legal February 2026

legal@lists.fedoraproject.org

10 participants
5 discussions

Fwd: SPDX Statistics - 43 packages remaining
by Miroslav Suchý 27 Feb '26

27 Feb '26

-------- Přeposlaná zpráva -------- Předmět: SPDX Statistics - 43 packages remaining Datum: Fri, 27 Feb 2026 11:40:29 +0100 Od: Miroslav Suchý <msuchy(a)redhat.com> Společnost: Red Hat Czech, s.r.o. Komu: Development discussions related to Fedora <devel(a)lists.fedoraproject.org> Last 43 packages are not SPDX compliant. Full boring statistics is here: https://docs.google.com/spreadsheets/d/1QVMEzXWML-6_Mrlln02axFAaRKCQ8zE807r… We are again moving in right direction :) The extract: SPEC files: 23591 License Tags: 30654 Not SPDX complient: 43 Not converted yet: 1639 Trivial conversion: 2 Number of ELN+buildroot packages: 2260 Number of ELN packages: 1982 Not converted ELN packages: 4 I want to highlight the ELN set where only last four packages remains. Two of them are in progress and two have complicated license. And `linux-firmware` has bunch of complicated licenses. There is new enhancement to `license-validate`. You can now run it like: license-validate -v --spec foo.spec (the new license-validate is in updates-testing) The upstream of license-validate changed, so here comes new URL: The list of packages needed to be converted is here: https://github.com/fedora-copr/license-validate/blob/main/packages-without-… List by package maintainers is here https://github.com/fedora-copr/license-validate/blob/main/packages-without-… Packages that are neither in SPDX nor in Callaway format - highest priority - only 7 packages remaining: https://github.com/fedora-copr/license-validate/blob/main/neither-nor-remai… If your package does not have neither git-log entry nor spec-changelog entry mentioning SPDX and you know your license tag matches SPDX formula, you can put your package on ignore list https://github.com/fedora-copr/license-validate/blob/main/ignore-packages.t… Either pull-request or direct email to me is fine. Miroslav

1 0

antlr3 and a not-allowed license
by Jerry James 20 Feb '26

20 Feb '26

I've been using scancode to take an in-depth look at packages I maintain. I'm up to packages that start with "a"! While looking at the antlr3 package, I found that it contains 3 files with the LicenseRef-Unicode-legacy-source-code license, which is not allowed for Fedora [1]. The files are part of the C/C++ backend. They have been built into binary RPMs for Fedora since 2010 [2] (Fedora 12?). Repoquery shows that nothing in Fedora uses the C/C++ backend. I will build updates for F42, F43, and Rawhide that disable it. My question is whether I need to do anything more than that. Do I need to scrub the offending files out of the tarball, for example? References: [1] https://gitlab.com/fedora/legal/fedora-license-data/-/blob/main/data/Licens… [2] https://src.fedoraproject.org/rpms/antlr3/c/6398229d293262736484dc0e3d7a87b… -- Jerry James http://www.jamezone.org/

5 8

Advice needed RE: Docs & RPM Fusion & Video Codecs & Nvidia
by Mat H 17 Feb '26

17 Feb '26

Dear Legal Team, Fedora Documentation Team is producing a 'beginners guide to Fedora'. We want to include instructions on how to install video codecs from RPM Fusion that are possibly patent encumbered in some countries. We have also the same question with regard to Nvidia drivers. Can we 1. Provide hyperlinks to instructions on RPM Fusion: and https://rpmfusion.org/Configuration ? 1.a. Provide hyperlinks to instructions on RPM Fusion: https://rpmfusion.org/Howto/Multimedia ? 1.b. Provide hyperlink to instructions on RPM Fusion, such as https://rpmfusion.org/Howto/NVIDIA ? 2. Provide instructions on docs.fedoraproject.org on how to install the RPM Fusion repositories. ? 2.a. Provide instructions on docs.fedoraproject.org on how to install the Nvidia drivers. ? 2.b. Provide instructions on docs.fedoraproject.org on how to install specific codecs such as those that enable playing h265 videos ? Yours Sincerely, Mat Holmes @theprogram

