Security Issue with dynamic import in setup.py

[tcapelle]

I am using sentencepiece and it is often flagged as a vulnerability: https://socket.dev/pypi/package/sentencepiece/overview/0.2.0/tar-gz

I think the issue is coming from this line in setup.py:

exec(open('src/sentencepiece/_version.py').read())

I also think you are missing a license in Pypi.

Thanks =)