Implement a license inventory ⚖️

[JamieSlome]

Is your feature request related to a problem? Please describe.

Open source projects are almost always coupled with an open source license. Common examples of licenses include Apache-2.0 and MIT however there are a significant number of other licenses which apply certain restrictions and expectations on code that is contributed and how it is reused. A crucial part of enabling open source contribution at organisations is deciding what open source licenses are permissible for contribution. An Open Source Program Office will or should typically define a list of licenses that have been approved for contribution. GitProxy serves as a control point for ensuring that contributions that flow from inside a company network to the open source ecosystem are to projects under licenses that have been approved.

Describe the solution you'd like A clear and concise description of what you want to happen.

• [ ] #604
• [ ] #608
• [ ] GitProxy should provide controls for the addition and removal of licenses to the inventory
• [ ] GitProxy should automatically re-certify the state of a license on a periodic basis, i.e. has it changed to a different license
• [ ] GitProxy should verify the license implications of a contribution at point of push by a developer
• [ ] Every project in the project inventory should store a license field with its relevant license
• [ ] On creation of a new project, the license of the project should be pre-populated or at least selectable by an administrator
• [ ] On clone of an unidentified and unapproved project, automatically identify all licenses in some project
• [ ] Automatically detect the usage of unapproved licenses or license headers in contributions
• [ ] Track the state of a license over time, i.e. approved, unapproved
• [ ] Implement the license inventory as its own deployable service