already determined possible keys.
2. Scoped pruning to the subtrees of top level dependencies so that we don't lose context.

[JamesPatrickGill]

Closing as separated fixes out into their own PRs https://github.com/snyk/nodejs-lockfile-parser/pull/208