Add verification steps for NOTICE files to our release processes #60540
Description
We are curently not verifying our NOTICE filles in our generated packages for content. while those files are there it might be that the NOTICE files are wrong (what does not help is that due to monorepo approach and having independent subproject, the NOTICE files come from different places in the repo.
We want to verify it during our verification procedures - all those that are in dev/README_RELEASE* and add an extra step of verification for content:
- whether required ASF notice is there (in generated artifacts - not only in sources)
- whether the (C) end range year is current (2026 today)
- Possibly we could explore using symbolic links instead of copying the NOTICE files in 200+ incarnation - or maybe add a way to keep them all in sync automatically (
prekhook)
Note. that some of those NOTICE files are different in different distributions - for example fab provider NOTICE contains also Flask App Builder notice because we vendored-in part of the Flask App Builder in our code. So whatever we come up with as "syncing" solution has to deal with that.