Vendor directory combined with an empty composer file.

[ulftietze]

Issue Description:
Currently, Deptrac's composer.json file does not list any dependencies. Instead, all necessary dependencies are included directly within the vendor directory and are version-controlled within the git repository. This approach has an unintended side effect: running composer install on the project leads to the deletion of the entire vendor directory. This is because Composer, recognizing no dependencies are declared in composer.json, assumes no packages need to be installed and thus clears the existing vendor directory.

Impact:
This behavior could disrupt development workflows and might lead to inconsistencies or errors, especially for new contributors or when updating dependencies. Moreover, for a tool dedicated to maintaining clean and manageable architectures, having dependencies checked into version control somewhat contradicts the principle of dependency management best practices.

Suggested Improvement:
It would be beneficial to manage dependencies via Composer by declaring them in composer.json. This change would leverage Composer’s ability to handle dependency resolution and ensure that the vendor directory is managed in a conventional manner, reducing the risk of accidental deletions and improving overall project maintainability.

[gennadigennadigennadi]

@ulftietze Thank you for your afford.

The current documentation is really rough around the edges.

This is not the development, but the distribution repository. Therefore please don't use it as one, instead jump over to qossmic/deptrac-src (I just updated the documentation ;-)).

The vendor directory contains deptracs scoped dependencies and it has it's specific purpose.