Re: non-gnu elpa issue tracking

[Jean Louis]

* Boruch Baum <boruch_baum@gmx.com> [2020-12-14 22:14]:
> On 2020-12-14 20:38, Jean Louis wrote:
> > For sign up on Github users need to run proprietary Javascript. On the
> > sign up page there are few Javascript scripts proprietary and few are
> > free software. Maybe we could ask Github to liberate the remaining
> > proprietary Javascript:
> 
> 1) How can JS ever be considered 'free' (and benign) when it's pushed to
>    the client browser at run-time from an external server? Until it's
>    received (at page load time), no user can possibly know what its
>    contents truly are.
> 
>    1.1) Even if a user had something like a set of HOSTS file entries
>         redirecting the HTTP requests for JS to a local repository, the
>         local JS repository would need to be kept up-to-date, BUT ...
> 
>    1.2) Once a local repository exists, the JS being pushed no longer
>         needs to be 'free' because it won't be used anyway; All that's
>         required is API compatibility.
> 
> 2) For me (IFF: I were to adopt your position re: github) your solution
>    sounds insufficient, because it wouldn't impose upon github a legal
>    commitment not to inject proprietary JS in the future.

It is up to them to decide on that, there is nothing wrong to ask. We
cannot impose any legal commitment on third parties.

Best is when entities like Github commit voluntarily. Even then there
is no legal commitment.

It is hypocrisy that they host free software but coerce users to run
non-free software for login.

Jean