Hi all,

As you all know, we have a larger project of moving Fedora license data to a data format and repository, updating and improving Fedora-legal documentation related to licensing, and adoption of SPDX ids. In light of that, it is also relevant to look at the process for review of a new license for potential inclusion in Fedora.

I'd describe the past/current process as:
- send email to this list, some discussion may ensue on list (with community members and Red Hat legal), decision made and then license is added to the applicable wiki table (good or bad) at https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing
- Of course, up until somewhat recently, this entire workflow was shepherded by Tom Callaway

Now that we have the license data in a repository, it seems like we can use Issues and Merge Requests for the process flow, instead of relying on email. As such, I'd like to propose something along the following lines:


How to request review of a new license
If you find a license for a package you want to include in Fedora and that license is not listed in the Fedora License Data, you can submit it for review as follows:

Note: you must be a Fedora contributer and become part of the Fedora Gitlab group. See LINK for more on how to become a Fedora contributor.

1) Create a new issue in the Fedora License Data repo with the following information: license name, link to text of license, package name and link, why you want to include it in Fedora, whether it is on the SPDX License List, and the SPDX expression as applicable (see below for hints on determining if a license text matches a license on the SPDX License List)

2) All discussion related to the license review based on the license criteria will be on the Issue thread and a decision will be noted there.
` If the license is not on the SPDX License List, then submit the license to the to the SPDX-legal team at https://tools.spdx.org/app/submit_new_license/. In addition to the required information, include a note that it is under review for Fedora and a link to the related Fedora License Data Gitlab issue.
The ultimate decision for licenses allowed or not-allowed for Fedora based upon the license criteria rests with Red Hat legal.

3) Once a decision has been made, the person who submitted the license for review creates a Merge Request for the license using the TOML file format.

4) Merge Requests will be reviewed and merged by the Fedora License Data repo maintainers.


Happy to hear your thoughts, feedback, and suggestions!

Thanks,
Jilayne