> Its open source, no?

I don't know how to answer this question. It doesn't have a license at the moment.

> You can add all the baggage you would like to the package Daniele published

I can. I pointed it out for others who might want to use this, especially people located in the EU/UK or other territories with similar laws. 

 I don't think it *can* be fixed. It requires that the IP of the user is sent automatically to relays, most or all of which are not GDPR-compliant.
I wasn't requesting a change. Rather, I was warning those who may chose to rely on this of something to consider. 

 Indeed, GDPR is a giant mess that make no sense for the most part and has proven to be ineffective.
I was kidding about the fix, I just added a note to surface the relay concept, that is central in Nostr; incidentally this works also as transparent informative about where data is fetched, and so with whom IPs are shared, for just technical reasons, has requested by GDPR. In fact it's not different that hotlink an image.
Finally the user can, and should, personalize the relays, using something he has verified and trust (e.g. one's own). 

 > Indeed, GDPR is a giant mess that make no sense for the most part and has proven to be ineffective.

I don't really consider the GDPR that messy, compared to other laws.
It's ineffective when people or companies don't comply with it. But all laws have people breaking them and getting away with it.

Regardless, I wasn't attempting to endorse or oppose the GDPR, just pointing this out as something to consider before using this.

> In fact it's not different that hotlink an image.

Which can also be an issue GDPR-wise and even CDNs can be dubious.