[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Non-source Javascript files in upstream source

On Wed, May 07, 2014 at 05:18:36PM +1000, Ben Finney wrote:
> the problem is for the package maintainer to assert that *is* the
> corresponding source for a particular work.
> 
> We should not, IMO, accept such an assertion without an independently
> verifiable guarantee that can be automated for each release of the
> source package.

And that is precisely the disagreement.  You say this is important, but there's
no rule that requires it and others, including me, say that our time is better
spent doing other things.  I have no problem accepting the assertion.  And if I
do that, I see a generated file with what I believe to be its source, and there
is no problem.

What do you think about configure files?  Should they all be removed, because
we can never check if configure.ac really is the source (given all the
different versions of the tools used to generate it)?  What if things break and
the maintainer fixes it by editing configure (not configure.ac, for whatever
reason) by hand?  Does that make the package non-free?

I'm not opposed to cleaning every source package so it only uses what is really
required for building the Debian package, but that is a big change from "don't
touch upstream's tarball unless you really have to", and IMO a GR would be in
order for such a big change.

Thanks,
Bas
Reply to: