Introduce Independent License Clarity Thresholds Mechanism

[NucleonGodX]

Fixes #1678

Summary of Changes

This pull request introduces a new module for managing license clarity thresholds:

About the policies.yml Structure for License Clarity Thresholds
The policies.yml file is a YAML configuration used to define various compliance policies for ScanCode.io and related tools. With these changes, a new section called license_clarity_thresholds is introduced specifically for clarity score compliance.

Example policies.yml for clarity thresholds:

license_clarity_thresholds:
  80: ok        # Scores 80 and above are 'ok'
  50: warning   # Scores 50 to 79 are 'warning'
  # Scores below 50 are automatically considered 'error'

• Validation of threshold policy structure:

  • Keys must be integers
  • Values must be one of: ok, warning, error
  • No duplicate thresholds
  • Thresholds must be in strictly descending order

• Evaluation logic for mapping clarity scores to compliance alerts (ok, warning, error)

• Comprehensive test suite covering:

  • Valid and invalid YAML configurations
  • Duplicate and unordered thresholds
  • Single and multiple thresholds

Note: This module is self-contained and not yet integrated into the main compliance or project logic. It is intended for review and further development.

Future Work

• Integration with summary generation to include clarity compliance alerts in outputs
• UI and reporting integration to show clarity compliance results alongside existing license compliance alerts
• Documentation updates to guide users on configuring and using license clarity thresholds in policies.yml

[NucleonGodX]

Changes Made:
Renamed policies.py → license_policies.py.
Created independent license_clarity.py module which works independently
Added comprehensive test coverage for both modules

Next Steps:
The next steps would be integrating it to be added to the summary generation after the scan single package pipeline, and also storing it as extra_data and displaying it in the UI, and adding it to check compliance so that it can be integrated in CI directly.(All this already discussed in the weekly meet)

[tdruez]

@NucleonGodX The code changes look fine in general.
Make sure to run make valid to fix the code format before a commit (currently failing the CI)

Renamed policies.py → license_policies.py.

This is out of scope and unneeded for now. Please revert this part and keep the PR focus on the "License Clarity" implementation.
If another module needs a rename, it needs to be discussed and handled separately as it may break external usage and dependencies on that module.

[NucleonGodX]

Thanks for the suggestions, I've applied them @tdruez

[tdruez]

@NucleonGodX LGTM!
@pombredanne can you have a look before the merge?

Next Steps:
The next steps would be integrating it to be added to the summary generation after the scan single package pipeline, and > also storing it as extra_data and displaying it in the UI, and adding it to check compliance so that it can be integrated in CI > directly.(All this already discussed in the weekly meet)

Sounds like a plan!