Thanks a lot for the review!
Now I can do my taxes in FreeBSD... yay!!!

Addressing more feedback.

Address feedback.

In D53807#1235410, @michaelo wrote:

A few more notes:

• Autofirma.js: You should create a package install message to tell how to install this with Firefox AND you have to fix the path in it
• usr/bin/autofirma: It is completely unusable on FreeBSD: shebang wrong, path to JAR wrong, eventually path to java should be absolute and maybe not rely on PATH
• autofirma.jar\nss\WINDOWS: is large and can be completely wiped
• afirma.desktop: completely unpatched:

Exec=/usr/bin/autofirma %u
Icon=/usr/lib/Autofirma/Autofirma.png

See: https://github.com/search?q=repo%3Actt-gob-es%2Fclienteafirma%20autofirma.png&type=code

• What happened to the env var to NSS?

In D53807#1232339, @michaelo wrote:

In D53807#1232338, @fernape wrote:

Is there anything else that needs to be done here at the moment?

I can take another look next couple of days unless you are in a rush...

In D53807#1232339, @michaelo wrote:

In D53807#1232338, @fernape wrote:

Is there anything else that needs to be done here at the moment?

I can take another look next couple of days unless you are in a rush...

Is there anything else that needs to be done here at the moment?

Remove "linux" directory too.

In D53807#1230960, @michaelo wrote:

In D53807#1230956, @fernape wrote:

autofirma.jar contains directories linux/windows/osx (sic!) with a binary-bundled certutil, I bet this is libnss3-tools and maybe need to provide certutil.

I don't know the use of that. At least for my simple use (either stand alone or via web) it works fine for me.

I would at least strip all of those foreign binaries from the JAR since they bloat the package w/o any benefit.

I did not inspect the .jar files internally. In orther to do that, I assume I should unpack it and repack the .jar with only the relevant files?

Not really, ${ZIP_CMD} can delete content out of a JAR without issues.

Clean up autofirma.jar from Windows and Os X folders

In D53807#1230950, @michaelo wrote:

In D53807#1230948, @fernape wrote:

In D53807#1230515, @michaelo wrote:

This port made me curious, though I don't live in Spain:

• Why the hell did they pack a deb package in a ZIP file, clowns
• The data.tar has some interesting things you like have missed:
  • Autofirma.js is for Firefox which will autoinject into prefs.js, it is user.js for Autofirma. You didn't handle this at all. It contains also a path which needs to be fixed for LOCALBASE

Do I need to? The file is packed in case someone wants to install it in his/her home preferences.

I think yes, for two reasons: The original Debian package does and you can't expect people to know how Firefox works internally.

In D53807#1230515, @michaelo wrote:

This port made me curious, though I don't live in Spain:

• Why the hell did they pack a deb package in a ZIP file, clowns
• The data.tar has some interesting things you like have missed:
  • Autofirma.js is for Firefox which will autoinject into prefs.js, it is user.js for Autofirma. You didn't handle this at all. It contains also a path which needs to be fixed for LOCALBASE

Address more feedback

Aha! Thanks for that info!

Address feedback:

Address feedback.

In D53807#1229368, @haraldei wrote:

Not sure if it belongs in the java category, though... Perhaps security instead?

Addressing feedback