One of the various reasons for having package reviews is having a human
verify that the packager's choice of License: tag is valid. The
Packaging Committee is was faced with a request
(
https://pagure.io/packaging-committee/issue/1007) that has us
questioning just how much license review is required.
Are any of the following acceptable?
1) Trust the packager to do a license review, with no reviewer
verification.
2) Trust the output of an automated tool which attempts to detect
project licenses (such as askalono).
3) Trust the license tag from a project hosting service such as github?
(I understand that the answer may depend on the hosting service.)
Depending on what is acceptable, we may be able to reduce bureaucracy a
bit. I know that back when I did package reviews, the license review
was often the most difficult part.
- J<