Follow-up Comment #5, task #16351 (project administration):
> I used the ArchLinux package database to check the license for some of the dependencies. For OpenSSL 1.1 (which is the version I use), they list it as "BSD": https://archlinux.org/packages/core/x86_64/openssl-1.1/ This is my point: you don't bother to check if your dependencies are GPL-compatible, and in this case you actually end up with your package being GPL-incompatible---your users can't combine it with software under the GPL. Savannah has no resources to continually verify if every hosted package follows our requirements. We have to rely on the developers to maintain the compliance, and I believe a more responsible attitude is needed to that end. _______________________________________________________ Reply to this item at: <https://savannah.nongnu.org/task/?16351> _______________________________________________ Message sent via Savannah https://savannah.nongnu.org/
