Le mardi, 11 mars 2014, 19.02:55 Ian Jackson a écrit :
> Thomas Goirand writes ("Re: jquery debate with upstream"):
> > In one of my package, I had openssl.dll in the source tarball (it
> > was of course removed later on).
> >
> > Would you consider it ok as well to have it in a source package, as
> > long as it's not used during the build? And what about a windows
> > .exe? Is it different from having a minified .js that is also not
> > in use?
> Yes, I think all of these things are tolerable, so long as the files
> are in fact redistributable (which depending on the licence they might
> not be).I disagree: I don't think it's tolerable to ship a .exe freeware [0] in a source package in main, just because it happens to be redistributable; in my reading, considering that the "source package" _is_ a component of the Debian system, doing so violates at least SC§1 and DFSG§2. I don't think there should be a standards' difference between our source and binary packages. That said, the "minified .js" case is slightly different iff it can be proved that it can be recreated from DFSG-free sources, which should then really be actually done in the build phase. Now, if the problem is that "stripping out non-free stuff from upstream archives is boring work", then that's the thing to solve using smart tools rather than bending our standards. Cheers, OdyX [0] And that's without speaking of actively harmful executables…
signature.asc
Description: This is a digitally signed message part.
