Emilien Klein <emilien+deb...@klein.st> writes: > Let's take the example of jquery-lazyload [0]. > > Both these files are provided in the upstream tarball: > - jquery.lazyload.js > - jquery.lazyload.min.js > > With the second one being the minified form of the first one.
How will you guarantee that ‘jquery.lazyload.js’ is the corresponding source for the file ‘jquery.lazyload.min.js’? How will you guarantee that holds true every time a new version is released upstream? There is a method for doing so: Don't distribute the minified file from upstream; instead, distribute only the source form of the work, and compile a minified file during the build of the binary package. What other method do you propose for keeping our promise in the Social Contract? Does it meet that promise with as much certainty as the method I propose above? > We've got an implicit statement from upstream that the minified file > comes from the source file: This implicit statement can be false; if not by malice, then by simple omission or other mistake. So it is less reliable than removing the non-source form of the work from our source package. > To take another example: .jpg images. > - those are not the source of the image (would be e.g. a Gimp project > file) In many cases, JPEG *is* the preferred form for modifying a work. For example: when no other form exists. > If (as we do for .jpg) we accept non-source files based on their > licensing information, and even use them as such in the binary > package, I don't see how worse it would be to leave a minified file > (which has it's explicit copyright notice embedded!) in the orig > tarball, and rebuild it on our side to absolutely rule out any evil > action or omission of update on upstream's side. Where a JPEG image is not the source form of a work – that is, where we have good reason to believe the JPEG image has a source form which the upstream maintainer could provide but does not – we should indeed ask that they provide the source form of the work. But where the upstream has no form of the work more suitable for modification than the JPEG image, then that *is* the source form of the work and it belongs in the Debian source package. > I would argue that having minified files in the upstream tarball is no > reason for repackaging. Those files are released under the same > license as the source As has been pointed out, the issue being discussed is not the license terms of the work. The non-source form should not be part of the source package because we risk violating our Social Contract, and we can easily be much more sure of that contract by removing the non-source form of the work from the source package we distribute. -- \ “If it ain't bust don't fix it is a very sound principle and | `\ remains so despite the fact that I have slavishly ignored it | _o__) all my life.” —Douglas Adams | Ben Finney _______________________________________________ Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel