Remove NOASSERTION license

[thomashoneyman]

This PR removes the NOASSERTION license type from Licensee output. We take license types from various manifest files as well as trying to auto-detect from a LICENSE file (if present); the NOASSERTION license type represents a failed parse of a LICENSE file.

After discussion with our legal counsel we determined that we can include packages so long as we can prove we made a 'best effort' to represent the author's intent in licensing. Since we take the license from their other assertions in package manifests, and since Licensee is an automated tool that can fail to parse license files that humans would recognize as conveying meaning, we can drop these parsing failures -- we have an alternate way to determine the license (the manifest files' license fields).

Filtering this license type from the Licensee output prevents a NOASSERTION from failing the SPDX license check, so a good number of packages that were previously failing are now passing. Note: this does not allow packages that only specify a license via a LICENSE file through if the parse fails; that results in a package being listed as having no valid license at all. So we're still only accepting licensed packages.

Helps fix #250, and closes #266, because now only packages with invalid dependencies are being dropped -- and that means only purescript-prettier is going to be dropped, which is pretty good!

[thomashoneyman]

This change has resulted in:

+34 packages succeeding, -4 partially succeeding, and -30 failing import
+378 versions succeeding import
-185 versions removed because of unsatisfied dependencies

Full change:

Packages: 1629 total (1125 totally succeeded, 332 partially succeeded, 172 totally failed)
Versions: 12628 total (10748 totally succeeded, 0 partially succeeded, 1880 totally failed)

Failures by error:
  manifestError: 1878 versions across 443 packages
    badDependencyVersions: 727 versions across 201 packages
    missingLicense: 498 versions across 147 packages
    badLicense: 424 versions across 65 packages
    badVersion: 326 versions across 144 packages
  resourceError: 0 versions across 60 packages
  malformedPackageName: 1 versions across 1 packages
  noDependencyFiles: 1 versions across 1 packages

255 manifest entries with unsatisfied dependencies

Packages: 1629 total (1159 totally succeeded, 328 partially succeeded, 142 totally failed)
Versions: 12628 total (11126 totally succeeded, 0 partially succeeded, 1502 totally failed)

Failures by error:
  manifestError: 1500 versions across 409 packages
    badDependencyVersions: 727 versions across 201 packages
    missingLicense: 518 versions across 159 packages
    badVersion: 326 versions across 144 packages
    badLicense: 10 versions across 3 packages
  resourceError: 0 versions across 60 packages
  malformedPackageName: 1 versions across 1 packages
  noDependencyFiles: 1 versions across 1 packages

70 manifest entries with unsatisfied dependencies

[f-f]

Looks good!

[f-f]

Is #250 definitely fixed by this?

[thomashoneyman]

It’s fixed in the sense that we know what is dropped from the recent package sets, but not in the sense that we could keep running this to get updated results going forward. But I don’t think we need to do that.