parse license expressions using the spdx crate

[Skgland]

This is an attempt to fix issue sstadick/cargo-bundle-licenses#10

This uses the spdx crate to parse the license expression and extracts the licenses from that parsed expression. Crates.io uses the spdx crate to validate that the license expression is valid: https://github.com/rust-lang/crates.io/blob/87bce69097c486f704e0848245726c14a8a04441/src/models/version.rs#L191-L204

In case spdx can't parse the license expression it false back to the old license handling. This also includes some tests to check that existing mappings are still mapped correctly.

[Skgland]

Mh, I just ran this on the example I gave in #10 and noticed that, while this gets the list of referenced licenses right, it messes up the summary expression changing (Apache-2.0 OR MIT) AND BSD-2-Clause into Apache-2.0 / MIT / BSD-2-Clause

[Skgland]

The added commit now keeps the packages original license expression if one was specified. This should prevent the problem mentioned in my previous comment, but this also removed the normalisation of OR to / in the license expression.

[Skgland]

Applied the suggested changes, fixed CI, and rebased to fix conflicts.

[sstadick]

@Skgland thank you!