Should we check optional dependency licenses

[mauicv]

The prophet optional dependency in Alibi-Detect currently has two dependencies: pystan and PyMeeus (via fbprophet) both of which are under "GNU General Public License v3 (GPLv3)" license. They weren't coming up with prior license checks because the script that checks the licenses uses extras=all in the tox-env settings but there is no all optional dependency option by default for pip installs instead it just gives a warning which I think is silenced in CI. Now that the all option has been added for the optional dependencies work, they've turned up. To retain current behaviour I've removed extras=all for the licenses in the setup.cfg so license checks don't run for optional dependencies.

Because these are optional dependencies this isn't really an issue but it raises the question of how we should be checking the licenses? i.e. do we look at all the dependencies or just the defaults? If we check all we should flag those that are optional so we know how much of an issue it is, etc...

[jklaise]

Happy to stick with defaults as the checks are more to see whether there have been any changed to licences of core dependencies that you can run the library with.