Vincent Bernat <ber...@debian.org> writes:
> 28 août 2015 01:46 GMT, Bas Wijnen <wij...@debian.org> :
>
>> Or alternatively, by packaging the minifier that is being used with the
>> package
>> that needs it. Yes, that's a horrible idea with lots of code duplication,
>> but
>> if I understand the problem, every JS file must be minified with the exact
>> version of the minifier that upstream used, so then every package would have
>> its own unique package that it depends on, and in that case they can just be
>> merged. But it can't really be that bad, right?
>
> Here is the dependency graph of jQuery (only to build it!):
>
> jquery@3.0.0-pre /home/bernat/src/jquery
[ very long list ]
> ├─┬ grunt-contrib-jshint@0.11.2
...
> │ └─┬ jshint@2.8.0
^^^^^^^^^^^^I don't know much about this, but I do know that that is a version that contains code licensed under the "Do No Evil" license of JSlint: https://github.com/jshint/jshint/blob/e6611af2d180bd2317d5762e85807a481de99ccb/src/jshint.js#L19 Of course, there is an effort to address this problem, and I've seen claims that there's a way of getting the same code without that clause via apache, but that version is not it. Also of course, JShint is almost certainly not really needed to package this stuff, so your dependency graph includes optional bits that make things look much worse than they probably are. Until some effort is put into taming this beast we'll never know how unmanageable this really is. If you're right, and it is impossible, then who knows what other licensing wrinkles are hiding in this mess. You seem to be advocating sweeping this under the carpet, but by doing that you're advocating relying on non-DFSG, unpackaged tools for building main. Cheers, Phil. -- |)| Philip Hands [+44 (0)20 8530 9560] HANDS.COM Ltd. |-| http://www.hands.com/ http://ftp.uk.debian.org/ |(| Hugo-Klemm-Strasse 34, 21075 Hamburg, GERMANY
signature.asc
Description: PGP signature
