Shared dependency version cannot be resolved if installed at root of a monorepo

Describe the bug

A common workspace monorepo pattern is to have common, most or all dependencies installed at a root level package.json while still having a package.json in the workspace of each project.

/monorepo
├── package.json        <---------- "lib1" dependency defined here
├── apps
│   ├── app1
│   │   ├── package.json
│   │   ├── node_modules
│   │   ├── webpack.config.js     <-------- "lib1" added to "shared" configuration here
│   │   └── src
│   │       ├── index.js
│   │       └── ...
│   └── app2
│       ├── package.json
│       ├── node_modules
│   │   ├── webpack.config.js
│       └── src
│           ├── index.js
│           └── ...
└── node_modules

If app1 defines a shared dependency that is installed via the root package.json but does not provide a requiredVersion, the SharePlugin will only look at the package.json in the app1 directory and throw an error when it cannot find it listed.

This issue can be seen HERE when a nested NextJS application is using the @module-federation/nextjs-mf plugin. next is installed as a dependency at the root of the monorepo, but the DEFAULT_SHARE_SCOPE sets requiredVersion: undefined for the internals. The plugin only searches the nearest package.json and never finds the correct version defined in the root package.json

Reproduction

https://github.com/robdonn/nested-shared-example

Used Package Manager

pnpm

System Info

n/a

Validations

[X] Read the docs.
[X] Read the common issues list.
[X] Check that there isn't already an issue that reports the same bug to avoid creating a duplicate.
[X] Make sure this is a Module federation issue and not a framework-specific issue.
[X] The provided reproduction is a minimal reproducible example of the bug.

module-federation / core