Supporting user-defined license references

[lumaxis]

Today, ClearlyDefined's tooling only supports licenses that are part of the standardized SPDX License List. If a package's license is not on that list and e.g. ScanCode outputs a user-defined license ref in the format of LicenseRef-*, ClearlyDefined's processing will result in NOASSERTION.

We could fairly trivially add support for this on the code-level I believe but I think it warrants a larger discussion to see if ClearlyDefined want to support licenses that are not on the SPDX License List.

References:

• https://spdx.github.io/spdx-spec/v2.3/other-licensing-information-detected/
• https://spdx.github.io/spdx-spec/v2.3/SPDX-license-expressions/

[lumaxis]

Looks like there has been a bit of previous discussion on this topic in #1008

[elrayle]

See also #1008 which has additional information. These issues should probably be combined as they are essentially dups.

[elrayle]

Closing as Dup of #1008. Copied description to a comment in that issue.