docs: adr-0001 nodeps + ci check (#19)

* docs: adr-0001 nodeps + ci check

* ci: add check

.github/workflows/nodejs.yml

@@ -6,6 +6,13 @@ on:
     branches: [main]
 
 jobs:
+  adr-0001-depcheck:
+    name: No-dependencies check
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - run: . ./script/check-deps
+
   dependencies:
     runs-on: ubuntu-latest
 

architecture/adr-0001-no-dependencies.md

@@ -0,0 +1,16 @@
+# ADR 1 - No production dependencies
+---
+
+# Decision
+
+The project should have no production dependencies that users need to install for core functionality to work.
+
+Some optional peer dependencies are acceptable (i.e. the project installing `womm` might need to install `typescript` to support Typescript tests, etc.). These should not be bundled with `womm`.
+
+Development dependencies should be kept to a minimum and each one present should be thoroughly justified.
+
+# Rationale
+
+The NodeJS ecosystem is too trigger-happy with `npm install` and `yarn add`. Even basic applications quickly end up requiring tens of packages to be shipped to users. A lot of those packages being maintained (or not) by the community, this means that ensuring that the downstream dependency of a project can quickly become a major concern.
+
+The best way to ensure that things are becoming stale is to depend on less, and depending on nothing than the standard library is best.

script/check-deps

@@ -0,0 +1,10 @@
+#!/usr/bin/bash
+
+# This check enforces ADR 0001 - the project should not have dependencies.
+
+DEPENDENCIES=$(cat package.json | jq .dependencies -cr)
+
+if [[ $DEPENDENCIES != "null" ]]; then
+    echo "This project should have no dependencies."
+    exit 1;
+fi