Bug 1748059
Summary: | Review Request: python-license-expression - Library to parse, compare, simplify and normalize license expressions | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Carmen Bianca Bakker <carmen> |
Component: | Package Review | Assignee: | Elliott Sales de Andrade <quantum.analyst> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | package-review, quantum.analyst, zebob.m |
Target Milestone: | --- | Flags: | quantum.analyst:
fedora-review+
|
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-09-16 01:10:18 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 2235055 |
Description
Carmen Bianca Bakker
2019-09-02 15:21:08 UTC
- You should delete PKG-INFO and src/license_expression.egg-info in %prep. - Passing %{pypi_name} to %pypi_source is unnecessary. - `irc-notify.py` is GPLv2+, but not installed. Please add a note above the License so others aren't confused by it. - `Requires: %{py3_dist boolean.py}` is unnecessary and redundant with automatic Provides/Requires. Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed Issues: ======= ===== MUST items ===== Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated", "Apache License (v2.0)", "*No copyright* Apache License", "*No copyright* Apache License (v2.0)", "GPL (v2 or later)", "*No copyright* GPL (v2 or later)". 16 files have unknown license. Detailed output of licensecheck in 1748059-python-license-expression/licensecheck.txt [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [x]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [?]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [!]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Package is not known to require an ExcludeArch tag. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 10240 bytes in 1 files. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local Python: [x]: Python eggs must not download any dependencies during the build process. [x]: A package which is used by another package via an egg interface should provide egg info. [x]: Package meets the Packaging Guidelines::Python [x]: Package contains BR: python2-devel or python3-devel [x]: Packages MUST NOT have dependencies (either build-time or runtime) on packages named with the unversioned python- prefix unless no properly versioned package exists. Dependencies on Python packages instead MUST use names beginning with python2- or python3- as appropriate. [x]: Python packages must not contain %{pythonX_site(lib|arch)}/* in %files [x]: Binary eggs must be removed in %prep ===== SHOULD items ===== Generic: [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [!]: Final provides and requires are sane (see attachments). [?]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [-]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [?]: Package should compile and build into binary rpms on all supported architectures. [x]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: python3-license-expression-0.999-1.fc32.noarch.rpm python-license-expression-0.999-1.fc32.src.rpm python-license-expression.src: W: strange-permission license-expression-0.999.tar.gz 600 python-license-expression.src: W: strange-permission python-license-expression.spec 600 2 packages and 0 specfiles checked; 0 errors, 2 warnings. Rpmlint (installed packages) ---------------------------- 1 packages and 0 specfiles checked; 0 errors, 0 warnings. Source checksums ---------------- https://files.pythonhosted.org/packages/source/l/license-expression/license-expression-0.999.tar.gz : CHECKSUM(SHA256) this package : ce730e6f159f713106b361ce66f852ba6de77ca2f76984fc575de7d51758f722 CHECKSUM(SHA256) upstream package : ce730e6f159f713106b361ce66f852ba6de77ca2f76984fc575de7d51758f722 Requires -------- python3-license-expression (rpmlib, GLIBC filtered): python(abi) python3.8dist(boolean.py) python3dist(boolean.py) Provides -------- python3-license-expression: python-license-expression python3-license-expression python3.8dist(license-expression) python3dist(license-expression) Generated by fedora-review 0.7.2 (65d36bb) last change: 2019-04-09 Command line :/usr/bin/fedora-review -b 1748059 -m fedora-rawhide-x86_64 Buildroot used: fedora-rawhide-x86_64 Active plugins: Generic, Shell-api, Python Disabled plugins: C/C++, R, Ocaml, fonts, Perl, PHP, Haskell, SugarActivity, Java Disabled flags: EPEL6, EPEL7, DISTTAG, BATCH, EXARCH > - You should delete PKG-INFO and src/license_expression.egg-info in %prep. These files don't exist in the source tarball, and they aren't included in the final RPM either. I'm not sure about this step. > - Passing %{pypi_name} to %pypi_source is unnecessary. > - `irc-notify.py` is GPLv2+, but not installed. Please add a note above the > License so others aren't confused by it. > - `Requires: %{py3_dist boolean.py}` is unnecessary and redundant with > automatic > Provides/Requires. Done x3. Spec and SRPM updated. Thanks :-) (In reply to Carmen Bianca Bakker from comment #2) > > - You should delete PKG-INFO and src/license_expression.egg-info in %prep. > > These files don't exist in the source tarball, and they aren't included > in the final RPM either. I'm not sure about this step. > They definitely do: $ tar tf license-expression-0.999.tar.gz | grep -i info license-expression-0.999/src/license_expression.egg-info/ license-expression-0.999/src/license_expression.egg-info/SOURCES.txt license-expression-0.999/PKG-INFO but it's true that PKG-INFO doesn't end up in the RPM (I think; there's a file with the same name somewhere else though). Ah, I was looking at the wrong directory. The file is indeed there, sorry. I don't believe other Fedora Python packages remove these files, though? I mean, it'd be trivial to do this, but if it should be done, I'd expect to see a note in the Python packaging guidelines given how common these files would be. I checked an arbitrary package like python-flask to be sure, and Flask's tarball also has these files, but the specfile doesn't remove them. > # Remove bundled egg-info
> rm -rf %{pypi_name}.egg-info
comes from pyp2rpm when you generate a spec. Usually PKG-INFO is in there so it gets deleted as well. I'm not sure why pyp2rpm adds this, when it's not in the guidelines, but I guess it does help avoid installing it (without proper rebuild) accidentally.
Updated the spec and SRPM to include the removal of the egg-info and PKG-INFO. Thanks. Approved. (fedscm-admin): The Pagure repository was created at https://src.fedoraproject.org/rpms/python-license-expression FEDORA-2019-7fcbc111ef has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-7fcbc111ef FEDORA-2019-0c78f33af2 has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2019-0c78f33af2 FEDORA-2019-0c78f33af2 has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2019-0c78f33af2 python-boolean.py-3.6-1.fc31, python-license-expression-0.999-1.fc31, reuse-0.5.0-1.fc31 has been pushed to the Fedora 31 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-0c78f33af2 python-license-expression-0.999-1.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-7fcbc111ef python-license-expression-0.999-1.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report. python-boolean.py-3.6-1.fc31, python-license-expression-0.999-1.fc31, reuse-0.5.0-1.fc31 has been pushed to the Fedora 31 stable repository. If problems still persist, please make note of it in this bug report. *** Bug 2235069 has been marked as a duplicate of this bug. *** |