[registry api] Allow uploading a package.json file to get dependency upgrade suggestions

[remyrylan]

It would be fantastic if there were an endpoint in the registry API to allow uploading a package.json (and optionally a package-lock.json) that would return a payload of update suggestions.

Tools such as npm-check, and Yarn's interactive upgrade command currently implement their own upgrade suggestion logic and are limited to issuing multiple requests with huge packument responses to fetch all the available upgrades.

This proposed endpoint would allow all ecosystem tools (including the outdated command in the npm CLI) to simplify the request and ensure the accuracy of upgrade suggestions.

The response payload could look something like this:
(Notice the retaining of the SemVer operator).

{
  "dependencies": {
    "redux": {
      "current": "^4.0.0",
      "latest": "^5.0.0",
      "wanted": "^4.10.0"
    }
  },
  "devDependencies": {
    "typescript": {
      "current": "^3.0.0",
      "latest": "^4.1.0",
      "wanted": "^3.10.0"
    }
  },
  "peerDependencies": {
    "react": {
      "current": "^16.0.0",
      "expanded": "^16.0.0 || ^17.0.0",
      "latest": "^17.0.0"
    }
  }
}

One of the most useful things here is that it could automatically return suggested peer dependency range expansions.