Bug 1467651
Summary: | Review Request: cvechecker - Tool for compare packages installed in your system with CVE database | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Zamir SUN <sztsian> |
Component: | Package Review | Assignee: | Zbigniew Jędrzejewski-Szmek <zbyszek> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | i, package-review, rebus, zbyszek |
Target Milestone: | --- | Flags: | zbyszek:
fedora-review+
|
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-08-14 21:50:37 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 563471 |
Description
Zamir SUN
2017-07-04 12:49:29 UTC
*** Bug 1062808 has been marked as a duplicate of this bug. *** > %global debug_package %{nil} Are you sure that's needed? If yes, it deserves a comment in the spec file. > make Is parallel build not supported? If it is, use %make_build, otherwise, add a comment. > %{__install} You can just say 'install' — that's both less typing *and* clearer. > %defattr(-,root,root) Not needed. Checking: cvechecker-3.7-1.fc27.x86_64.rpm cvechecker-3.7-1.fc27.src.rpm cvechecker.x86_64: W: unstripped-binary-or-object /usr/bin/cvechecker Hm. That's the first time I encounter this. Maybe this will go away if you create a debug package? cvechecker.x86_64: W: only-non-binary-in-usr-lib cvechecker.x86_64: W: hidden-file-or-dir /usr/lib/.build-id cvechecker.x86_64: W: hidden-file-or-dir /usr/lib/.build-id OK. cvechecker.src:13: W: macro-in-comment %{url} cvechecker.src:13: W: macro-in-comment %{_commit} cvechecker.src:13: W: macro-in-comment %{_commit} Please use %%. cvechecker.src:14: W: mixed-use-of-spaces-and-tabs (spaces: line 6, tab: line 14) Please fix. 2 packages and 0 specfiles checked; 0 errors, 8 warnings. Looks all good. (It seems that cvechecker likes to run as root. It'd be much better to create a dedicated user for it, since downloading stuff as root from the web is also a concern, but that's an upstream issue.) Thanks for the quick response. SPEC updated in place: https://zsun.fedorapeople.org/pub/pkgs/cvechecker/cvechecker.spec New SRPM: https://zsun.fedorapeople.org/pub/pkgs/cvechecker/cvechecker-3.7-2.fc25.src.rpm (In reply to Zbigniew Jędrzejewski-Szmek from comment #2) > (It seems that cvechecker likes to run as root. It'd be much better to > create a dedicated user for it, since downloading stuff as root from the web > is also a concern, but that's an upstream issue.) I am not familiar with packaging with dedicated user, so currently I'm not adding this way. Will work on this later once I figured out how to do it. + package name is OK + license is acceptable for Fedora (GPLv3) + license is specified correctly + builds and installs OK + fedora-review finds no issues + %check is present and passes + no scriptlets necessary + rpmlint has only false positives > Group: Applications/System Not needed [https://fedoraproject.org/wiki/Packaging:Guidelines#Tags_and_Sections]. > %attr(0644,root,root) You probably don't need those either, unless the build system sets some strange permissions on those files. Package is APPROVED. Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/rpms/cvechecker (In reply to Zbigniew Jędrzejewski-Szmek from comment #5) > > Group: Applications/System > Not needed > [https://fedoraproject.org/wiki/Packaging:Guidelines#Tags_and_Sections]. Thanks. Will remove this section in -3. cvechecker-3.8-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-146693c8dc cvechecker-3.8-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-146693c8dc cvechecker-3.8-1.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b44ef74c4 cvechecker-3.8-1.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report. |