Hi all,
As you all know, we have a larger project of moving Fedora license
data to a data format and repository, updating and improving
Fedora-legal documentation related to licensing, and adoption of
SPDX ids. In light of that, it is also relevant to look at the
process for review of a new license for potential inclusion in
Fedora.
I'd describe the past/current process as:
- send email to this list, some discussion may ensue on list (with
community members and Red Hat legal), decision made and then
license is added to the applicable wiki table (good or bad) at
https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing
- Of course, up until somewhat recently, this entire workflow was
shepherded by Tom Callaway
Now that we have the license data in a repository, it seems like
we can use Issues and Merge Requests for the process flow, instead
of relying on email. As such, I'd like to propose something along
the following lines:
How to request review of a new license
If you find a license for a package you want to include in Fedora
and that license is not listed in the Fedora License Data, you can
submit it for review as follows:
Note: you must be a Fedora contributer and become part of the
Fedora Gitlab group. See LINK for more on how to become a Fedora
contributor.
1) Create a new issue in the Fedora License Data repo with the
following information: license name, link to text of license,
package name and link, why you want to include it in Fedora,
whether it is on the SPDX License List, and the SPDX expression as
applicable (see below for hints on determining if a license text
matches a license on the SPDX License List)
2) All discussion related to the license review based on the
license criteria will be on the Issue thread and a decision will
be noted there.
` If the license is not on the SPDX License List, then submit the
license to the to the SPDX-legal team at
https://tools.spdx.org/app/submit_new_license/. In addition to the
required information, include a note that it is under review for
Fedora and a link to the related Fedora License Data Gitlab issue.
The ultimate decision for licenses allowed or not-allowed for
Fedora based upon the license criteria rests with Red Hat legal.
3) Once a decision has been made, the person who submitted the
license for review creates a Merge Request for the license using
the TOML file format.
4) Merge Requests will be reviewed and merged by the Fedora
License Data repo maintainers.
Happy to hear your thoughts, feedback, and suggestions!
Thanks,
Jilayne