From cab75056729465e60fd714d84e73f1eb50b92bc9 Mon Sep 17 00:00:00 2001
From: Marc Cataford <mcat@riseup.net>
Date: Thu, 13 Apr 2023 21:40:30 -0400
Subject: [PATCH] docs: adr-0001 nodeps + ci check (#19)

* docs: adr-0001 nodeps + ci check

* ci: add check
---
 .github/workflows/nodejs.yml             |  7 +++++++
 architecture/adr-0001-no-dependencies.md | 16 ++++++++++++++++
 script/check-deps                        | 10 ++++++++++
 3 files changed, 33 insertions(+)
 create mode 100644 architecture/adr-0001-no-dependencies.md
 create mode 100644 script/check-deps

diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml
index bb07b8c..6478b8f 100644
--- a/.github/workflows/nodejs.yml
+++ b/.github/workflows/nodejs.yml
@@ -6,6 +6,13 @@ on:
     branches: [main]
 
 jobs:
+  adr-0001-depcheck:
+    name: No-dependencies check
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - run: . ./script/check-deps
+
   dependencies:
     runs-on: ubuntu-latest
 
diff --git a/architecture/adr-0001-no-dependencies.md b/architecture/adr-0001-no-dependencies.md
new file mode 100644
index 0000000..de535a4
--- /dev/null
+++ b/architecture/adr-0001-no-dependencies.md
@@ -0,0 +1,16 @@
+# ADR 1 - No production dependencies
+---
+
+# Decision
+
+The project should have no production dependencies that users need to install for core functionality to work.
+
+Some optional peer dependencies are acceptable (i.e. the project installing `womm` might need to install `typescript` to support Typescript tests, etc.). These should not be bundled with `womm`.
+
+Development dependencies should be kept to a minimum and each one present should be thoroughly justified.
+
+# Rationale
+
+The NodeJS ecosystem is too trigger-happy with `npm install` and `yarn add`. Even basic applications quickly end up requiring tens of packages to be shipped to users. A lot of those packages being maintained (or not) by the community, this means that ensuring that the downstream dependency of a project can quickly become a major concern.
+
+The best way to ensure that things are becoming stale is to depend on less, and depending on nothing than the standard library is best.
diff --git a/script/check-deps b/script/check-deps
new file mode 100644
index 0000000..6cb4644
--- /dev/null
+++ b/script/check-deps
@@ -0,0 +1,10 @@
+#!/usr/bin/bash
+
+# This check enforces ADR 0001 - the project should not have dependencies.
+
+DEPENDENCIES=$(cat package.json | jq .dependencies -cr)
+
+if [[ $DEPENDENCIES != "null" ]]; then
+    echo "This project should have no dependencies."
+    exit 1;
+fi