One of the greatest strengths of open source development is how it enables collaboration across the entire world. However because open source development is a global activity it necessarily involves making available software across national boundaries. Some countries export control regulations such as the United States may require taking additional steps to ensure that an open source project is satisfying obligations under local laws.
In July of 2020 The Linux Foundation published a whitepaper on how to address these issues in detail which can be downloaded here. In 2021 the primary update in the paper is to reflect a change in the US Export Administration Regulations.
Previously in order for publicly available encryption software under ECCN 5D002 to be not subject to the EAR email notifications were required regardless of whether or not the cryptography it implemented was standardized.Following the change email notifications are only required for software that implements non-standard cryptography.