Hiya, longtime DWYL appreciator here who just stumbled onto this rather impressive Fields package. Was excited to use it to replace some of our internal ecto middleware after taking it for a test drive, then I saw the GPL 2.0 license.

IME, GPL 2 is a fantastic copyleft license for open-source software intended to support other open-source software, but for closed-source software, section 3 of the license opens your entire codebase up to being open-sourced to the public.

As an open-source lover myself, GPL 2 is all puppies and rainbows, but as a developer of necessarily-secure-by-law software, this means if my team wants to use Fields for encryption but makes a misstep in how the software gets distributed down the line, our software and all of its code-level security mechanisms including and beyond encryption and data storage methods may be forcibly revealed to the public or we'll be in violation of the license.

For us, this means Fields is not a viable package as the license itself is a security vulnerability.

Regardless, thank you as always DWYL team and contributors for the great learning material and code!

@njwest I don't know if you're trolling ... 🤔
GPL 2.0 is a widely used license and there is zero "security vulnerability".
Sorry to be dismissive but without evidence this is pure conjecture.
GPL 2.0 code is widely deployed in industry in the form of Linux, Wordpress, etc.