fix(deps): fix more implicit deps and add linting

[pranavosu]

Description of changes

Fix implicit dependencies for packages (except adapter-nextjs¹, and react-native adjacent²) to better support Yarn Pnp and pnpm.

1. adapter-nextjs ( waiting on chore(aws-amplify/adapter-nextjs): remove extraneous deps #14141 merge into main)
2. RN code needs to be separated from core to make native dependencies explicit. We can't have all consumers of the core package install native deps. Additionaly, RN doesn't support yarn PnP or pnpm so there's less upside

Issue #, if available

Description of how you validated changes

yarn && yarn lint

Checklist

• PR description included
• yarn test passes
• Unit Tests are changed or added
• Relevant documentation is changed or added (and PR referenced)

Checklist for repo maintainers

• Verify E2E tests for existing workflows are working as expected or add E2E tests for newly added workflows
• New source file paths included in this PR have been added to CODEOWNERS, if appropriate

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[cshfang]

Is this strictly necessary?

[pranavosu]

it's not strictly necessary because the @aws-amplify/react-native package has a peer dependency on "react-native": ">=0.70" but it is correct in isolation because this package uses react-native

[cshfang]

I don't think we have this in the web browser package either. Hesitant to use peer deps given the inconsistent behavior we sometimes see with different package managers and it gives us more places to update this when none of the rtn- packages really work in isolation anyway. Just a little scared

[pranavosu]

For some reason I though rtn-web-browser had a peer dep but it's just a dev dep 🤦🏽 I can create a separate PR for that. If these are truly meant to be used with the @amplify-aws/react-native package then there should be no issues adding these peer deps. I haven't seen any in testing 🤞🏽

[cshfang]

Could this cause issues with duplicate cores - e.g. during a MV bump this is forgotten?

[ashika112]

we do this in all our packages already. I dont see how this addition would be any different? 👀

[ashika112]

But answer the actual question, yes. If we miss updating anywhere it will cause duplicate dependencies but i think that is caught in our tests

[cshfang]

I'm a little concerned about adding peer deps in general given their behavior at times but it's a little extra daunting when we have two deps on core here and they're already "mismatched". Should be fine, but I'm jut wondering if we're adding some baggage needlessly.

[pranavosu]

That's fair but it's useful for modern package managers like pnpm, so there is some benefit. I think it's better to not rely on implicit dependencies which could stop working with future versions of npm