Bug 2235083 (python-spdx-tools)
| Summary: | Review Request: python-spdx-tools - Python library to parse, validate and create SPDX documents | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Robert-André Mauchin 🐧 <eclipseo> | ||||
| Component: | Package Review | Assignee: | Miroslav Suchý <msuchy> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | rawhide | CC: | msuchy, package-review | ||||
| Target Milestone: | --- | Flags: | msuchy:
fedora-review+
|
||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| URL: | https://github.com/spdx/tools-python | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2023-11-10 01:11:42 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | 2235086 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
|
Description
Robert-André Mauchin 🐧
2023-08-26 11:26:05 UTC
Spec URL: https://eclipseo.fedorapeople.org/for-review/python-spdx-tools.spec SRPM URL: https://eclipseo.fedorapeople.org/for-review/python-spdx-tools-0.7.1-1.fc39.src.rpm Copr build: https://copr.fedorainfracloud.org/coprs/build/6540229 (failed) Build log: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2235083-python-spdx-tools/fedora-rawhide-x86_64/06540229-python-spdx-tools/builder-live.log.gz Please make sure the package builds successfully at least for Fedora Rawhide. - If the build failed for unrelated reasons (e.g. temporary network unavailability), please ignore it. - If the build failed because of missing BuildRequires, please make sure they are listed in the "Depends On" field --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string. This needs to be addressed: python3-spdx-tools.noarch: E: non-executable-script /usr/lib/python3.12/site-packages/spdx/cli_tools/convertor.py 644 /usr/bin/env python python3-spdx-tools.noarch: E: non-executable-script /usr/lib/python3.12/site-packages/spdx/cli_tools/parser.py 644 /usr/bin/env python python3-spdx-tools.noarch: E: env-script-interpreter /usr/share/doc/python3-spdx-tools/examples/pp_rdf.py /usr/bin/env python python3-spdx-tools.noarch: E: env-script-interpreter /usr/share/doc/python3-spdx-tools/examples/pp_tv.py /usr/bin/env python python3-spdx-tools.noarch: E: env-script-interpreter /usr/share/doc/python3-spdx-tools/examples/tv_to_rdf.py /usr/bin/env python python3-spdx-tools.noarch: E: env-script-interpreter /usr/share/doc/python3-spdx-tools/examples/write_tv.py /usr/bin/env python This would be nice to fix. At least please open the issue with upstream: python3-spdx-tools.noarch: W: no-manual-page-for-binary pyspdxtools_convertor python3-spdx-tools.noarch: W: no-manual-page-for-binary pyspdxtools_parser https://github.com/nexB/scancode-toolkit/pull/3456 is merged, so you can rebase to 0.8.1. You are missing full-stop at the end of %description paragraph. Otherwise LGTM Spec URL: https://eclipseo.fedorapeople.org/for-review/python-spdx-tools.spec SRPM URL: https://eclipseo.fedorapeople.org/for-review/python-spdx-tools-0.7.1-1.fc39.src.rpm > https://github.com/nexB/scancode-toolkit/pull/3456 is merged, so you can rebase to 0.8.1. Need to wait for A RELEASE > This needs to be addressed: > python3-spdx-tools.noarch: E: non-executable-script /usr/lib/python3.12/site-packages/spdx/cli_tools/convertor.py 644 /usr/bin/env python > python3-spdx-tools.noarch: E: non-executable-script /usr/lib/python3.12/site-packages/spdx/cli_tools/parser.py 644 /usr/bin/env python > python3-spdx-tools.noarch: E: env-script-interpreter /usr/share/doc/python3-spdx-tools/examples/pp_rdf.py /usr/bin/env python > python3-spdx-tools.noarch: E: env-script-interpreter /usr/share/doc/python3-spdx-tools/examples/pp_tv.py /usr/bin/env python > python3-spdx-tools.noarch: E: env-script-interpreter /usr/share/doc/python3-spdx-tools/examples/tv_to_rdf.py /usr/bin/env python > python3-spdx-tools.noarch: E: env-script-interpreter /usr/share/doc/python3-spdx-tools/examples/write_tv.py /usr/bin/env python Addressed. > This would be nice to fix. At least please open the issue with upstream: > python3-spdx-tools.noarch: W: no-manual-page-for-binary pyspdxtools_convertor > python3-spdx-tools.noarch: W: no-manual-page-for-binary pyspdxtools_parser I will use help2man for now. Thanks for the review. Created attachment 1996269 [details]
The .spec file difference from Copr build 6540229 to 6582839
Copr build: https://copr.fedorainfracloud.org/coprs/build/6582839 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2235083-python-spdx-tools/fedora-rawhide-x86_64/06582839-python-spdx-tools/fedora-review/review.txt Please take a look if any issues were found. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string. Package Review
==============
Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed
===== MUST items =====
Generic:
[x]: Package is licensed with an open-source compatible license and meets
other legal requirements as defined in the legal section of Packaging
Guidelines.
[x]: License field in the package spec file matches the actual license.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Package is not known to require an ExcludeArch tag.
[x]: Large documentation must go in a -doc subpackage. Large could be size
(~1MB) or number of files.
Note: Documentation size is 20003 bytes in 8 files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
Note: No rpmlint messages.
[x]: The License field must be a valid SPDX expression.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package must not depend on deprecated() packages.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
%{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local
Python:
[x]: Binary eggs must be removed in %prep
Note: Cannot find any build in BUILD directory (--prebuilt option?)
[-]: Python eggs must not download any dependencies during the build
process.
[-]: A package which is used by another package via an egg interface should
provide egg info.
[x]: Package meets the Packaging Guidelines::Python
[x]: Package contains BR: python2-devel or python3-devel
[x]: Packages MUST NOT have dependencies (either build-time or runtime) on
packages named with the unversioned python- prefix unless no properly
versioned package exists. Dependencies on Python packages instead MUST
use names beginning with python2- or python3- as appropriate.
[x]: Python packages must not contain %{pythonX_site(lib|arch)}/* in %files
===== SHOULD items =====
Generic:
[x]: If the source package does not include license text(s) as a separate
file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[?]: Package functions as described.
[!]: Latest version is packaged.
Note: It is not latest version, but it was justified in comments.
[x]: Package does not include license text files separate from upstream.
[-]: Sources are verified with gpgverify first in %prep if upstream
publishes signatures.
Note: gpgverify is not used.
[x]: Package should compile and build into binary rpms on all supported
architectures.
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
files.
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
$RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.
APPROVED
The Pagure repository was created at https://src.fedoraproject.org/rpms/python-spdx-tools Thanks for the review! FEDORA-2023-6c815e0b1d has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-6c815e0b1d FEDORA-2023-6584b1c787 has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2023-6584b1c787 FEDORA-2023-c6b91bd7b7 has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2023-c6b91bd7b7 FEDORA-2023-6584b1c787 has been pushed to the Fedora 38 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-6584b1c787 \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-6584b1c787 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2023-6c815e0b1d has been pushed to the Fedora 39 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-6c815e0b1d \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-6c815e0b1d See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2023-c6b91bd7b7 has been pushed to the Fedora 37 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-c6b91bd7b7 \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-c6b91bd7b7 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2023-c6b91bd7b7 has been pushed to the Fedora 37 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2023-6c815e0b1d has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2023-6584b1c787 has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report. |