This issue should be solved by now.

maybe, thanks for the tip.

is it perhaps possible to use the binary /usr/lib/grub/i386-coreboot/cbmemc.mod already provided in package grub-coreboot-bin?

Debian requires freely licensed source.
An artifact of a build process is not source.
Some third-party simply redistributing the artifact does not make it source.
Some third-party forking the artifact as a new project may make it source (depending on whether it is treated as the preferred form for modification by that new upstream author).

@jonas.smedegaard is a package like the above: that is not a standalone project but an artifact generated in the build process of coreboot something that would normally be ok to package as a debian package.
Or is there any debian guideline against packaging something like this?

hm. This isue seems solved now.

Just stumbled upon yet another meta search engine which might (or might not - e.g. it doesn't seem decentralized) be relevant to consider: https://search.lilo.org/

This is not a Freedom issue: Promoting a commercial service does not violate the GNU Free Distribution Guidelines.
Instead, it is arguably a privacy issue - i.e. the code does not in itself leak personal data but promotes the use of a service which does.

This is a meta-issue tracking a bundle of issues, and as such not a Freedom issue (that is identified for each individual unbundled issue).

This is a meta-issue tracking a bundle of issues, and as such is not in itself a Freedom issue (that it identified for each unblundled issue). Lowering priority accordingly.

This is an issue in Debian but not in PureOS, because PureOS offers no nonfree packages.