[Bug]: @guardian/braze-components peer dependency mismatch

[cemms1]

What happened?

There are a number of peer dependency mismatches in DCR for @guardian/braze-components

├─┬ @guardian/braze-components 16.3.0
│ ├── ✕ unmet peer @guardian/libs@^15.1.0: found 16.0.0
│ ├── ✕ unmet peer @guardian/source-foundations@^12.0.0: found 14.1.2
│ ├── ✕ unmet peer @guardian/source-react-components@^15.0.1: found 18.0.0
│ └── ✕ unmet peer @guardian/source-react-components-development-kitchen@^13.0.1: found 16.0.0\

Tip

You can check this yourself by running pnpm install --resolution-only

@guardian/tx-engineers please could you update this package to use versions that are compatible with this repo?

What is the impact?

This will soon become a blocker as we want to enforce met peer dependencies in this repo

[tjmw]

Hi @cemms1 thanks for raising, I'll add a card for this to our board and aim to pick it up this week 👍

[tjmw]

Hi @cemms1 I've got a PR open to bump @guardian/braze-components to v17 in which I've updated the peer deps to the latest versions/versions provided by DCR. I've got a question which you might be able to help with: @guardian/braze-components is consumed by both DCR and frontend. In frontend those same peer deps are behind what's on DCR. Frontend currently has:

"@guardian/libs": "^15.6.4",
"@guardian/source-foundations": "^13.2.1",
"@guardian/source-react-components": "^12.0.0",
"@guardian/source-react-components-development-kitchen": "^10.0.1",

So updating braze-components to v17 on frontend will now result in peer dependency warnings because frontend provides versions older than that required by braze-components. It's true that we could broaden braze-components to specify multiple versions as peer dependencies, but that adds some burden to ensure that all these versions are genuinely supported (i.e. ideally we'd be running our tests and stories across multiple permutations of the peer deps, which I think isn't trivial in the JS ecosystem).

I'm happy to take a stab at upgrading these libs on frontend. Do you think it's feasible that these versions could be kept in sync between frontend and DCR going forward?

Thanks!