[Task](context): Improve NPM Dependency Lisence Checks

[guoda-puidokaite]

Task Description

In the past, license-checker-rseidelsohn introduced high security vulnerabilities as it's not maintained. See #1436.

• Last license-checker-rseidelsohn: 4.4.2 was a year ago.
• It doesn't seem to be maintained often e.g. from comments in the library.
• It uses deprecated packages e.g. read-package-json: 6.0.4.

We decided to remove license-checker-rseidelsohn, as it's not maintained. This package was used to check whether the npm dependencies included in our project match an approved list of licenses.

The currently open PR uses a GH action to check this instead.

However, with this ticket, we need to dive deeper into the questions outlined under sub-tasks before merge.

Depending on the answers to the questions below, we might need to adjust the approach.

Sub-tasks

Confirm:

• that all the previously allowed licences are correct
• all of the current npm dependencies in our project match the final list of allowed licences
• whether we should check dependencies and devDependencies only, or track transitive ones too e.g. as in our security checks
• whether this check should always run on all project dependencies or it's sufficient to run upon the update of a specific dependency
• that the entire repo is recursively checked
• document

Related Issues

Follow up from #1436.