Bug 1128754
| Summary: | Review Request: mozilla-requestpolicy - Firefox and Seamonkey extension that gives you control over cross-site requests | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Antonio T. (sagitter) <anto.trande> |
| Component: | Package Review | Assignee: | Paulo Andrade <paulo.cesar.pereira.de.andrade> |
| Status: | CLOSED ERRATA | QA Contact: | Paulo Andrade <paulo.cesar.pereira.de.andrade> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | package-review, paulo.cesar.pereira.de.andrade, samuel-rhbugs |
| Target Milestone: | --- | Flags: | paulo.cesar.pereira.de.andrade:
fedora-review+
gwync: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | mozilla-requestpolicy-1.0-0.2.20141213gitd27363.el6 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-02-06 04:02:29 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Antonio T. (sagitter)
2014-08-11 13:21:43 UTC
I will give it a try later, as I've never reviewed such packages.. I assign reviewer to default according to the policies for stalled package reviews. Update to 1.0 pre-release. SPEC URL: https://sagitter.fedorapeople.org/mozilla-requestpolicy/mozilla-requestpolicy.spec SRPM URL: https://sagitter.fedorapeople.org/mozilla-requestpolicy/mozilla-requestpolicy-1.0-0.1.20141213gitd27363.fc21.src.rpm I would like some comments about these "===== MUST items =====":
1. It says License GPLv3+ and LGPLv3+ MPLv2
I believe it is LGPLv2.1+ (the icons) and not LGPLv3+. Please verify.
I believe the MPLv2 are only the tests, so, MPLv2 should be only sources,
not installed files. Please verify.
"""
[ ]: If the package is under multiple licenses, the licensing breakdown must
be documented in the spec.
"""
The license tag should also have an extra "and" if keeping as is, that is:
-GPLv3+ and LGPLv3+ MPLv2
+GPLv3+ and LGPLv3+ and MPLv2
2. It is the owner of %{firefox_inst_dir} and %{seamonkey_inst_dir}
This looks wrong. Too bad firefox-filesystem is not the onwer of %{firefox_inst_dir}, but there are other packages that think they are the owner.
seamonkey is the owner of %{seamonkey_inst_dir}.
I think it should be worth a bug report for firefox-filesystem for it to become owner of %{firefox_inst_dir}
"""
[ ]: Package must own all directories that it creates.
Note: Directories without known owners:
/usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[ ]: Package does not own files or directories owned by other packages.
Note: Dirs in package are owned also by: /usr/share/mozilla/extensions
/{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}(mozilla-esteid, seamonkey,
mozilla-https-everywhere)
"""
3. Please correct:
"""
[ ]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
beginning of %install.
Note: rm -rf %{buildroot} present but not required
"""
(In reply to Paulo Andrade from comment #4) > > 2. It is the owner of %{firefox_inst_dir} and %{seamonkey_inst_dir} > This looks wrong. Too bad firefox-filesystem is not the onwer of > %{firefox_inst_dir}, but there are other packages that think they are the > owner. > seamonkey is the owner of %{seamonkey_inst_dir}. > I think it should be worth a bug report for firefox-filesystem for it to > become owner of %{firefox_inst_dir} > """ > [ ]: Package must own all directories that it creates. > Note: Directories without known owners: > /usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384} > [ ]: Package does not own files or directories owned by other packages. > Note: Dirs in package are owned also by: /usr/share/mozilla/extensions > /{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}(mozilla-esteid, seamonkey, > mozilla-https-everywhere) > """ %{firefox_inst_dir}=%{moz_extensions}/%{firefox_app_id}/requestpolicy must be owned by this package. %{moz_extensions}/%{firefox_app_id} is co-owned with 'firefox'. %{moz_extensions} is owned by 'mozilla-filesystem' that is required by 'firefox'. Is it not right? SPEC URL: https://sagitter.fedorapeople.org/mozilla-requestpolicy/mozilla-requestpolicy.spec SRPM URL: https://sagitter.fedorapeople.org/mozilla-requestpolicy/mozilla-requestpolicy-1.0-0.2.20141213gitd27363.fc21.src.rpm Since it requires firefox in rhel, there it should not
need to also be the owner of %{firefox_inst_dir}.
In non rhel it does not explicitly require firefox,
so, should be ok to co-own the directory.
I say that because it usually is not considered a
good idea to have multiple packages owning the same
(file or) directory.
Anyway looking at https://fedoraproject.org/wiki/Packaging:Guidelines#File_and_Directory_Ownership
I think it should be worth opening a bug report asking
for mozilla-filesystem to become the owner of
%{moz_extensions}/%{firefox_app_id}, or, have the
package also require firefox on Fedora.
But I will not consider it a blocker.
The package is approved.
New Package SCM Request ======================= Package Name: mozilla-requestpolicy Short Description: Firefox and Seamonkey extension that gives you control over cross-site Upstream URL: https://www.requestpolicy.com Owners: sagitter Branches: f21 f20 el6 el7 Git done (by process-git-requests). mozilla-requestpolicy-1.0-0.2.20141213gitd27363.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/mozilla-requestpolicy-1.0-0.2.20141213gitd27363.el7 mozilla-requestpolicy-1.0-0.2.20141213gitd27363.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/mozilla-requestpolicy-1.0-0.2.20141213gitd27363.el6 mozilla-requestpolicy-1.0-0.2.20141213gitd27363.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/mozilla-requestpolicy-1.0-0.2.20141213gitd27363.fc21 mozilla-requestpolicy-1.0-0.2.20141213gitd27363.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/mozilla-requestpolicy-1.0-0.2.20141213gitd27363.fc20 mozilla-requestpolicy-1.0-0.2.20141213gitd27363.el6 has been pushed to the Fedora EPEL 6 testing repository. mozilla-requestpolicy-1.0-0.2.20141213gitd27363.fc20 has been pushed to the Fedora 20 stable repository. mozilla-requestpolicy-1.0-0.2.20141213gitd27363.fc21 has been pushed to the Fedora 21 stable repository. mozilla-requestpolicy-1.0-0.2.20141213gitd27363.el7 has been pushed to the Fedora EPEL 7 stable repository. mozilla-requestpolicy-1.0-0.2.20141213gitd27363.el6 has been pushed to the Fedora EPEL 6 stable repository. |