Bug 1790091 (androwarn)

Summary: Review Request: androwarn - Static code analyzer for malicious Android applications
Product: [Fedora] Fedora Reporter: Fabian Affolter <mail>
Component: Package ReviewAssignee: Robert-André Mauchin 🐧 <eclipseo>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: eclipseo, package-review
Target Milestone: ---Flags: eclipseo: fedora-review+
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-07-14 07:08:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1786653, 1786656    
Bug Blocks:    

Description Fabian Affolter 2020-01-11 18:07:50 UTC 
Spec URL: https://fab.fedorapeople.org/packages/SRPMS/androwarn.spec
SRPM URL: https://fab.fedorapeople.org/packages/SRPMS/androwarn-1.6.1-1.fc31.src.rpm

Project URL: https://github.com/maaaaz/androwarn

Description:
Androwarn is a tool whose main aim is to detect and warn the user about
potential malicious behaviors developed by an Android application.

The detection is performed with the static analysis of the application's
Dalvik bytecode, represented as Smali, with the androguard library.

This analysis leads to the generation of a report, according to a technical
detail level chosen from the user.

Koji scratch build:
missing deps

rpmlint output:
$ rpmlint androwarn-1.6.1-1.fc31.src.rpm 
androwarn.src: W: spelling-error %description -l en_US bytecode -> byte code, byte-code, decorate
androwarn.src: W: spelling-error %description -l en_US androguard -> guardroom, guardian
1 packages and 0 specfiles checked; 0 errors, 2 warnings.

$ rpmlint androwarn-1.6.1-1.fc31.noarch.rpm 
androwarn.noarch: W: spelling-error %description -l en_US bytecode -> byte code, byte-code, decorate
androwarn.noarch: W: spelling-error %description -l en_US androguard -> guardroom, guardian
androwarn.noarch: W: no-manual-page-for-binary androwarn
1 packages and 0 specfiles checked; 0 errors, 3 warnings.

Fedora Account System Username: fab
Comment 1 Robert-André Mauchin 🐧 2020-01-21 17:53:44 UTC 
 - Missing BR to python3-devel

BuildRequires:  python3-devel

 - Package can't install:

DEBUG util.py:582:  Error: 
DEBUG util.py:582:   Problem: conflicting requests
DEBUG util.py:582:    - nothing provides python3.8dist(argparse) needed by androwarn-1.6.1-1.fc32.noarch


I believe argparse ir part of standard Python3, it shouldn't be in requirements.txt
Comment 2 Fabian Affolter 2020-01-21 20:25:33 UTC 
Yes, argparse is part of Python itself. Thanks for pointing that out.

* Tue Jan 21 2020 Fabian Affolter <mail> - 1.6.1-2
- Disable dep generator
- Add missing BR (rhbz#1790091)

Updated files:
Spec URL: https://fab.fedorapeople.org/packages/SRPMS/androwarn.spec
SRPM URL: https://fab.fedorapeople.org/packages/SRPMS/androwarn-1.6.1-2.fc31.src.rpm
Comment 3 Fabian Affolter 2020-01-21 20:26:47 UTC 
Yes, argparse is part of Python itself. Thanks for pointing that out.

* Tue Jan 21 2020 Fabian Affolter <mail> - 1.6.1-2
- Disable dep generator
- Add missing BR (rhbz#1790091)

Updated files:
Spec URL: https://fab.fedorapeople.org/packages/SRPMS/androwarn.spec
SRPM URL: https://fab.fedorapeople.org/packages/SRPMS/androwarn-1.6.1-2.fc31.src.rpm
Comment 4 Robert-André Mauchin 🐧 2020-01-21 20:53:30 UTC 
 - Haven't you forgotten python3dist(X)?

Requires:       python3dist(future)
Requires:       python3dist(jinja2)
Requires:       python3dist(play_scraper)
Comment 5 Fabian Affolter 2020-04-06 14:57:35 UTC 
Yes, I have. Using the dep generator again to avoid missing requirements.

(In reply to Robert-André Mauchin from comment #4)
>  - Haven't you forgotten python3dist(X)?
> 
> Requires:       python3dist(future)
> Requires:       python3dist(jinja2)
> Requires:       python3dist(play_scraper)

%changelog
* Fri Mar 27 2020 Fabian Affolter <mail> - 1.6.1-3
- Enable dep generator and fix requirements handling

Updated files:
Spec URL: https://fab.fedorapeople.org/packages/SRPMS/androwarn.spec
SRPM URL: https://fab.fedorapeople.org/packages/SRPMS/androwarn-1.6.1-3.fc31.src.rpm
Comment 6 Robert-André Mauchin 🐧 2020-04-13 18:33:26 UTC 
Package approved.
Comment 7 Fabian Affolter 2020-04-13 20:03:20 UTC 
Thanks for the review.
Comment 8 Gwyn Ciesla 2020-04-13 20:15:45 UTC 
(fedscm-admin):  The Pagure repository was created at https://src.fedoraproject.org/rpms/androwarn