I am developing a new revolutionary web application for the enterprise market. Sure, many before me thought that their web app would be revolutionary only to find out it isn't. (Or it is, but the business is not good anyway).
So I'm am thinking, in order to find out if my idea has any traction with the lowest cost, to follow an extreme YAGNI:
No security features (i.e., no users, etc). For any new customer I install a new database instance and a new webapp instance. Each webapp instance is protected by a http server password (digest or basic authorization, perhaps over https).
No internationalization. Just english string embedded in the source code.
No decoupling. Just webpages that talk to the database.
No performance tricks. No queues, caches, timers, background jobs, asynchronous calls, etc.
No scalability. No database partitioning, no shards, no clustering or replication.
Additionally, use YAGNI at the micro level whenever suitable.
I just want to start the project and reach as fast as possible a point where I can sell (or try to sell) my innovative features with a simple and engaging UI.
If the plan fails, I will know early. If it succeeds, I will see what customers want then. Do they want a french version? Or do they want users and roles within the organization?
Is this what people mean by YAGNI, or is this a pathological and exagerated example of YAGNI?
I wholeheartedly agree with the YAGNI principle, but you still want to plan for success. If an application needs a complete rewrite when it suddenly has more than ten users, then it's YAGNI taken too far.
Some things You Are Gonna Need. From my perspective, the two most important points:
Don't shoot yourself in the foot by not preparing your app for internationalization. If your application is any good, internationalization is going to be on the table one day. Also, the ability to handle foreign characters by using UTF-8 is an absolute requirement when building an application from scratch in 2010. Internationalization may seem not that important to an english native speaker, but believe me, it is essential and the pain of internationalizing an application later is horrible.
Think twice about the no security features thing. What about an organization or group that wants to work with your app with users on different security levels. It could be that this is a feature you can really do without - I have a fine-grained security system built into many of my products that has never been used to its full potential yet. But think well about whether your specific application can do without, even if it is successful.