Just glanced over the criteria.
As far as I can tell, we meet all of the criteria for C, except C2,
which I may not be legally allowed to fulfill (I have to comply with US
We don't have LibreJS indicators for the one or two scripts on the site,
but the scripts are optional anyway. Other criteria fulfilled.
A2, A4, A8: NACK, do not intend to fix. These are more about "making GNU
happy" than "ethical repository criteria".
A4: NACK, but I might change my mind at some point.
A9: I don't really think this is necessary, a single LICENSE or COPYING
file should be suitable. I would be interested in adding a feature which
warns repo owners if their repo is missing one of these files.
A+1: NACK, we need to do this for security reasons. One example is that
we log every log in and log out attempt and monitor it for unusually
high activity, which alerts us if someone is attempting to access
another user's account. Old information is deleted periodically.
A+5: This is a blocker for the production cycle, but isn't done.
The rest of these criteria are laudable but not currently on the
roadmap, help here would be welcome.
In short, I think we could easily qualify for a B rating, but the A
rating is kind of GNU biased and I'm not really into it.