Bug 1334611
| Summary: | Review Request: python-cvss - CVSS2/3 library with interactive calculator | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | pjp <pj.pandit> |
| Component: | Package Review | Assignee: | Igor Gnatenko <ignatenko> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | mail, package-review, vkrizan |
| Target Milestone: | --- | Flags: | ignatenko:
fedora-review+
|
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | All | ||
| URL: | https://github.com/skontar/cvss | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-09-08 21:15:41 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Just a couple of comments: - The Group: tag is unnecessary. - Why not use releases (https://github.com/skontar/cvss/releases) instead of commits? - Please remove the travis section from the description. - Consider to build a py2 and a py3 package. - Please follow https://fedoraproject.org/wiki/Packaging:Python BTW, the reviewer should set the flags not the reporter. Please see:
SPEC: https://pjp.fedorapeople.org/python-cvss.spec
SRPM: https://pjp.fedorapeople.org/python-cvss-1.2-2.fc23.src.rpm
Koji: http://koji.fedoraproject.org/koji/taskinfo?taskID=15285001
It is updated as per above comments.
Thank you.
You build from git checkout, but you still have release version. Or change release to respect shortcommit or remove commit hashes and build released version. > Summary: CVSS2/3 library with interactive calculator for Python 2 & 3 Summary: CVSS2/3 library with interactive calculator > BuildRequires: python-setuptools BuildRequires: python2-setuptools BuildRequires: python3-setuptools * %{_bindir}/cvss_calculator should be referenced only from python3 version * Use %{summary} from subpackages to not duplicate text Hello Igor, (In reply to Igor Gnatenko from comment #4) > You build from git checkout, but you still have release version. Or change > release to respect shortcommit or remove commit hashes and build released > version. It is a released version. The commit hash is used for the tarball because rpmlint(1) complains about resolving github release URLs like below https://github.com/skontar/cvss/archive/v1.2.tar.gz It does not have package name in it. It is a known issue. Please see: -> https://fedoraproject.org/wiki/Packaging:SourceURL?rd=Packaging/SourceURL > > Summary: CVSS2/3 library with interactive calculator for Python 2 & 3 > Summary: CVSS2/3 library with interactive calculator Okay. > > BuildRequires: python-setuptools > BuildRequires: python2-setuptools > BuildRequires: python3-setuptools Okay. > * %{_bindir}/cvss_calculator should be referenced only from python3 version Wouldn't it be required with python 2.x version ? > * Use %{summary} from subpackages to not duplicate text Okay. Thank you so much. (In reply to pjp from comment #5) > Hello Igor, > > (In reply to Igor Gnatenko from comment #4) > > You build from git checkout, but you still have release version. Or change > > release to respect shortcommit or remove commit hashes and build released > > version. > > It is a released version. The commit hash is used for the tarball because > rpmlint(1) complains about resolving github release URLs like below > > https://github.com/skontar/cvss/archive/v1.2.tar.gz > > It does not have package name in it. It is a known issue. -> %{url}/archive/v%{version}/%{srcname}-%{version}.tar.gz > > Please see: > -> https://fedoraproject.org/wiki/Packaging:SourceURL?rd=Packaging/SourceURL > > > > > Summary: CVSS2/3 library with interactive calculator for Python 2 & 3 > > Summary: CVSS2/3 library with interactive calculator > > Okay. > > > > BuildRequires: python-setuptools > > BuildRequires: python2-setuptools > > BuildRequires: python3-setuptools > > Okay. > > > * %{_bindir}/cvss_calculator should be referenced only from python3 version > > Wouldn't it be required with python 2.x version ? Then you should rename it. But if they produce same result you should package only py3 version. So it should go only under python3- subpkg. > > > * Use %{summary} from subpackages to not duplicate text > > Okay. > > Thank you so much. Please see:
SPEC: https://pjp.fedorapeople.org/python-cvss.spec
SRPM: https://pjp.fedorapeople.org/python-cvss-1.2-3.fc23.src.rpm
Koji: http://koji.fedoraproject.org/koji/taskinfo?taskID=15287422
Update as per #c4 above.
Thank you.
Please see:
SPEC: https://pjp.fedorapeople.org/python-cvss.spec
SRPM: https://pjp.fedorapeople.org/python-cvss-1.2-4.fc23.src.rpm
Koji: http://koji.fedoraproject.org/koji/taskinfo?taskID=15287563
Update as per #6 above.
Thank you.
Please see:
SPEC: https://pjp.fedorapeople.org/python-cvss.spec
SRPM: https://pjp.fedorapeople.org/python-cvss-1.3-1.fc23.src.rpm
Koji: http://koji.fedoraproject.org/koji/taskinfo?taskID=15361634
Update to new release v1.3.
> %global summary CVSS2/3 library with interactive calculator
define it in Summary tag, and it will still work
Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/rpms/python-cvss python-cvss-1.3-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-02cbbe6305 python-cvss-1.3-1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-48bee32b94 python-cvss-1.3-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-1b23100ecb python-cvss-1.3-1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-48bee32b94 python-cvss-1.3-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-02cbbe6305 python-cvss-1.3-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-1b23100ecb python-cvss-1.3-2.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c8d5d75f85 python-cvss-1.3-2.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8a2d144b6e python-cvss-1.3-2.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c8d5d75f85 python-cvss-1.3-2.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8a2d144b6e python-cvss-1.4-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-88e934c10e python-cvss-1.4-1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-5fbedde163 python-cvss-1.4-1.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6e60fde431 python-cvss-1.4-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-7f00da57d6 python-cvss-1.4-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c54f8c59da python-cvss-1.4-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-7f00da57d6 python-cvss-1.4-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-88e934c10e python-cvss-1.4-1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-5fbedde163 python-cvss-1.4-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c54f8c59da python-cvss-1.4-1.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-6e60fde431 Hello,
Is there a reason why some python files are removed for Fedora 22 and less?:
```
rm $RPM_BUILD_ROOT%{python2_sitelib}/cvss/cvss3.py*
rm $RPM_BUILD_ROOT%{python2_sitelib}/cvss/constants3.py*
```
These should be regular python modules for CVSSv3. Maybe it was mistaken for python 3 support (?).
python-cvss-1.4-1.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report. python-cvss-1.4-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report. python-cvss-1.4-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. python-cvss-1.4-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report. python-cvss-1.4-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report. |
Hello, Please see: SPEC: https://pjp.fedorapeople.org/python-cvss.spec SRPM: https://pjp.fedorapeople.org/python-cvss-1.2-1.fc23.src.rpm Koji: http://koji.fedoraproject.org/koji/taskinfo?taskID=13991143 It is a python package that provides utilities to calculate CVSS v2/v3 scores for security vulnerabilities. It caters to both Python v2 and v3. Cvss -> https://www.first.org/cvss Could someone please review it?