Add verify-pyproject-license hook

[KyleFromNVIDIA]

Contributes to #29.

[vyasr]

Overall looks good.

I'm fine merging this with only pyproject license support since that is the more immediate need (where we get bit by wheeltamer), but we probably want to 1) add tooling to also validate our conda meta.yaml files, and 2) add logic for validating other fields. For 2, other fields we should standardize:

1. Author name (NVIDIA Corporation)
2. Classifiers: some packages will want more classifiers than others, but there are some base ones that we ought to be able to standardize. For instance, making sure the Python versions are consistent.

[bdice]

Just as a survey of various Python build tools:

• Poetry says to use license with SPDX identifiers (so Apache-2.0, not Apache 2.0)
• Python Packaging User Guide says don't use license if your project's license is well-known, use classifiers like License :: OSI Approved :: Apache Software License instead
  • setuptools offers similar guidance (see this PR)

I don't know what our constraints are with respect to the internal wheel validation process, but using SPDX and a classifier would seem to be the optimal solution imo.

Resolved

[jakirkham]

It looks like all review requests were resolved. Requesting a new round of reviews

[vyasr]

Some clean up and deduplicating, otherwise looks good.

[bdice]

A couple comments - please resolve them as you see fit. You can merge without waiting for more review from me if you wish.