✨ Add support for project license auditing

[Nicoretti]

Summary

Add support to scan the project(s) license compliance.

Details

Make sure to distinguish or build/dev dependencies etc from the dependencies used by the library/application.

Background & Context

Adding such a nox target will simplify validation of appropriate dependency usage in regard to the project(s) and their licenses.

References

• pip-licenses
• Is a program that forks a GPL-licensed program via a system or vice versa call derivative work?
• License compatibility
• Open Source Licenses and their Compatibility
• License Compatibility and Relicensing
• license-list

Task(s)

- [x] Reconsider/Evaluate license used for toolbox and/or it's dependencies
- [x] Add nox target for checking the license compliance
- [x] Add configuration settings, so each project can specify allowed list
- [ ] Add license auditing to CI
- [ ] Add test(s)
- [ ] Update documentation
- [ ] Update changelog

[Nicoretti]

Reconsider/Evaluate license used for toolbox and/or it's dependencies

@tkilias and @Nicoretti concluded to keep MIT license. Based on the following reasoning:

• The toolkit should not push a less permissive license downstream
• Pylint is only used as CLI (and mostly in dev builds)
  • Additionally it could be marked as optional/extra dependency, so the users of the library need to opt-in
  • Pylint could be replaced e.g. by a less permissive alternative like ruff so the reasoning about the required license is more straight forward
• Prysk needs to be clearly separated as development dependency