Re: [Roundup-devel] Roundup debian package

[Kai S. <ka...@xs...>]

On 18/01/2014 17:36, Pradip Caulagi wrote:
> On Thursday 16 January 2014 03:21 AM, Kai Storbeck wrote:
>> Hello again,
>>
>> I've been working at packaging 1.5. It has been a bumpy ride til now.
>> The package now contains a working WSGI wrapper and some examples to
>> make apache easily work with it.
>>
>> I'd like your opinion about 2 issues I'm having whilst packaging:
>>
>>
>> The two minified javascript files in the jinja2 templates:
>>
>>    find . -name '*min.js*'
>>    ./share/roundup/templates/jinja2/static/jquery-1.9.0.min.js
>>    ./share/roundup/templates/jinja2/static/bootstrap.min.js
>>
>> Debian eats them, but only if the original long files are included.
>> Minified sources are not considered free. I don't know which versions
>> were used for bootstrap, 2.2.2? Can they be added to the source with the
>> next release?
> 
> Hello Kai,
> 
> Yes, correct.  We are using bootstrap 2.2.2.  What do you mean by source 
> files?  Do you mean the individual less and javascript files or just the 
> unminified versions of these files?

Hi Pradip,

I mean the unminified versions of these files. Debian requires the
package rebuild the minified version using free software. It isn't bad
if the minified version is included too.

This counts for the CSS files too.

If I can manage to ship 1.5.0 in Jessie, it will be without a working
jinja2 because I can only guess about it's (Bootstrap) license. It's
probably Apache 2.0, but I don't know since the un-minified version
wasn't shipped in the release file.

http://getbootstrap.com/2.2.2/ gives a 404 today.

Please add the full sources somewhere in the 1.5.1 release, Cheers :)

> Actually, we don't rely heavily on both the javascript files at all.  It 
> is only used to dismiss alerts (on error or success).  These alerts are 
> only immediate feedback and go off on page reload.  So if we don't 
> dismiss them (via javascript), it is not a terrible user experience.
> 
>>
>> The other issue is somewhat smaller. For jessie, the packaged version
>> for jQuery is 1.7.2. Does any developer know if the templates are
>> compatible with 1.7.2, or if it relies heavily on 1.9.0? It makes
>> security advisories wrt jQuery a lot easier if I can make use of the
>> already packaged version.
> 
> It should work with 1.7.2 version also.  So will this change be specific 
> to how you package it for debian or are you suggesting the change for all?

No need for you to ship 1.7.2.

Its just something that is really easy to know. If you're not using  the
latest features of jQuery, I don't have to test every little button in
your template.

Thanks for your reply!


Regards,
Kai