next-codemod(upgrade): warn peer dependencies not met (#71693)

### Why?

After the upgrade, there might be an incompatibility with the
`peerDependencies` of the existing dependencies. Therefore, we run a
check for it to warn the user at the end of the upgrade.

## Testing Plan

### Unmet Peer Dependencies with Range and Prerelease

```
pnpm test:upgrade-fixture bin/__testfixtures__/peer-dep-out-of-range
```

CLI output includes:
```
⚠ Found 2 dependencies that seem incompatible with the upgraded package versions.
You may have to update these packages to their latest version or file an issue to ask for support of the upgraded libraries.
unmet-prerelease 0.0.1
  ├── incompatible with [email protected]
  └── incompatible with [email protected]
unmet-range 0.0.1
  ├── incompatible with [email protected]
  └── incompatible with [email protected]
```

Closes NDX-382

---------

Co-authored-by: Sebastian "Sebbie" Silbermann <[email protected]>

Author: devjiwonchoi

packages/next-codemod/bin/__testfixtures__/peer-dep-out-of-range/README.md

@@ -0,0 +1,12 @@
+default should print
+
+```bash
+⚠ Found 2 dependencies that seem incompatible with the upgraded package versions.
+You may have to update these packages to their latest version or file an issue to ask for support of the upgraded libraries.
+unmet-prerelease 0.0.1
+  ├── ✕ unmet peer react@"^18.2.0 || 19.0.0-rc-aaaaaaaa-20240101": found 19.0.0-rc-7c8e5e7a-20241101
+  └── ✕ unmet peer react-dom@"^18.2.0 || 19.0.0-rc-aaaaaaaa-20240101": found 19.0.0-rc-7c8e5e7a-20241101
+unmet-range 0.0.1
+  ├── ✕ unmet peer react@"^18.0.0 || ^19.0.0": found 19.0.0-rc-7c8e5e7a-20241101
+  └── ✕ unmet peer react-dom@"< 19": found 19.0.0-rc-7c8e5e7a-20241101
+```

packages/next-codemod/bin/__testfixtures__/peer-dep-out-of-range/met-range/package.json

@@ -0,0 +1,7 @@
+{
+  "name": "met-range",
+  "peerDependencies": {
+    "react": "^18.0.0 || ^19.0.0-rc.0",
+    "react-dom": "^19.0.0-rc.0"
+  }
+}

packages/next-codemod/bin/__testfixtures__/peer-dep-out-of-range/met-range/pnpm-workspace.yaml

@@ -0,0 +1,13 @@
+{
+  "name": "peer-dep-out-of-range",
+  "scripts": {
+    "dev": "next dev --turbopack"
+  },
+  "dependencies": {
+    "next": "15.0.0-canary.0",
+    "react": "19.0.0-rc-f994737d14-20240522",
+    "react-dom": "19.0.0-rc-f994737d14-20240522",
+    "unmet-prerelease": "file:./unmet-prerelease",
+    "unmet-range": "file:./unmet-range"
+  }
+}

packages/next-codemod/bin/__testfixtures__/peer-dep-out-of-range/package.json

@@ -0,0 +1,8 @@
+{
+  "name": "unmet-prerelease",
+  "version": "0.0.1",
+  "peerDependencies": {
+    "react": "^18.2.0 || 19.0.0-rc-aaaaaaaa-20240101",
+    "react-dom": "^18.2.0 || 19.0.0-rc-aaaaaaaa-20240101"
+  }
+}

packages/next-codemod/bin/__testfixtures__/peer-dep-out-of-range/unmet-prerelease/package.json

@@ -0,0 +1,8 @@
+{
+  "name": "unmet-range",
+  "version": "0.0.1",
+  "peerDependencies": {
+    "react": "^18.0.0 || ^19.0.0",
+    "react-dom": "< 19"
+  }
+}

packages/next-codemod/bin/__testfixtures__/peer-dep-out-of-range/unmet-range/package.json

@@ -1,7 +1,10 @@
 import * as os from 'os'
 import prompts from 'prompts'
 import fs from 'fs'
-import compareVersions from 'semver/functions/compare'
+import {
+  satisfies as satisfiesVersionRange,
+  compare as compareVersions,
+} from 'semver'
 import { execSync } from 'child_process'
 import path from 'path'
 import pc from 'picocolors'
@@ -306,7 +309,7 @@ export async function runUpgrade(
   }
 
   console.log(
-    `Upgrading your project to ${pc.blue('Next.js ' + targetNextVersion)}...\n`
+    `Upgrading your project to ${pc.blue('Next.js ' + targetNextVersion)}...`
   )
 
   for (const [dep, version] of dependenciesToInstall) {
@@ -323,7 +326,7 @@ export async function runUpgrade(
       os.EOL
   )
 
