[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security concerns with minified javascript code

* Neil Williams <codehelp@debian.org> [150902 14:33]:
> Minified isn't source for modification... [large snip]

I don't believe I have disagreed with anything you said in the snipped
text.  I certainly did not mean to.  I said that minified JS can only go
in main if both the source and the tools to build it are also in main.
I also said that this is a hard problem to tackle, but Debian should
tackle it (which is what this thread appears to be doing) instead of
ignoring it.

> On Wed, 2 Sep 2015 13:33:57 -0400 Marvin Renich <mrvn@renich.org> wrote:
> > This whole thread is about...
> 
> It's not about contrib or main, that is roughly equivalent to thinking
> that every DFSG problem looks like a nail because all you have available
> is a large hammer instead of solving the problem inside main.

First, I will retract the phrase "this whole thread"; I should have said
the points in the thread to which I was responding.

Second, I was not proposing any solution to the problem or agreeing with
anyone's solution.  All of my posts were about exposing incorrect
interpretations of the term "source" in the DFSG.  I think, though I'm
not quite sure, that I replied to posters on both sides of the debate (a
large part of this thread does appear to debate what is required for
minified JS to go in main).

Perhaps my posts were misinterpreted as endorsing or opposing a specific
solution?

...Marvin
Reply to: