Bug 1197471
| Summary: | Review Request: tonto - Tools for Pronto programmable remote controls | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Alec Leamas <leamas.alec> |
| Component: | Package Review | Assignee: | Mikolaj Izdebski <mizdebsk> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | jcajka, mizdebsk, msrb, package-review |
| Target Milestone: | --- | Flags: | mizdebsk:
fedora-review+
gwync: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | tonto-1.44-3.20150312gitbe1657a.fc22 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-04-08 06:58:25 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Alec Leamas
2015-03-01 14:17:46 UTC
Acme bundling exception request: https://fedorahosted.org/fpc/ticket/504 osbaldeston bundling exception request: https://fedorahosted.org/fpc/ticket/505 Handling FPC decisions: remove osbaldeston files, virtual provides for acme bundling exemption. New links: Spec: https://leamas.fedorapeople.org/harctoolbox/tonto.spec srpm: https://leamas.fedorapeople.org/harctoolbox/tonto-1.44-4.fc21.src.rpm Scratch build: ttps://copr.fedoraproject.org/coprs/leamas/harctoolbox/builds/ fedora-review: http://ur1.ca/jutj9 Clearing whiteboard You need to block FE-LEGAL to get an opinion on the osbaldeston code. Not really, the somewhat unexpected course of events on the meeting made me just remove that code - it turned out be quite simple, actually. Ah, didn't catch that. Excellent. As this was raised on the FPC: The latest version is 1.48, but those sources are not available (a GPL violation). I'm trying to get in touch with the author, partly about this issue I'm taking this review. First, the main license in tonto-1.44/doc/LICENSE.txt file is not the Artistic license described on Fedora wiki - license texts differ. Fedora legal should check if this license is free software license and whether it is compatible with GPL or not. They will either add a new license tag or permit use of existing Artistic tag.
Other minor issues found so far:
1. You should use %{version} in source URLs, this will make updating package easier.
2. get-source1.sh should have "mktemp -d" instead of pure mktemp. mktemp without -d creates regular file
3. %{name} should be used in the whole spec file, but especially in paths. This is to minimize changes needed when the package is renamed (eg. when introducing compat package or SCL-izing package)
4. desktop files should not use --vendor tag, see http://fedoraproject.org/wiki/Packaging:Guidelines#desktop-file-install_usage
5. missing %license in javadoc subpackage
rpmlint output:
tonto.src:23: W: unversioned-explicit-provides bundled(acme-IntHashtable)
tonto.src:24: W: unversioned-explicit-provides bundled(acme-ImageEncoder)
tonto.src:25: W: unversioned-explicit-provides bundled(acme-GifEncoder)
tonto.src:26: W: unversioned-explicit-provides bundled(acme-GifEncoderHashitem)
tonto.src: W: invalid-url Source1: tonto-font.tar.gz
tonto.x86_64: W: no-manual-page-for-binary tonto
4 packages and 0 specfiles checked; 0 errors, 6 warnings.
I'll continue with the review once licensing is cleared out.
(In reply to Mikolaj Izdebski from comment #8) > First, the main license in tonto-1.44/doc/LICENSE.txt file is not the > Artistic license described on Fedora wiki - license texts differ. Fedora > legal should check if this license is free software license and whether it > is compatible with GPL or not. They will either add a new license tag or > permit use of existing Artistic tag. I believe it's "Artistic 1.0 (original)" license [1], listed under "bad" licenses in [2]. [1]: http://directory.fsf.org/wiki/License:Artistic_v1.0 [2]: https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing#Bad_Licenses (In reply to Michal Srb from comment #9) > (In reply to Mikolaj Izdebski from comment #8) > > First, the main license in tonto-1.44/doc/LICENSE.txt file is not the > > Artistic license described on Fedora wiki - license texts differ. Fedora > > legal should check if this license is free software license and whether it > > is compatible with GPL or not. They will either add a new license tag or > > permit use of existing Artistic tag. > > I believe it's "Artistic 1.0 (original)" license [1], listed under "bad" > licenses in [2]. > > [1]: http://directory.fsf.org/wiki/License:Artistic_v1.0 > [2]: https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing#Bad_Licenses The text on Fedora wiki points to http://www.perl.com/pub/a/language/misc/Artistic.html, which is not the same text as http://directory.fsf.org/wiki/License:Artistic_v1.0 (In reply to Mikolaj Izdebski from comment #10) > The text on Fedora wiki points to > http://www.perl.com/pub/a/language/misc/Artistic.html, which is not the same > text as http://directory.fsf.org/wiki/License:Artistic_v1.0 Hmm, interesting. The wiki also points to http://www.gnu.org/licenses/license-list.html#ArtisticLicense, which further points to http://directory.fsf.org/wiki/License:Artistic_v1.0 In any case, the text in the tonto package is indeed Artistic 1.0 as defined in the Licensing::Main. So, in order to use this sw I need to talk to upstream about using another license. Putting package on hold. (In reply to Mikolaj Izdebski from comment #8) > First, the main license in tonto-1.44/doc/LICENSE.txt file is not the > Artistic license described on Fedora wiki - License updated to the proper Artistic Clarified after talking to upstream. > 1. You should use %{version} in source URLs, this will make updating package > easier. Done, bending to your argument. Note that the GL has this as an explicit example of personal preferences, though. > 2. get-source1.sh should have "mktemp -d" instead of pure mktemp. mktemp > without -d creates regular file Not needed, it's the default behaviour (man mktemp....) > 3. %{name} should be used in the whole spec file, but especially in paths. > This is to minimize changes needed when the package is renamed (eg. when > introducing compat package or SCL-izing package) Done, once again bending to your arguments (my personal style so far has been to avoid macros for things not likely to change). > 4. desktop files should not use --vendor tag, see > http://fedoraproject.org/wiki/Packaging:Guidelines#desktop-file-install_usage Done > 5. missing %license in javadoc subpackage Done I have a "file listed twice" problem I can't handle in any reasonable way :( New links: spec: https://leamas.fedorapeople.org/harctoolbox/tonto.spec srpm: https://leamas.fedorapeople.org/harctoolbox/tonto-1.44-5.fc21.src.rpm Package is ready after a really short upstream round-trip. (In reply to Alec Leamas from comment #13) > > 2. get-source1.sh should have "mktemp -d" instead of pure mktemp. mktemp > > without -d creates regular file > > Not needed, it's the default behaviour (man mktemp....) That's strange. On my system (Fedora 23, coreutils-8.23-7.fc23.x86_64) it creates empty regular file: $ /usr/bin/mktemp /tmp/tmp.bRSGOHg9do $ stat /tmp/tmp.bRSGOHg9do File: ‘/tmp/tmp.bRSGOHg9do’ Size: 0 Blocks: 0 IO Block: 4096 regular empty file Device: fd12h/64786d Inode: 3675141 Links: 1 Access: (0600/-rw-------) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2015-03-12 14:05:03.738537463 +0100 Modify: 2015-03-12 14:05:03.738537463 +0100 Change: 2015-03-12 14:05:03.738537463 +0100 Birth: - Sorry, I read the manpage wrong (how has this script ever worked?). Updated in-place, same links, changelog update. Did I say that the license was a good catch? And so was this... Package is not ready for review, removing pending review flag. Not ready? Why? (In reply to Alec Leamas from comment #17) > Not ready? Why? Sorry, I didn't notice you removed NotReady field. Package Review
==============
Key:
x = Check
! = Problem
[x] rpmlint must be run on the source rpm and all binary rpms the
build produces. The output should be posted in the review.
(rpmlint output posted in comment #8.)
[x] The package must be named according to the Package Naming
Guidelines.
[x] The spec file name must match the base package %{name}, in the
format %{name}.spec unless your package has an exemption.
[!] The package must meet the Packaging Guidelines.
JNI libraries should not be placed in libdir directly, not even symlinks.
tonto should be patched to load JNI library from subdirectory of libdir.
See: http://fedoraproject.org/wiki/Packaging:Java#Packaging_JAR_files_that_use_JNI
[x] The package must be licensed with a Fedora approved license and
meet the Licensing Guidelines.
[x] The License field in the package spec file must match the actual
license.
[x] If (and only if) the source package includes the text of the
license(s) in its own file, then that file, containing the text of
the license(s) for the package must be included in %doc.
[x] The spec file must be written in American English.
[x] The spec file for the package MUST be legible.
[x] The sources used to build the package must match the upstream
source, as provided in the spec URL. Reviewers should use
sha256sum for this task as it is used by the sources file once
imported into git. If no upstream URL can be specified for this
package, please see the Source URL Guidelines for how to deal with
this.
[x] The package MUST successfully compile and build into binary rpms
on at least one primary architecture.
http://koji.fedoraproject.org/koji/taskinfo?taskID=9250320
[x] If the package does not successfully compile, build or work on an
architecture, then those architectures should be listed in the
spec in ExcludeArch. Each architecture listed in ExcludeArch MUST
have a bug filed in bugzilla, describing the reason that the
package does not compile/build/work on that architecture. The bug
number MUST be placed in a comment, next to the corresponding
ExcludeArch line.
[x] All build dependencies must be listed in BuildRequires, except for
any that are listed in the exceptions section of the Packaging
Guidelines; inclusion of those as BuildRequires is optional.
Apply common sense.
[x] The spec file MUST handle locales properly. This is done by using
the %find_lang macro. Using %{_datadir}/locale/* is strictly
forbidden.
[x] Every binary RPM package (or subpackage) which stores shared
library files (not just symlinks) in any of the dynamic linker's
default paths, must call ldconfig in %post and %postun.
[x] Packages must NOT bundle copies of system libraries.
[x] If the package is designed to be relocatable, the packager must
state this fact in the request for review, along with the
rationalization for relocation of that specific package. Without
this, use of Prefix: /usr is considered a blocker.
