npm is bundled in Node.js, but it's a standalone project with its
own release cycle and version number. main/nodejs provides LTS
version of Node.js, so it includes old version of npm.

Alpine build tools don't handle subpackages with pkgver different
from the origin pkgver. Thus the current 'npm' subpackage has version
14.16.1-r0 (version of the Node.js) which is confusing, because the
real version of the packaged 'npm' is 6.14.11.

Moreover, npm has gazillion bundled dependencies, so there's a high
risk of security vulnerabilities; using npm bundled in Node.js
quite complicates security patching and requires rebuilding complete
Node.js package.

For these reasons, I think it will be better to split npm into a
separate aport and provide the latest version instead of some arbitrary
version bundled in the Node.js tarball.

Actually, I planned this three years ago (see commit message in
244cc743), but forgot about it.

There's one unpleasant consequence of this change - the latest npm
version is 7.9.0 which is lower than 14.16.1 (version inherited from
nodejs package). Since Alpine doesn't have "epoch" version as e.g.
Fedora, there's nothing I can do about it beside informing the users
(using nodejs.post-upgrade script).