forums, mailing lists and other tools

Mirko Boehm mirko at
Thu Jan 18 09:38:53 UTC 2018


> On 18. Jan 2018, at 10:28, Daniel Pocock <daniel at> wrote:
>> The client-side Javascript to me is not a
>> relevant issue anymore since JS is an open standard and browsers are
>> sandboxed these days.
> There is an issue:
> a) if the JavaScript is distributed as minified blobs and we can't
> rebuild it easily from source,
> b) if a large application makes heavy use of things like the NPM
> repository for its build process

Accepted. I always assume that software like Discourse is compliant with FOSS licenses, where minified JS code is not “the corresponding source code”. That is usually a choice, though - most packages have a minified and a non-minified source URL. Developers tend to ship with links to the minified version because that is the norm and loads faster. 
For a Debian packager, this is understandably a problem. We will probably run Discourse out of a container shipped by the project, not a package, so does that still apply to us?


Mirko Boehm | mirko at | KDE e.V.
FSFE Fellowship Representative, FSFE Team Germany
Qt Certified Specialist and Trainer
Request a meeting:

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Discussion mailing list