GH-47550: [Python] Use SPDX convention for license metadata on PyPI

[martin-traverse]

Rationale for this change

This is to address #47550 (as per PEP 639, SPDX license expressions are now the standard for Python packages).

What changes are included in this PR?

Update to SPDX license metadata for the Python package (changes in pyproject.toml). Also remove license from the list of classifiers (this is deprecated). License files are currently specified in setup.cfg, there is no need to change these.

Are these changes tested?

There are no code changes. Python package build will need to be tested - can this happen in CI?

Are there any user-facing changes?

No in that there are no code changes. Yes in that the Python package metadata is public.

• GitHub Issue: [Python] Use SPDX convention for license metadata on PyPI #47550

[github-actions]

⚠️ GitHub issue #47550 has been automatically assigned in GitHub to PR creator.

[rok]

This was already proposed in #47141. It seems LICENSE.txt and NOTICE.txt will have to be added.
cc @paddyroddy

[martin-traverse]

It looks like the reason for the failure in the tests in #47141 is that the test is expecting this:

license = {text = "Apache-2.0"}

Otherwise the changes in that PR look good to me. @paddyroddy, do you want to update your PR and we can try re-running the CI there? I'm happy to replicate on a new branch otherwise.

[paddyroddy]

@martin-traverse I'm on holiday at the moment but can have a look when I'm back on 29th

[pitrou]

Is there a reason to remove the classifier?

[martin-traverse]

@pitrou - The Python packaging tools spit out repeated and fairly loud warnings about this:

/private/var/folders/cn/7nm4fws564l2dl8k7n2wfgjm0000gn/T/build-env-6gz668wo/lib/python3.12/site-packages/setuptools/dist.py:759: SetuptoolsDeprecationWarning: License classifiers are deprecated.
!!

        ********************************************************************************
        Please consider removing the following classifiers in favor of a SPDX license expression:

        License :: OSI Approved :: Apache Software License

        See https://packaging.python.org/en/latest/guides/writing-pyproject-toml/#license for details.
        ********************************************************************************

!!
  self._finalize_license_expression()

I have removed them in the packages I am responsible for because of this warning. However, it seems that a lot of packages are using SPDX license IDs in the "license" field but still keeping the classifiers.

[pitrou]

Ok, it seems that NumPy have removed their license classifier, so I'm fine with that as well.

[paddyroddy]

Yeah, as said above, it seems they're phasing them out

[raulcd]

The macOS CI failures are related, we don't seem to update setuptools on those jobs:

Requirement already satisfied: setuptools>=64 in /Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/site-packages (from -r python/requirements-build.txt (line 4)) (65.5.0)

do we know what is the minimum setuptools version required to support this license change?
we have setuptools>=64 on our requirements-build.txt.

+ python -m pip install --no-deps --no-build-isolation -vv .
Using pip 25.2 from /Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/site-packages/pip (python 3.11)
Non-user install because site-packages writeable
Created temporary directory: /private/var/folders/vk/nx37ffx50hv5djclhltc26vw0000gn/T/pip-build-tracker-8wtlqrl4
Initialized build tracking at /private/var/folders/vk/nx37ffx50hv5djclhltc26vw0000gn/T/pip-build-tracker-8wtlqrl4
Created build tracker: /private/var/folders/vk/nx37ffx50hv5djclhltc26vw0000gn/T/pip-build-tracker-8wtlqrl4
Entered build tracker: /private/var/folders/vk/nx37ffx50hv5djclhltc26vw0000gn/T/pip-build-tracker-8wtlqrl4
Created temporary directory: /private/var/folders/vk/nx37ffx50hv5djclhltc26vw0000gn/T/pip-install-25cc76sn
Created temporary directory: /private/var/folders/vk/nx37ffx50hv5djclhltc26vw0000gn/T/pip-ephem-wheel-cache-0ercg3ib
Processing /Users/runner/work/arrow/arrow/build/python
  Added file:///Users/runner/work/arrow/arrow/build/python to build tracker '/private/var/folders/vk/nx37ffx50hv5djclhltc26vw0000gn/T/pip-build-tracker-8wtlqrl4'
  Created temporary directory: /private/var/folders/vk/nx37ffx50hv5djclhltc26vw0000gn/T/pip-modern-metadata-48ojfm1a
  Preparing metadata (pyproject.toml): started
  Running command Preparing metadata (pyproject.toml)
  /Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/site-packages/setuptools/config/pyprojecttoml.py:108: _BetaConfiguration: Support for `[tool.setuptools]` in `pyproject.toml` is still *beta*.
    warnings.warn(msg, _BetaConfiguration)
  configuration error: `project.license` must be valid exactly by one definition (2 matches found):

      - keys:
          'file': {type: string}
        required: ['file']
      - keys:
          'text': {type: string}
        required: ['text']

  DESCRIPTION:
      `Project license <https://www.python.org/dev/peps/pep-0621/#license>`_.

  GIVEN VALUE:
      "Apache-2.0"

  OFFENDING RULE: 'oneOf'

[pitrou]

I think setuptools 77 is required: https://setuptools.pypa.io/en/latest/history.html#v77-0-0

[raulcd]

Can you bump setuptools>=77 on our requirements-build.txt to fix the CI build? Thanks!