Generate licenses summary

[clehner]

Fixes #77. This adds generation of a dependency license summary, listing all of DIDKit's Rust/Cargo dependency packages and their licenses. The resulting file is intended to be included in binary distributions of DIDKit, and may be useful for other applications embedding DIDKit, e.g. https://github.com/spruceid/credible/issues/62.

The cargo tree command is used as the basis for walking the dependency tree and assembling the list of packages.

Getting the dependencies of the Rust runtime (std) is done by running cargo tree in the Rust source repo; the output of that is checked in here (licenses/std.tree) so that having Rust source is not needed when building DIDKit but only when it is desired to update this Rust toolchain dependency info.

I considered using cargo metadata instead of cargo tree, but that command does not have as many options for adjusting the results (to only include "normal" dependencies, not build or dev dependencies, and to show results for all targets) and doesn't seem to offer additional useful info. (The license file field seems to always be empty).

What is currently missing from the resulting generated license summary are the Copyright attribution lines, which are used at the top of form licenses like MIT and required to be preserved. What might need to be done to get this info is to fetch the License files from the source repos, like cargo-license-hound does, and/or include the resulting data in this repo.

• List licenses and generate summary.
• Integrate licenses summary into binary packages.
• Add attributions (Copyright lines) to summary.
• Associate Rust std cargo tree output with toolchain version?
• Check for Apache-2.0 NOTICE files in dependencies. (Automatically?)

[CLAassistant]

All committers have signed the CLA.