Well… Why VC still downloadable only from website? It feels like microslop experience, where you need to go to various websites to make something work and pray not to catch malware
Also VC even doesn’t have official PPA. So you cannot just apt update && apt upgrade.
With website downloads you need to manually check sign/hash of downloaded file, when apt does this automatically.
Moreover, what stops devs to host repo instead of file dumpster to at least do something like LibreWolf did? They already have downloadable files on their server, so adding custom repo shouldn’t be a pain…
Building specific distribution packages for each Linux family (mainly rpm and deb) adds some extra work but it will a good thing for the future.
As for PPA on Launchpad, there could be a licensing issue because we are obliged to stick with the TrueCrypt license and even if it is an open source , there are those who think that it is incompatible with open source.
I’m not a lawyer, but my personal opinion is that the TrueCrypt license is a valid open source license so I don’t see any problem in this side.
Then a newer one where he says he doesn’t have enough time:
I do my best to address all needs and feature requests but my limited time sometimes causes delays. That being said, I always appreciate receiving follow-ups on such requests.
Something more that I’ve found: In this thread they’re talking about a 3rd party repo
I was mostly quoting the dev and haven’t looked into the licenses too much myself. VeraCrypt seems to be multi-licensed with one being a standard Apache License 2.0 and the other one “TrueCrypt License version 3.0”.
I don’t have any experience with this license myself so I can’t really say much about it but non-standard licenses are usually a pain.
TrueCrypt 3.0 is considered a non-free license by the FSF. Some parts of VeraCrypt are still under the TrueCrypt license and therefore can’t be included in many repositories which only allow free software. This is the reason Tails comes with a VeraCrypt Unlocker application rather than VeraCrypt itself.
Since VeraCrypt has already been distributing distro-specific packages for so long (Flatpak wasn’t an option), it’d be problematic to discontinue those package formats. Flatpak may also have some quirks which might make packaging a VeraCrypt Flatpak more labor intensive or maybe even impossible. For example, IIRC Mullvad can’t distribute their VPN as a Flatpak due to limitations with Flatpak. All this to say Flatpak may not resolve the labor shortage issue with VeraCrypt but it would be good to have if they can eventually spare the time to make one.
So most parts are under ApacheV2, but some parts are under TrueCryptV3, which is not fully FOSS?
But you can make a working compatible build, only with the ApacheV2 parts?