Sep 22 2017
@MaxSem there's also the issue that no url is provided for the source of the non-source js. Anyways, I'll also add to the readme mentioning the problems. At this point, it's incomplete and I don't recommend using it.
Also, fsf used a patch like it, but not anymore.
@MaxSem, I should have said, it's a non-source form, aka object code, as gpl v3 defines it. often referred to as a binary.
@MaxSem, Other than the attribution issue, I doubt it.
It's minified js (ie. binary code) that had no license notice at all, but it's all from
gplv3 compatible source code. I'll fix the attribution problem.
@Aklapper yes, sorry about that. I edited my original comment accordingly.
Aug 21 2017
This was fixed on 2017-5-31 in master by niharika29. Until then, no one
had used this extension on any site with a user list more than 200 bytes
long or else they accidentally banned and nuked legitimate
users. (edit) it would have been nice if this had originally been flagged as
critical and backported to
the stable branch and all other branches. Also, based on all this, there
is no way this extension should be described as "Release status: stable"
May 21 2017
Apr 27 2017
Apr 14 2017
For people coming to this issue from google, etc. In the meantime until this is resolved, fsf has patched their instances to mostly satisfy librejs through a bit of a hack by inserting license info into every page, their instances are around 1.25 and 1.23. I made my own patch to do the same on mediawiki 1.28, at https://iankelling.org/git/?p=mediawiki-librejs-patch;a=tree