Add workflow to validate dependencies against defined rules #93
Description
Sparked by openedx/paragon#2240
We have run into issues with edx specific packages being added as dependencies. The specific example mentioned in the Paragon issue was @edx/brand (as opposed to @edx/brand-openedx)
Ideally this would support both org-wide and repo-specific rules for package allow/block lists.
In order to address this across the entire org, it was decided that adding a workflow to this .github repository (and using repo_checks to ensure it's added to the appropriate repositories) would be the ideal path forward.
This has some overlap with openedx/edx-platform#33189 which is probably also worth looking at for detecting python dependencies in the wrong org.