I was - as naddy pointed out - very outspoken on this issue during c2k6. And I still am.
I am against ports that download pieces of code that do not have their source form in /usr/ports/distfiles. I want at least to be able to see what the program does by inspecting the sources. And I do not want to rely on any third party webpage to get at the sources. I want it in distfiles. And, I want to be able to apply patches, if needed. We do not hurt our users by requiring the availability of source code. It's only the package builders that need the jdk installed. Our users are told to use packages anywas. They just install the package. But the port should never, ever, rely on precompiled stuff. Not for Java, not for Python, not for Ruby. And not for anything else. Source code should always goto distfiles, be unpackaged, compiled on the porters machine and be transferred to a package. What's next? Binary only software with NOT_FOR_ARCHES set so it runs only the arch the binary is for? It's pervert to have a STOP BLOB release theme and then importing exactly BLOBS in the ports tree. There is absolutely no need to do so, nothing suffers from going throught the source, besides, maybe these ports are a little bit harder to do.
