Emilien Klein <emilien+deb...@klein.st> writes:
> Let's take the example of jquery-lazyload .
> Both these files are provided in the upstream tarball:
> - jquery.lazyload.js
> - jquery.lazyload.min.js
> With the second one being the minified form of the first one.
How will you guarantee that ‘jquery.lazyload.js’ is the corresponding
source for the file ‘jquery.lazyload.min.js’? How will you guarantee
that holds true every time a new version is released upstream?
There is a method for doing so: Don't distribute the minified file from
upstream; instead, distribute only the source form of the work, and
compile a minified file during the build of the binary package.
What other method do you propose for keeping our promise in the Social
Contract? Does it meet that promise with as much certainty as the method
I propose above?
> We've got an implicit statement from upstream that the minified file
> comes from the source file:
This implicit statement can be false; if not by malice, then by simple
omission or other mistake. So it is less reliable than removing the
non-source form of the work from our source package.
> To take another example: .jpg images.
> - those are not the source of the image (would be e.g. a Gimp project
In many cases, JPEG *is* the preferred form for modifying a work.
For example: when no other form exists.
> If (as we do for .jpg) we accept non-source files based on their
> licensing information, and even use them as such in the binary
> package, I don't see how worse it would be to leave a minified file
> (which has it's explicit copyright notice embedded!) in the orig
> tarball, and rebuild it on our side to absolutely rule out any evil
> action or omission of update on upstream's side.
Where a JPEG image is not the source form of a work – that is, where we
have good reason to believe the JPEG image has a source form which the
upstream maintainer could provide but does not – we should indeed ask
that they provide the source form of the work.
But where the upstream has no form of the work more suitable for
modification than the JPEG image, then that *is* the source form of the
work and it belongs in the Debian source package.
> I would argue that having minified files in the upstream tarball is no
> reason for repackaging. Those files are released under the same
> license as the source
As has been pointed out, the issue being discussed is not the license
terms of the work.
The non-source form should not be part of the source package because we
risk violating our Social Contract, and we can easily be much more sure
of that contract by removing the non-source form of the work from the
source package we distribute.
\ “If it ain't bust don't fix it is a very sound principle and |
`\ remains so despite the fact that I have slavishly ignored it |
_o__) all my life.” —Douglas Adams |