> For years, we have been able to ship generated files without checking if > they can really be built from sources (for example, autoconf stuff). And > JS stuff should comply to stricter standards from day one? JS stuff has been in Debian for a long time; it isn't fair to say that this is day one. And autoconf isn't really a fair comparison, because you can generally read the output files of autoconf, whereas minified JS is just impossible.
Attachment:
pgp_cqYH1FRch.pgp
Description: PGP signature