From 45b77f2f73d8b32423947a5760765c561c3df3dc Mon Sep 17 00:00:00 2001 From: Allan Day Date: Mar 18 2020 15:12:26 +0000 Subject: Update Third Party Repository Policy The Fedora Council recently voted to change the Third Party Repo Policy: https://pagure.io/Fedora-Council/tickets/issue/289 Update the documentation to match. --- diff --git a/fesco/modules/ROOT/pages/Third_Party_Repository_Policy.adoc b/fesco/modules/ROOT/pages/Third_Party_Repository_Policy.adoc index 9cd74ce..a2ef9a1 100644 --- a/fesco/modules/ROOT/pages/Third_Party_Repository_Policy.adoc +++ b/fesco/modules/ROOT/pages/Third_Party_Repository_Policy.adoc @@ -20,11 +20,11 @@ Application installers in the main Fedora repositories may search COPR repos for Of course, Fedora doesn't have the only software repositories that contain free (libre) software. There are other third party repositories that Fedora users want to use. Since Red Hat has no relationship with these repositories as it does with Copr repositories, allowing things in Fedora to point users to these repositories would represent a new legal liability. Fedora Legal would need to audit the packages in these repositories for legal problems both when the repositories are initially approved and on an ongoing basis (as the software in the repositories is updated, Fedora Legal would need to check that the new versions of packages in the repository remained legally okay for us to point people at.) For this reason, the rules for including a non-Copr third party repository are more strict than for Copr repos. * Third party repositories that host diverse pieces of software (a repository like Fedora before it became a Red Hat community project, for instance) cannot be searched or enabled. This is because it would simply be too much work for Fedora Legal to audit such a repository. -* Repositories that enable a specific piece of free software may be pointed at in the same way as COPRs. However, they must be approved by both FESCo and Fedora Legal first. +* Repositories that enable a specific piece of free software may be shipped if the repo file has the `enabled=0` and `enabled_metadata=0` settings. They must be approved by both FESCo and Fedora Legal first. * Fedora Legal is not limited to simply evaluating the repositories on Legal criteria. Because they are responsible for auditing the third party repositories on an ongoing basis, they have discretion to say no for other reasons including (but not limited to) simply not having time to take on the auditing of more repositories. * FESCo and Fedora Legal can remove approval as well as grant it. This is due in part to the work that ongoing maintenance represents to Fedora Legal and also to the fact that package updates in the repositories could mean we no longer want to point to them. -Application installers in the main Fedora repositories may search repositories that are currently approved under the above list as long as they explicitly ask the user to enable the third party repository as noted in the introductory section. +Application installers in the main Fedora repositories must explicitly ask the user to enable the third party repository in order to search its content or install from it. == Repositories with non-free (libre) software