-  runInstallation(packageManager)
+  runInstallation(packageManager, { cwd })
 
   for (const codemod of codemods) {
     await runTransform(codemod, cwd, { force: true, verbose })
@@ -353,6 +356,9 @@ export async function runUpgrade(
   if (codemods.length > 0) {
     console.log(`${pc.green('✔')} Codemods have been applied successfully.`)
   }
+
+  warnDependenciesOutOfRange(appPackageJson, versionMapping)
+
   endMessage()
 }
 
@@ -633,3 +639,96 @@ function writeOverridesField(
     }
   }
 }
+
+function warnDependenciesOutOfRange(
+  appPackageJson: any,
+  versionMapping: Record<string, { version: string; required: boolean }>
+) {
+  const allDirectDependencies = {
+    ...appPackageJson.dependencies,
+    ...appPackageJson.devDependencies,
+  }
+
+  const dependenciesOutOfRange = new Map<
+    string,
+    {
+      [dependency: string]: {
+        currentVersion: string
+        expectedVersionRange: string
+      }
+    }
+  >()
+
+  const resolvedDependencyVersions = new Map<string, string>()
+  for (const dependency of Object.keys(allDirectDependencies)) {
+    let pkgJson
+
+    // TODO: Asking package manager for the installed version is most robust e.g. `pnpm why ${dependency}`
+    // require.resolve(`${dependency}/package.json`, { paths: [cwd] }) results in previously installed version being used in PNPM
+    let pkgJsonFromNodeModules
+    try {
+      pkgJsonFromNodeModules = path.join(
+        cwd,
+        'node_modules',
+        dependency,
+        'package.json'
+      )
+
+      pkgJson = JSON.parse(fs.readFileSync(pkgJsonFromNodeModules, 'utf8'))
+    } catch {
+      console.warn(
+        `${pc.yellow('⚠')} Could not find package.json for dependency "${dependency}" at "${pkgJsonFromNodeModules}". This may affect peer dependency checks.`
+      )
+      continue
+    }
+
+    resolvedDependencyVersions.set(dependency, pkgJson.version)
+
+    if ('peerDependencies' in pkgJson) {
+      const peerDeps = pkgJson.peerDependencies
+      const peerDepsNames = Object.keys(peerDeps)
+      const depsToCheck = Object.keys(versionMapping).filter(
+        (versionMappingKey) => peerDepsNames.includes(versionMappingKey)
+      )
+
+      for (const depName of depsToCheck) {
+        const expectedVersionRange = peerDeps[depName]
+        const { version: currentVersion } = versionMapping[depName]
+        if (
+          !satisfiesVersionRange(currentVersion, expectedVersionRange, {
+            includePrerelease: true,
+          })
+        ) {
+          dependenciesOutOfRange.set(dependency, {
+            ...dependenciesOutOfRange.get(dependency),
+            [depName]: {
+              currentVersion,
+              expectedVersionRange,
+            },
+          })
+        }
+      }
+    }
+  }
+
+  const size = dependenciesOutOfRange.size
+  if (size > 0) {
+    console.log(
+      `${pc.yellow('⚠')} Found ${size} ${
+        size === 1 ? 'dependency' : 'dependencies'
+      } that seem incompatible with the upgraded package versions.\n` +
+        'You may have to update these packages to their latest version or file an issue to ask for support of the upgraded libraries.'
+    )
+    dependenciesOutOfRange.forEach((deps, packageName) => {
+      console.log(
+        `${packageName} ${pc.gray(resolvedDependencyVersions.get(packageName))}`
+      )
+      Object.entries(deps).forEach(([depName, value], index, depsArray) => {
+        const prefix = index === depsArray.length - 1 ? '  └── ' : '  ├── '
+        console.log(
+          `${prefix}${pc.yellow('✕ unmet peer')} ${depName}@"${value.expectedVersionRange}": found ${value.currentVersion}`
+        )
+      })
+    })
+  }
+}

packages/next-codemod/bin/upgrade.ts

@@ -107,9 +107,13 @@ export function installPackages(
   }
 }
 
-export function runInstallation(packageManager: PackageManager) {
+export function runInstallation(
+  packageManager: PackageManager,
+  options: { cwd: string }
+) {
   try {
     execa.sync(packageManager, ['install'], {
+      cwd: options.cwd,
       stdio: 'inherit',
       shell: true,
     })