Bug 2196274
| Summary: | Review Request: actor-framework - An Open Source Implementation of the Actor Model in C++ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Felix Wang <topazus> | ||||||
| Component: | Package Review | Assignee: | Zbigniew Jędrzejewski-Szmek <zbyszek> | ||||||
| Status: | ASSIGNED --- | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | rawhide | CC: | package-review, zbyszek | ||||||
| Target Milestone: | --- | Flags: | zbyszek:
fedora-review?
|
||||||
| Target Release: | --- | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Linux | ||||||||
| URL: | https://github.com/actor-framework/actor-framework | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | Type: | --- | |||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
|
Description
Felix Wang
2023-05-08 14:36:59 UTC
Copr build: https://copr.fedorainfracloud.org/coprs/build/5897247 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2196274-actor-framework/fedora-rawhide-x86_64/05897247-actor-framework/fedora-review/review.txt Please take a look if any issues were found. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string. SPEC URL: https://topazus.fedorapeople.org/rpms/actor-framework.spec SRPM URL: https://topazus.fedorapeople.org/rpms/actor-framework-0.19.1-1.fc39.src.rpm fix owner of directory Created attachment 1963640 [details]
The .spec file difference from Copr build 5897247 to 5905027
Copr build: https://copr.fedorainfracloud.org/coprs/build/5905027 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2196274-actor-framework/fedora-rawhide-x86_64/05905027-actor-framework/fedora-review/review.txt Please take a look if any issues were found. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string. This isn't really relevant for the review, but a hint to save work: > # https://github.com/actor-framework/actor-framework/commit/db5fd0b2f56e4df14fe9a407f0461d1c34c42fbd > Patch0: actor-framework-fix-tools.patch I'd write this as Patch: https://github.com/actor-framework/actor-framework/commit/db5fd0b2f56e4df14fe9a407f0461d1c34c42fbd.patch This has the advantage that 'spectool -g *.spec' will just download the file without further ado. > License: BSD-3-Clause OR BSL-1.0 I think this needs to be "AND" instead. The sources are under the first license, but they are also combined with some other (header) files to form the compiled product. The result must then satisfy both licenses, i.e. is under the first and the second license. > actor-framework-tools.x86_64: W: no-manual-page-for-binary caf-run > actor-framework-tools.x86_64: W: no-manual-page-for-binary caf-vec > actor-framework-devel.x86_64: W: no-documentation > actor-framework-tools.x86_64: W: no-documentation Meh. > actor-framework.x86_64: W: crypto-policy-non-compliance-openssl /usr/lib64/libcaf_openssl.so.0.19.1 SSL_CTX_set_cipher_list This one is fairly problematic. The code does: SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!MD5") https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/#_cc_applications says: > check the source code for SSL_CTX_set_cipher_list(). If it is not present then nothing needs to be done (the default is used). Otherwise, if that call is present and provided a fixed string which does not contain PSK or SRP, replace the string with "PROFILE=SYSTEM", or remove the call. > 6 packages and 0 specfiles checked; 0 errors, 5 warnings, 0 badness; has taken 1.3 s Quoting Frostyx's review service: Requires (with glibc and linker stuff removed) -------- actor-framework (rpmlib, GLIBC filtered): libcaf_core.so.0.19.1()(64bit) libcaf_io.so.0.19.1()(64bit) libcrypto.so.3()(64bit) libcrypto.so.3(OPENSSL_3.0.0)(64bit) libssl.so.3()(64bit) libssl.so.3(OPENSSL_3.0.0)(64bit) actor-framework-devel (rpmlib, GLIBC filtered): actor-framework(x86-64) cmake-filesystem(x86-64) libcaf_core.so.0.19.1()(64bit) libcaf_io.so.0.19.1()(64bit) libcaf_net.so.0.19.1()(64bit) libcaf_openssl.so.0.19.1()(64bit) actor-framework-tools (rpmlib, GLIBC filtered): actor-framework(x86-64) libcaf_core.so.0.19.1()(64bit) libcaf_io.so.0.19.1()(64bit) actor-framework-debuginfo (rpmlib, GLIBC filtered): actor-framework-debugsource (rpmlib, GLIBC filtered): Provides -------- actor-framework: actor-framework actor-framework(x86-64) libcaf_core.so.0.19.1()(64bit) libcaf_io.so.0.19.1()(64bit) libcaf_net.so.0.19.1()(64bit) libcaf_openssl.so.0.19.1()(64bit) actor-framework-devel: actor-framework-devel actor-framework-devel(x86-64) cmake(CAF) cmake(caf) actor-framework-tools: actor-framework-tools actor-framework-tools(x86-64) Looks all good. (Or even better than "good". The spec file is very clean.) + package name is OK + license is acceptable for Fedora (BSD-3-Clause) - license is specified correctly (see above) + builds and installs OK + BR/P/R look correct + no scriptlets needed or present - rpmlint finds one issue (see above) The PR of https://github.com/actor-framework/actor-framework/pull/1411 was merged by the upstream maintainer trying to solve the warning of crypto-policy-non-compliance-openssl, and the new release 0.19.2 was published. But rpmlint tool also reported the warning with the building of the new release. ref: https://copr.fedorainfracloud.org/coprs/topazus/test-review/build/6072938/ https://download.copr.fedorainfracloud.org/results/topazus/test-review/fedora-rawhide-x86_64/06072938-actor-framework/fedora-review/review.txt update to new release: SPEC URL: https://topazus.fedorapeople.org/rpms/actor-framework.spec SRPM URL: https://topazus.fedorapeople.org/rpms/actor-framework-0.19.2-1.fc39.src.rpm Created attachment 1970700 [details]
The .spec file difference from Copr build 5905027 to 6073691
Copr build: https://copr.fedorainfracloud.org/coprs/build/6073691 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2196274-actor-framework/fedora-rawhide-x86_64/06073691-actor-framework/fedora-review/review.txt Please take a look if any issues were found. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string. Hello, I wonder is there any comments on the rpmlint warning of crypto-policy-non-compliance-openssl even for the latest release? |