Sounds good to me.
Here's my list of answers:
1. Does all important site functionality that's enabled for use
with that package work correctly (though it need not look
as nice) in free browsers, including
IceCat,
without running any nonfree software sent by the
site?
>Yes, the
codeberg.org website works without any issues with the LibreJS extension and doesn't require any nonfree software to function, including Flash. It also works if _javascript_ is disabled.
2.Does it discriminate against classes of users, or
against any country?
classes of users, or against any country.
3. Does it permit access via Tor? (we consider this an
important site function)
>Yes, the website works as usual.
4. Does the site's terms of use contain any odious
conditions?
It simply says that you're responsible for your own actions and applying appropriate security measures to protect your own data and account
access credentials, among other things.
5. Does it recommend and encourage GPL 3-or-later licensing at
least as much as any other kind of licensing?
>Yes.
6. How's the HTTPS support? Is it done properly and securely, including the site's
certificates?
>Yes. All of their websites use HTTPS.
7. Is all code sent to the user's browser free
software and labeled for LibreJS or other suitable free
automatic license analyzer, regardless of whether the site
functions when the user disables this code?
>Unfortunately, no. Although all the code sent to the user's browser is free software, not all of it is labeled properly. The homepage fits the criteria, but some scripts are not labeled, such as this code snippet(when I visited my repo):
const isSSH = localStorage.getItem('repo-clone-protocol') === 'ssh';
const sshButton = document.getElementById('repo-clone-ssh');
const httpsButton = document.getElementById('repo-clone-https');
const input = document.getElementById('repo-clone-url');
if (input) input.value = (isSSH ? sshButton : httpsButton).dataset.link;
if (sshButton) sshButton.classList[isSSH ? 'add' : 'remove']('primary');
if (httpsButton) httpsButton.classList[isSSH ? 'remove' : 'add']('primary');
setTimeout(() => {
if (sshButton) sshButton.classList.remove('no-transition');
if (httpsButton) httpsButton.classList.remove('no-transition');
}, 100);
Furthermore, most of the _javascript_ licences of the website at
https://codeberg.org/js/licenses.txt are really the Expat License, even though they use the vague term "MIT License".
8. Does it make sure not to report visitors to other organizations; in
particular, no tracking tags in the pages. This means the
site must avoid most advertising networks
9. Does it discourage bad licensing practices? (no
license, unclear licensing, GPL N only).
Yes. When making a repo, the licences that you can choose from are clear in their naming and cannot therefore be unclear. It allows
not having a license, but it recommends that you choose one from those available.
10. Does it make sure not to recommend nonfree licenses for works of
practical use?
>Yes, because all the license choices available gives everyone the four freedoms.
11. Does all important site functions work correctly (though may not
look as nice) when the user disables execution of _javascript_
and other code sent by the
site?
>Yes, however you can't download the repository without using _javascript_ and must instead use the git clone command.
12. Is the server code released as free software?
13. Does it encourage use of GPL 3-or-later as the preferred option?
>No. It encourages all free software licenses equally, copyleft and non-copyleft.
14. Does it offer use of AGPL 3-or-later as an option?
>Yes.
15. Does it prohibit nonfree licenses (or lack of license) for
works for practical use?
>Yes, it does. As a matter of fact, it prohibits nonfree licenses as part of their Terms of Use(under "Repositories, Wikis, and Issue Trackers"):
It doesn't recommend that not having a license when making a repo.
16. Does it make sure not to recommend services that
are
SaaSS?
>Yes, because they avoid using proprietary software as part of their infrastructure to be completely independent.They strive to work as a community to help on making codeberg better. They don't mention anything that is SaaSS.
17. Do they say “free software,” not “open
source.”?
>No, as they use the neutral term "Free and Open Source Software" and "Open Source", like in their Mission Statement:
18. Does
codeberg.org clearly endorse the Free Software Movement's ideas of
freedom?
>No, as it's a mix. In their mission statement they say "Open Source" and "Free and Open Source Software":
On the other hand, their "What is Codeberg?" page unilaterally says "Free Software":
19. Do they avoid saying “Linux” without “GNU”
when referring to GNU/Linux?
>I'm not sure about this, as the topic isn't mentioned on any of their websites.
20. Does
codeberg.org insist that each nontrivial file in a package clearly and
unambiguously state how it is licensed?
>No.
21. Does
codeberg.org allow visitors to look and download without authenticating?
>Yes, as you can just visit someone's repo on the website and download without making an account.
>It generally does, but I didn't want to go through the effort of checking it myself, so I used
webaccessibility.com from
https://www.w3.org/WAI/ER/tools/ to do it for me. Both of these websites don't work with the LibreJS extension though so I had to make exceptions. I've attached a screenshot of codeberg's WCAG 2.0 score. If this question means it follows the standard 100%, then the answer's no.
>No. It may not be an Accessible Rich Internet Application, but it's an easy to navigate website for hosting projects.
26. Is all data contributed by the project owner and contributors exportable in a machine-readable format?
>No. It might be possible one day though.(Does git count?)
SUMMARY:
codeberg.org is rated C because it doesn't follow one criterion in grade B:
All code sent to the user's browser must be free
software and labeled for LibreJS or other suitable free
automatic license analyzer, regardless of whether the site
functions when the user disables this code.
that say "MIT License" should be changed to say "Expat License".
Continuing on that note, if codeberg was raised to grade B, these criteria in grade A would need to be resolved for
codeberg.org to be grade A:
1.Codeberg would need to encourage use of GPL 3 or later as preferred option.
2.Codeberg would need to say "free software", not "open source".
3.Codeberg would have to clearly endorse the Free Software Movement's ideas of freedom.
4.Codeberg would need to avoid saying “Linux” without “GNU”
when referring to GNU/Linux.(I'm not sure about this as their isn't any
5.Codeberg would need to insist that each nontrivial file in a package clearly and
unambiguously state how it is licensed.
If the previous criteria were fulfilled, these criteria would need to be followed before codeberg would get extra credit and get A+ status:
1.Does not log ANYTHING about visitors. Codeberg gets very close to this. Check criterion no. 22 for details.
-There are 230 errors using HTML_CodeSniffer.
achieve this. There doesn't seem to be any WAI-ARIA 1.0 compliance checkers that I found on the internet.
4.All data contributed by the project owner and contributors
is exportable in a machine-readable format.Codeberg doesn't achieve this(I think?).
I don't know if git counts as it is the one that stores all the project data, but if so then this problem is solved.
Codeberg
CURRENT GRADE:C
Codeberg-WSAG(2.0)-Score.png