Add content for "License linting" section

Signed-off-by: Matthias Beyer <matthias.beyer@ifm.com>
author: Matthias Beyer <matthias.beyer@ifm.com> 2022-06-23 08:57:29 +0200
committer: Didier Wenzek <didier.wenzek@free.fr> 2022-08-30 15:49:33 +0200
commit: 9a3d6add09eddacceec65a5649d4b85cdfbeb09e (patch)
tree: 583d9279f817f4189c13ec3d3e65278691fc07b2
parent: d320740f5f33330ce5382be9092d6680747c2dc6 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/GOVERNANCE.md b/GOVERNANCE.md
index f09fdc69..8d1362a1 100644
--- a/GOVERNANCE.md
+++ b/GOVERNANCE.md
@@ -235,6 +235,14 @@ core contributors = [SAG, IFM]
   To ensure harmonization of dependencies, a dedicated team (see "Team
   Structure") is responsible for keeping an eye on the list of dependencies.
 - License linting
+  License linting describes the act of checking the licenses of dependencies and
+  whether they meet a certain criteria.
+  For example, it is not feasible to import an external library that is licensed
+  as GPL-3.0 in an Apache-2.0 licensed codebase.
+  Because of this, a github action is installed to lint the licenses of
+  dependencies. This action runs as a normal lint (see "evergreen master") and
+  blocks pull requests if dependencies get imported that do not meet a set of
+  rules agreed upon by the project.
 
 ## Related
author	Matthias Beyer <matthias.beyer@ifm.com>	2022-06-23 08:57:29 +0200
committer	Didier Wenzek <didier.wenzek@free.fr>	2022-08-30 15:49:33 +0200
commit	9a3d6add09eddacceec65a5649d4b85cdfbeb09e (patch)
tree	583d9279f817f4189c13ec3d3e65278691fc07b2
parent	d320740f5f33330ce5382be9092d6680747c2dc6 (diff)