Hi Alex, Alex Vong <[email protected]> writes:
> Recently, guix changes to use guile-git for 'guix pull', which is a > libgit2 binding for guile, while libgit2 itself uses openssl to talk > over https. > > Now the potential problem is that guix is licensed in gpl3+ while > openssl is licensed in openssl. It is well-known the two licenses have > incompatibility disallowing one from distributing the result of linking > a gpl program with openssl[0]. Thanks for bringing this to our attention. I looked into this, and it turns out that Debian's libgit2 package no longer depends on OpenSSL: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798421 libgit2 can use libcurl for HTTPS support, in which case it does not need OpenSSL. Our libcurl already uses GnuTLS instead of OpenSSL. So, I expect this issue can be easily resolved. I'll work on it. Thanks, Mark
