[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: source code "forensic" practices

Hi Yaroslav,

Yaroslav Halchenko wrote:
> I ITPed a package which unfortunately ended up not providing original
> sources (sources everybody gets were indentation removed). Unreasonable
> denial of providing original source forced me to question good intent of
> the author to provide useful and spam/crap-free software. Since I could
> not possibly to examine that code, I've decided to look at other
> software written by the same author, and which has original source code,
> which probably nobody else ever examined anyways.

regardless of any possible outcome of your audit, I'm not sure that it's
a very good idea to include such code in Debian. IMO the results of your
analysys cast a shadow on the author's intend to provide free software
in the spirit of DFSG. There have been issues with upstream authors in
the the past and it seems these things offer a huge amount of agony we
best avoid.
That said, if you feel like it, you could approach the author and
potentially advocate better release practices to him.

Kind regards

Thomas Viehmann, http://thomas.viehmann.net/

Reply to: