[BUG] decimal.js false-positive detection in monorepo

[sylver]

Describe the bug

When used in the context of a monorepo (typically with pnpm), since all packages dependencies are hoisted to <root>/node_modules, if any of them has decimal.js in its dependencies (even a nested one), the method getDecimalJSInstalled using require.resolve finds it in the root node_modules and returns true as a false positive (since the module is not actually a dependency of the current package).

A typical tree would be :

<root>/
 |- node_modules/  // `pnpm` hoisting all modules here, including `zod-prisma-types` and `decimal.js`
 |- packages/
 |   |- package-a/
 |   |   |- schema.prisma
 |   |   |- node_modules/ // `zod-prisma-types` installed here
 |   |   
 |   |- package-b/
 |   |   |- node_modules/ // `decimal.js` installed only here, not even as a direct dependency of `package-b`
... ...  ...

Package versions (please complete the following information):

• zod: 3.22.4
• zod-prisma-types: 3.1.6
• prisma: 5.11.0

Additional context

zod-prisma-types/packages/generator/src/utils/getDecimalJSInstalled.ts

Lines 1 to 8 in a34b9f3

	export const getDecimalJSInstalled = () => {
	try {
	require.resolve('decimal.js');
	return true;
	} catch (_e) {
	return false;
	}
	};

The method getDecimalJSInstalled should use a more contained approach to detect if decimal.js module is a dependency of the current package.

Problem is, given the versatile nature of monorepo dependency hoisting and the several options given to the user to set it up, it can become very tricky to know if a given decimal.js package is actually a direct dependency of the current package or not.

I would probably look directly into the current package.json dependencies since that would be the only reliable source of truth in such context.

I can do a PR but first I could use your thoughts on this @chrishoermann