diff --git a/data-sources/osi.yaml b/data-sources/spdx.yaml
similarity index 95%
rename from data-sources/osi.yaml
rename to data-sources/spdx.yaml
index 63e05b7..4e6e6ea 100644
--- a/data-sources/osi.yaml
+++ b/data-sources/spdx.yaml
@@ -1,6 +1,6 @@
 version: v1
 type: data-source
-name: osi
+name: spdx
 context: {}
 rest:
   def:
diff --git a/rule-types/github/permissive_license.yaml b/rule-types/github/permissive_license.yaml
new file mode 100644
index 0000000..190ccdc
--- /dev/null
+++ b/rule-types/github/permissive_license.yaml
@@ -0,0 +1,60 @@
+version: v1
+release_phase: alpha
+type: rule-type
+name: permissive_license
+display_name: License meets the OSI or the FSF definition
+short_failure_message: License does not meet OSI or FSF definition
+severity:
+  value: info
+context:
+  provider: github
+description: |
+  Ensure that the project’s source code is distributed under a
+  recognized and legally enforceable open source software license.
+guidance: |
+  Ensure that the project’s source code is distributed under a
+  recognized and legally enforceable open source software license,
+  providing clarity on how the code can be used and shared by others.
+def:
+  in_entity: repository
+  rule_schema: {}
+  ingest:
+    type: rest
+    rest:
+      # This is the path to the data source. Given that this will evaluate
+      # for each repository in the organization, we use a template that
+      # will be evaluated for each repository. The structure to use is the
+      # protobuf structure for the entity that is being evaluated.
+      endpoint: '/repos/{{.Entity.Owner}}/{{.Entity.Name}}/license'
+      # This is the method to use to retrieve the data. It should already default to JSON
+      parse: json
+      fallback:
+        - http_code: 404
+          body: |
+            {"http_status": 404, "message": "License details not found}
+  eval:
+    type: rego
+    data_sources:
+      - name: spdx
+    rego:
+      type: constraints
+      def: |
+        package minder
+
+        import future.keywords.every
+        import future.keywords.if
+
+        violations[{"msg": msg}] {
+          license := input.ingested.license.spdx_id
+
+          resp2 := minder.datasource.spdx.licenses({})
+          licenses := resp2.body.licenses
+          osi := { l.licenseId | l := licenses[_]; l.isOsiApproved }
+          fsf := { l.licenseId | l := licenses[_]; l.isFsfLibre }
+          approved_licenses := osi | fsf
+
+          count(approved_licenses) != 0
+          license != null
+          not license in approved_licenses
+          msg := sprintf("License %s is not OSI/FSF approved", [license])
+        }