Add dependency license report script

[jusdino]

Description List

• Add a script at a root bin folder to look for NodeJS and Python dependencies, then report on their licenses

Testing List

• Run it!

Closes #564

[landonshumway-ia]

This is a good start, but I notice a handful of rows in the csv file have UNKNOWN or NOASSERTION for the license even though that information is available through GH and Pypi, for example the publication python module is using the MIT license, but the script was unable to find it.

publication GH: https://github.com/glyph/publication?tab=MIT-1-ov-file
publication Pypi: https://pypi.org/project/publication/

cachecontrol (licensed under apache 2.0)
GH: https://github.com/psf/cachecontrol?tab=License-1-ov-file
Pypi: https://pypi.org/project/CacheControl/

Obviously, the script likely won't be able to find every single license, but if the intent is to have a human fill in the gaps, then we should check in the latest csv file with all the unknowns filled in so that the next time we need to run this, the human developer doesn't have to dig so much for all the unknown licenses.

[landonshumway-ia]

Looks great! This script will come in handy as the project grows

[jlkravitz]

Looks good! I don't have much context on the use-case here (though I think it is a good thing to do), so not sure how accurate this needs to be. My two comments only really matter if accuracy is key (e.g., for legal compliance).

[jlkravitz]

@isabeleliassen Good to go.