Based on the replies to https://mastodon.social/@bagder/114329630276196304, where there was some uncertainty around where the issue comes from, I figured I should clarify it here:
git on Debian ends up indirectly linked to OpenSSL through the following: git -> libcurl-gnutls -> libldap -> libssl The openldap package switched to linking to OpenSSL in January this year (2025) for Debian unstable. Other distros either have a more direct link between them: git -> libcurl-openssl -> libssl Or they link to libssl directly, which is what I saw on GuixOS with "git-imap-send". Then this bug is about whether this will result in license incompatibilities between GPL-2.0 and Apache-2.0, but regardless of the licensing question, it's also sad to lose GnuTLS support for OpenLDAP. This means it's impossible to have a GnuTLS build of libcurl with ldap support without also pulling OpenSSL transitively. But as Ryan said, that's the case "unless someone else steps up to maintain that support". Regards, -- Samuel Henrique <samueloph>
