I was pretty surprised to find out that raw sources of my little open source project are getting downloaded more often than the compiled and ready to use library (jar file in this case, platform independent). I wonder what are the reasons behind that? Lack of trust? Curiosity? Compiling with custom settings? Attaching sources for debugging?
Personally I usually don't bother downloading and looking at sources unless something is not working or I don't understand how it works.
The first reason would be for customizing applications.
Also its not a good practice to download some code and use it straight away without looking at how the code works. There will be something for you to learn from the code.
Also you might not need the whole functionality of the project. If the project is too big and you need to use only some functionality in it it would be a great idea to trim the project to your needs and then use it.
The number one reason is compiler settings. You can't imagine the amount of pain caused by linking a static library compiled with some incompatible settings. Compiling on your own with checked settings simplifies life greatly. Plus when you decide to change the compiler for the better one you don't need to have the old static library - it will be compiled by the new compiler two.
The number two reason could be that people want to see how some things work inside. For example, they want the same or similar functionality in their commercial closed-source project and can't just borrow code because of the viral license. However they can see how it works and get inspired - that't why they download the source and read.
I often download sources just to see how other people have implemented certain things. Reading (and understanding) other peoples source code is a good way of becoming a better programmer yourself.
As for the relatively high number of downloads, perhaps your library is included in other projects like a Linux distributions? Such projects usually download and build from source themselves so that they can properly package it.
For every piece of software of long term interest for my company, I look at the sources to assess the quality. The rationale behind it is that badly written software is usually also bad to use and maintain and thus a business risk in the long term.
Even with most commercial software like ERP systems it is no problem to get a look at the source. Only for COTS (say MS Office) it is hard to get the source.
I also check source for every hiring decision.
An other reason why you see so many source downloads might be automated build systems like FreeBSD Ports which download and compile automatically.
I have downloaded libraries and compiled them my self but I have not actually looked at the code. When I use a library it is good to know that I can make changes and have the source on hand. I have on occasion taken just a file or two if it is a massive library and I only need a single functionality from a large library.
I look at the source just to learn how the program works.
As silly as it might seems, the open source software ( such as open source CRMs) is notorious for the lack of documentation. The only way to find out how it works is to experiment with it. When even experiment fails, it's the time to fire up your IDE and read the source!!
Maybe the answer will be disappointing, but the relatively high number of source downloads could mean that the application is packaged in a port-based distribution like Gentoo, FreeBSD or MacPorts where every package is downloaded and compiled on a local machine during installation.
If it's a framework, I always download sources. I use them for debugging and to see how they've implemented certain things. If it's a standalone application, I generally don't look at the source unless there is a problem or the application does something unique.
As you say your binary is a jar, it sounds like it is a Java-library (rather than an application). Developers often use source: to include it in the IDE to debug in the library and lookup certain functions. Also many developers include the sources in their build-process to compile also the dependencies. That may be an explanation.
Some reasons could be:
Distrust of binary downloads due to trojans, etc
Taking a look at how you've implemented something
Checking out the quality of your code :)
Since this is a library, the need for comprehensive documentation is much higher than for a standalone app. I often find myself looking up the code of a library to figure out certain things sometimes left out of the docs, e.g. time/space complexity of certain functions.
We use some open source packages for our commercial application. I always download and build from source.
If our hosting platform changes in the future, it might change to something that does not have a precompiled binary. I want to be able to use the same package/version on the new platform.
If the package goes dormant or becomes unsupported, I want to be able to apply a change or fix if absolutely necessary.
If something is going wrong on the server (memory leak, CPU spike, etc.), I want to be able to add logging or instrumentation code to identify or eliminate the package as the source of the problem.