Bug 1003614

Summary: Review Request: constant-pool-scanner - Java constant pool scanner
Product: [Fedora] Fedora Reporter: Michal Srb <msrb>
Component: Package ReviewAssignee: gil cattaneo <puntogil>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: notting, puntogil
Target Milestone: ---Flags: puntogil: fedora-review+
gwync: fedora-cvs+
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-09-03 13:05:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michal Srb 2013-09-02 13:31:50 UTC
Spec URL: http://msrb.fedorapeople.org/review/constant-pool-scanner.spec
SRPM URL: http://msrb.fedorapeople.org/review/constant-pool-scanner-1.2-1.fc21.src.rpm
Description: Simple utility to scan Java bytecode for class references in the constant pool.
Fedora Account System Username: msrb

Comment 1 gil cattaneo 2013-09-02 18:08:00 UTC
This is a review *template*. Besides handling the [ ]-marked tests you are
also supposed to fix the template before pasting into bugzilla:
- Add issues you find to the list of issues on top. If there isn't such
  a list, create one.
- Add your own remarks to the template checks.
- Add new lines marked [!] or [?] when you discover new things not
  listed by fedora-review.
- Change or remove any text in the template which is plain wrong. In this
  case you could also file a bug against fedora-review
- Remove the "[ ] Manual check required", you will not have any such lines
  in what you paste.
- Remove attachments which you deem not really useful (the rpmlint
  ones are mandatory, though)
- Remove this text



Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed



===== MUST items =====

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses found:
     "Unknown or generated". 16 files have unknown license. Detailed output of
     licensecheck in /home/gil/1003614-constant-pool-scanner/licensecheck.txt
[x]: License file installed when any subpackage combination is installed.
[x]: If the package is under multiple licenses, the licensing breakdown must
     be documented in the spec.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[-]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Package is not known to require an ExcludeArch tag.
[-]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 40960 bytes in 1 files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least one
     supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the license(s)
     in its own file, then that file, containing the text of the license(s)
     for the package is included in %doc.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: All build dependencies are listed in BuildRequires, except for any that
     are listed in the exceptions section of Packaging Guidelines.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Each %files section contains %defattr if rpm < 4.4
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package do not use a name that already exist
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as provided
     in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

Java:
[x]: Packages have proper BuildRequires/Requires on jpackage-utils
     Note: Maven packages do not need to (Build)Require jpackage-utils. It is
     pulled in by maven-local
[x]: Javadoc documentation files are generated and included in -javadoc
     subpackage
[x]: Javadoc subpackages should not have Requires: jpackage-utils
[x]: Javadocs are placed in %{_javadocdir}/%{name} (no -%{version} symlink)
[x]: Bundled jar/class files should be removed before build

Maven:
[x]: If package contains pom.xml files install it (including depmaps) even
     when building with ant
[x]: Pom files have correct Maven mapping
[x]: Maven packages should use new style packaging
[x]: Old add_to_maven_depmap macro is not being used
[x]: Packages DOES NOT have Requires(post) and Requires(postun) on jpackage-
     utils for %update_maven_depmap macro
[x]: Package DOES NOT use %update_maven_depmap in %post/%postun
[x]: Packages use %{_mavenpomdir} instead of %{_datadir}/maven2/poms

===== SHOULD items =====

Generic:
[!]: If the source package does not include license text(s) as a separate file
     from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Fully versioned dependency in subpackages if applicable.
     Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in constant-
     pool-scanner-javadoc
[x]: Package functions as described.
[x]: Latest version is packaged.
[!]: Package does not include license text files separate from upstream.
[x]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
     architectures.
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed files.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: Dist tag is present (not strictly required in GL).
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: SourceX tarball generation or download is documented.
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

Java:
[x]: Package uses upstream build method (ant/maven/etc.)
[x]: Packages are noarch unless they use JNI

===== EXTRA items =====

Generic:
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).
[x]: Large data in /usr/share should live in a noarch subpackage if package is
     arched.
[x]: Spec file according to URL is the same as in SRPM.