5 4

Fwd: Question about licensing for data shipped with Goose
by Rodolfo Olivieri 13 Feb '26

13 Feb '26

Hi, folks! I'm forwarding to this mailing list the thread resulting from the last comment received on my package review in Bugzilla ( https://bugzilla.redhat.com/show_bug.cgi?id=2428704#c11) Apparently, most of the mentioned files are trivial, so I'm thinking of keeping them to facilitate the packaging work and not have to deal with removal/skipping tests. Regarding the image found in the test code, I opted to remove it to avoid future complications. Any thoughts on this? Regards, Rodolfo Olivieri. ---------- Forwarded message --------- From: Richard Fontana <rfontana(a)redhat.com> Date: Wed, Feb 11, 2026 at 4:28 PM Subject: Re: Question about licensing for data shipped with Goose To: Máirín Duffy <duffy(a)redhat.com> Cc: Rodolfo Olivieri <rolivier(a)redhat.com> I didn't read the discord conversation because I couldn't authenticate with the account I apparently have and didn't want to create another one... with that caveat: - I would just assume the stuff here https://github.com/block/goose/tree/main/crates/goose-cli/src/scenario_test… is too trivial to worry about - I would assume the stuff here https://github.com/block/goose/tree/main/crates/goose-mcp/src/computercontr… is too trivial to worry about I'd push a little with the upstream on the goose image since it's the kind of thing that you might expect a human would claim copyright on and I don't see any specific reason to assume it's AI-generated. If they say they're reasonably sure it was AI-generated then I'd take their word for it and assume it is not copyrighted. If they just don't know, I'd remove the content. Richard On Wed, Feb 11, 2026 at 1:39 PM Máirín Duffy <duffy(a)redhat.com> wrote: > Hey Richard, > > Goose ships a png file and some CSV files as part of Goose that are part > of their test suite. This came up in packaging review in Fedora as a > potential licensing issue and concerns about redistributing the content. > The Goose developers believe the content is LLM-generated but we weren't > able to get more details on its origin. > > This is the conversation with Goose upstream: > > https://discord.com/channels/1287729918100246654/1287729920319033345/147076… > > This is the actual content in question: > > - > https://github.com/block/goose/tree/main/crates/goose-cli/src/scenario_test… > - > https://github.com/block/goose/tree/main/crates/goose-cli/src/scenario_test… > - > https://github.com/block/goose/tree/main/crates/goose-mcp/src/computercontr… > > > The bugzilla with the package reviwe and more specifics is here (points #2 > and #4): > https://bugzilla.redhat.com/show_bug.cgi?id=2428704#c11 > > We were wondering how you'd advise handling this - drop the content > entirely from the package, ask Goose upstream to explicitly license it > under a license you could recommend for us, or something else? > > TIA, > ~m > > Máirín "Mo" Duffy she/her/hers > > Distinguished Engineer, ⚡ RHEL Lightspeed > > Boston, MA, USA > <https://www.redhat.com/> > -- Richard Fontana IBM Legal (supporting Red Hat) -- Rodolfo Olivieri He/Him Principal Software Engineer, RHEL Lightspeed Red Hat <https://www.redhat.com> rolivier(a)redhat.com @redhatbr <https://twitter.com/redhatbr> @red-hat <https://www.linkedin.com/company/red-hat> @redhatbrasil <https://www.facebook.com/redhatbrasil> <https://www.redhat.com> <https://redhat.com/options>

3 4

Dolby Digital Plus (E-AC3) patents have now expired. Time to add it to fedora
by spaceshipgalore＠outlook.com 31 Jan '26

31 Jan '26

The last Dolby Digital Plus (E-AC3) patent US7516064 expired today. Please add it to fedora. more info: https://hydrogenaudio.org/index.php?topic=122053.0

2 1

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

legal February 2026