Bug 1323214
Summary: | Review Request: git-evtag - Strong GPG verification of git tags | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Colin Walters <walters> |
Component: | Package Review | Assignee: | Igor Gnatenko <ignatenko> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | dustymabe, fedora, package-review |
Target Milestone: | --- | Flags: | ignatenko:
fedora-review+
|
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-11-28 07:25:13 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Colin Walters
2016-04-01 14:41:22 UTC
These are my preliminary thoughts about your spec file: 1) Please add a meaningful description that does not only repeat the summary. People should be able to decide whether or not they'd need to install this package 2) You need a %changelog entry, please provide such an entry at the end of your spec file, and keep it up-to-date https://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs 3) Please specify the upstream URL in Source0, not only the name of the file. 4) Your spec file does not mention Requires:, but from the summary I'd expect that both git and gpg/gpg2 would be needed at runtime. 5) store your COPYING file under %(_datadir)/licenses/%(name) and tag it as %license 6) The Group-tag is missing. Also it's optional, it would be nice to place your binary in a group. 7) Please create a man page for your binary. (In reply to Ralf Senderek from comment #1) > 5) store your COPYING file under %(_datadir)/licenses)/%(name) and tag it as > %license As the license text is standard LGPLv2+, it is not necessary to store it in %(_datadir)/licenses, but marking it as %license is. > 4) Requires: Your binary requires at least git: error: Failed dependencies: libgit2.so.23()(64bit) is needed by git-evtag-2016.1-1.fc23.x86_64 (In reply to Ralf Senderek from comment #1) > These are my preliminary thoughts about your spec file: I fixed a few of these in: https://github.com/cgwalters/git-evtag/pull/18 Do you want to review that? > > 1) Please add a meaningful description that does not only repeat the summary. > People should be able to decide whether or not they'd need to install this > package > > 2) You need a %changelog entry, please provide such an entry at the end of > your spec file, and keep it up-to-date This however I'll only do in dist-git, not usptream. I don't like rpm %changelogs - IMO they should be deleted in favor of a combination of bodhi, dist-git git logs, and upstream git logs. > 3) Please specify the upstream URL in Source0, not only the name of the file. Ordinarily I don't do this because my modules tend to use submodules, which runs into https://fedoraproject.org/wiki/Packaging:SourceURL?rd=Packaging/SourceURL#Git_Submodules Which is something https://github.com/cgwalters/rpmdistro-gitoverlay handles out of the box. > 4) Your spec file does not mention Requires:, but from the summary I'd expect > that both git and gpg/gpg2 would be needed at runtime. Fixed these. > 5) store your COPYING file under %(_datadir)/licenses/%(name) and tag it as > %license Just saying %license seems to do the former. > 6) The Group-tag is missing. Also it's optional, it would be nice to place > your > binary in a group. Not sure...nothing really uses it. > 7) Please create a man page for your binary. Yeah. (In reply to Colin Walters from comment #3) > > 7) Please create a man page for your binary. > https://github.com/cgwalters/git-evtag/pull/19 For anyone who wants precompiled RPMs until this review completes, the COPR link: https://copr.fedorainfracloud.org/coprs/walters/git-evtag/ > # For autosetup > BuildRequires: git not needed > %autosetup -Sgit don't think that you use any features from that, so %autosetup > make %{?_smp_mflags} %make_build > make install DESTDIR=%{buildroot} INSTALL="install -p -c" %make_install INSTALL="install -p -c" > %doc COPYING README.md %license COPYING %doc README.md * no changelog section * 2016.1 -> %{version} Resolution: ALMOST GOOD I'd prefer to keep %autosetup, since I always find myself adding it to packages that don't have it the minute I do have to add patches. Other bits in https://github.com/cgwalters/git-evtag/commit/5454ceb3939a6a41fce21e312facd27c40286a9f OK? Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/rpms/git-evtag git-evtag-2016.1-1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-38e351d6f2 git-evtag-2016.1-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-66b8607f19 git-evtag-2016.1-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-66b8607f19 git-evtag-2016.1-1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-38e351d6f2 git-evtag-2016.1-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report. git-evtag-2016.1-1.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report. |