[Feature] Allow configuring npmMinimalAgeGate per registry / scope

[nkt]

Describe the user story

As a developer working in a company with private package registries (for example GitHub Packages or an internal corporate npm registry), I often publish internal packages and want to immediately consume them in other internal projects.

However, when using Yarn with npmMinimalAgeGate set globally (e.g. 1440 minutes for supply-chain protection), Yarn blocks installation of freshly published packages from trusted internal registries, treating them the same as untrusted public sources.

This creates friction in a common CI/CD workflow:

• publish internal package to corporate registry
• immediately install and use it in another internal service or frontend

With the current design, Yarn refuses to install these new versions for up to the duration of the age gate, breaking builds and developer workflows.

Describe the solution you'd like

I’d like Yarn to support configuring npmMinimalAgeGate per registry, per scope, or per package source.

For example, something like:

npmMinimalAgeGate: 1440

npmScopes:
  my-corp:
    npmRegistryServer: "https://npm.pkg.mycompany.com"
    npmMinimalAgeGate: 0

Describe the drawbacks of your solution

• Additional complexity in configuration resolution logic.

However, the change is conceptually small and predictable: it simply allows overriding a single numeric config in a more granular way, similar to how npmScopes and npmRegistries already work.

Describe alternatives you've considered

1. Disabling npmMinimalAgeGate entirely

This removes supply-chain protection altogether — unacceptable for many environments.

4. Writing a Yarn plugin

npmMinimalAgeGate is enforced at the core npm resolver level, so a plugin cannot cleanly bypass or override this behavior without forking Yarn.