[x] A package must own all directories that it creates. If it does
not create a directory that it uses, then it should require a
package which does create that directory.
[x] A Fedora package must not list a file more than once in the spec
file's %files listings. (Notable exception: license texts in
specific situations.)
[x] Permissions on files must be set properly. Executables should be
set with executable permissions, for example.
[x] Each package must consistently use macros.
[x] The package must contain code, or permissible content.
[x] Large documentation files must go in a -doc subpackage. (The
definition of large is left up to the packager's best judgement,
but is not restricted to size. Large can refer to either size or
quantity).
[x] If a package includes something as %doc, it must not affect the
runtime of the application. To summarize: If it is in %doc, the
program must run properly if it is not present.
[x] Static libraries must be in a -static package.
[x] Development files must be in a -devel package.
[x] In the vast majority of cases, devel packages must require the
base package using a fully versioned dependency: Requires:
%{name}%{?_isa} = %{version}-%{release}
[x] Packages must NOT contain any .la libtool archives, these must be
removed in the spec if they are built.
[x] Packages containing GUI applications must include a
%{name}.desktop file, and that file must be properly installed
with desktop-file-install in the %install section. If you feel
that your packaged GUI application does not need a .desktop file,
you must put a comment in the spec file with your explanation.
[x] Packages must not own files or directories already owned by other
packages. The rule of thumb here is that the first package to be
installed should own the files or directories that other packages
may rely upon. This means, for example, that no package in Fedora
should ever share ownership with any of the files or directories
owned by the filesystem or man package. If you feel that you have
a good reason to own a file or directory that another package
owns, then please present that at package review time.
[x] All filenames in rpm packages must be valid UTF-8.
> [!] The package must meet the Packaging Guidelines. > JNI libraries should not be placed in libdir directly, not even symlinks. > tonto should be patched to load JNI library from subdirectory of libdir. Fixed. New links: spec: https://leamas.fedorapeople.org/harctoolbox/tonto.spec srpm: https://leamas.fedorapeople.org/harctoolbox/tonto-1.44-6.fc21.src.rpm %changelog * Tue Mar 17 2015 Alec Leamas <leamas.alec> - 1.44-6 - Install so-lib in %%jnidir only, patch to comply. - Kill "file listed twice" warning. (In reply to Alec Leamas from comment #20) > > [!] The package must meet the Packaging Guidelines. > > JNI libraries should not be placed in libdir directly, not even symlinks. > > tonto should be patched to load JNI library from subdirectory of libdir. > > Fixed. Fixed, but introduced a regression. JNI library (libjnijcomm.so) should be installed into subdirectory of libdir, like it was in version 1.44-5. Silly, silly (sloppy?) me. Fixed, new links: spec: https://leamas.fedorapeople.org/harctoolbox/tonto.spec srpm: https://leamas.fedorapeople.org/harctoolbox/tonto-1.44-7.fc21.src.rpm %changelog * Wed Mar 18 2015 Alec Leamas <leamas.alec> - 1.44-7 - Fixed silly bug with so-lib in %%{jni_dir}; update patch Both spec file and JNI patch are fixed. Package is approved. Thanks for a really good review which actually made a difference (not all do). New Package SCM Request ======================= Package Name: tonto Short Description: Tools for Pronto programmable remote controls Upstream URL: http://mrallen.com/tonto/ Owners: leamas Branches: f21 f22 InitialCC: Git done (by process-git-requests). tonto-1.44-2.20150312gitbe1657a.fc22 has been submitted as an update for Fedora 22. https://admin.fedoraproject.org/updates/tonto-1.44-2.20150312gitbe1657a.fc22 tonto-1.44-2.20150312gitbe1657a.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/tonto-1.44-2.20150312gitbe1657a.fc21 tonto-1.44-2.20150312gitbe1657a.fc21 has been pushed to the Fedora 21 testing repository. Hello, tonto depends on rxtx as result builds on s390x and ppc fail(rxtx is missing). So package probably should have same ExcludeArch as rxtx ie. "ExcludeArch: ppc ppc64 s390 s390x"(and probably ppc64le too) with some note (if the (build)dependency couldn't be disabled on respective archs). Failed builds: http://s390.koji.fedoraproject.org/koji/packageinfo?packageID=19790 Best regards, Jakub tonto-1.44-3.20150312gitbe1657a.fc22 has been submitted as an update for Fedora 22. https://admin.fedoraproject.org/updates/tonto-1.44-3.20150312gitbe1657a.fc22 tonto-1.44-3.20150312gitbe1657a.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/tonto-1.44-3.20150312gitbe1657a.fc21 Jakub: thanks for heads-up! Obviously, updates are under way (rawhide is pushed). tonto-1.44-3.20150312gitbe1657a.fc21 has been pushed to the Fedora 21 stable repository. tonto-1.44-3.20150312gitbe1657a.fc22 has been pushed to the Fedora 22 stable repository. |