On 09/01/16 23:22, Philippe Cerfon wrote: > For non-open, the definition is quite clear: all or some of the > sources are no available.
If the question you're trying to answer is "is this safe?", then I don't think source-available (and hence auditable) vs source-unavailable (and hence not auditable) is necessarily the interesting distinction to make. <https://tracker.debian.org/pkg/doom-wad-shareware> is certainly not source-available - we don't have the source files from which it was compiled - but it's as safe to use as any other non-executable data package. <https://tracker.debian.org/pkg/firmware-iwlwifi> contains firmware that isn't source-available, but doesn't run on the main CPU (and hopefully can't DMA out the main RAM). Conversely, <https://tracker.debian.org/pkg/flashplugin-nonfree> contains only Free Software (and is necessarily also source-available), hence it's in contrib; but its entire purpose is to download executable code that is not auditable, and based on historical experience, not safe either. S