Rpmlint
-------
Checking: constant-pool-scanner-1.2-1.fc21.noarch.rpm
          constant-pool-scanner-javadoc-1.2-1.fc21.noarch.rpm
          constant-pool-scanner-1.2-1.fc21.src.rpm
constant-pool-scanner.noarch: W: spelling-error %description -l en_US bytecode -> byte code, byte-code, decorate
constant-pool-scanner.src: W: spelling-error %description -l en_US bytecode -> byte code, byte-code, decorate
constant-pool-scanner.src: W: invalid-url Source1: https://svn.java.net/svn/glassfish~svn/tags/legal-1.1/src/main/resources/META-INF/LICENSE.txt HTTP Error 401: Authorization Required
3 packages and 0 specfiles checked; 0 errors, 3 warnings.




Rpmlint (installed packages)
----------------------------
# rpmlint constant-pool-scanner-javadoc constant-pool-scanner
constant-pool-scanner.noarch: W: spelling-error %description -l en_US bytecode -> byte code, byte-code, decorate
2 packages and 0 specfiles checked; 0 errors, 1 warnings.
# echo 'rpmlint-done:'



Requires
--------
constant-pool-scanner-javadoc (rpmlib, GLIBC filtered):
    jpackage-utils

constant-pool-scanner (rpmlib, GLIBC filtered):
    jpackage-utils
    mvn(net.sourceforge.findbugs:annotations)



Provides
--------
constant-pool-scanner-javadoc:
    constant-pool-scanner-javadoc

constant-pool-scanner:
    constant-pool-scanner
    mvn(org.jenkins-ci:constant-pool-scanner)



Source checksums
----------------
https://github.com/jenkinsci/constant-pool-scanner/archive/constant-pool-scanner-1.2.tar.gz :
  CHECKSUM(SHA256) this package     : bf3dc3ff2d7ef50274b835b3919a2785ec4475109a0cb6b7b960587419f60a19
  CHECKSUM(SHA256) upstream package : bf3dc3ff2d7ef50274b835b3919a2785ec4475109a0cb6b7b960587419f60a19
https://svn.java.net/svn/glassfish~svn/tags/legal-1.1/src/main/resources/META-INF/LICENSE.txt :
  CHECKSUM(SHA256) this package     : a4c80869daf4350b6773bd5e6ee1d0a6cc52b63db3a3d2dc20961b0cdd272a5c
  CHECKSUM(SHA256) upstream package : a4c80869daf4350b6773bd5e6ee1d0a6cc52b63db3a3d2dc20961b0cdd272a5c


Generated by fedora-review 0.5.0 (920221d) last change: 2013-08-30
Command line :/usr/bin/fedora-review -b 1003614 -m fedora-rawhide-i386
Buildroot used: fedora-rawhide-i386
Active plugins: Generic, Shell-api, Java
Disabled plugins: C/C++, Python, SugarActivity, Perl, R, PHP, Ruby
Disabled flags: EPEL5, EXARCH, DISTTAG


please can you open a bug for fix thi(e)s(e) problem?
[!]: If the source package does not include license text(s) as a separate file
     from upstream, the packager SHOULD query upstream to include it.
[!]: Package does not include license text files separate from upstream.

approved

Comment 2 Michal Srb 2013-09-03 04:30:47 UTC
Thanks for the review.


New Package SCM Request
=======================
Package Name: constant-pool-scanner
Short Description: Java constant pool scanner
Owners: msrb sochotni mizdebsk msimacek
Branches: f20
InitialCC: java-sig

Comment 3 Gwyn Ciesla 2013-09-03 12:22:23 UTC
Git done (by process-git-requests).

Comment 4 Michal Srb 2013-09-03 13:05:16 UTC
Thanks for the review and the repo. The package is now in Rawhide and F20, closing.