Bug 2305346
| Summary: | Review Request: mysql8.4 - MySQL client programs and shared libraries | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Michal Schorm <mschorm> | ||||||||
| Component: | Package Review | Assignee: | Lukas Javorsky <ljavorsk> | ||||||||
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||
| Severity: | medium | Docs Contact: | |||||||||
| Priority: | medium | ||||||||||
| Version: | rawhide | CC: | ljavorsk, package-review, yselkowi | ||||||||
| Target Milestone: | --- | Flags: | ljavorsk:
fedora-review+
|
||||||||
| Target Release: | --- | ||||||||||
| Hardware: | All | ||||||||||
| OS: | Linux | ||||||||||
| URL: | http://www.mysql.com | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2025-04-28 14:31:08 UTC | Type: | --- | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Attachments: |
|
||||||||||
|
Description
Michal Schorm
2024-08-16 15:59:59 UTC
Drive-by comment: The package summary is "MySQL client programs and shared libraries" - this should also be used as the <summary> part of the bug title in the review request template. (In reply to Fabio Valentini from comment #1) > Drive-by comment: The package summary is "MySQL client programs and shared libraries" - this should also be used as the <summary> part of the bug title in the review request template. Ah, thank you ! ============================ rpmlint session starts ============================
rpmlint: 2.5.0
configuration:
/usr/lib/python3.13/site-packages/rpmlint/configdefaults.toml
/etc/xdg/rpmlint/fedora-spdx-licenses.toml
/etc/xdg/rpmlint/fedora.toml
/etc/xdg/rpmlint/scoring.toml
/etc/xdg/rpmlint/users-groups.toml
/etc/xdg/rpmlint/warn-on-functions.toml
rpmlintrc: mysql.rpmlintrc
checks: 32, packages: 1
mysql8.4.spec:252: W: unversioned-explicit-provides bundled(rapidjson)
mysql8.4.spec:256: W: unversioned-explicit-provides bundled(unordered_dense)
mysql8.4.spec:266: W: unversioned-explicit-provides %{majorname}%{?1:-%{1}}-any\
The specfile contains an unversioned Provides: token, which will match all
older, equal, and newer versions of the provided thing. This may cause update
problems and will make versioned dependencies, obsoletions and conflicts on
the provided thing useless -- make the Provides versioned if possible.
mysql8.4.spec: E: unused-rpmlintrc-filter "spelling-error .* en_US (cnf|mysqld|subpackage) "
mysql8.4.spec: E: unused-rpmlintrc-filter "dangling-relative-symlink /usr/lib/.build-id"
mysql8.4.spec: E: unused-rpmlintrc-filter "(zero-length|pem-certificate|hidden-file-or-dir) /usr/share/mysql-test/*"
mysql8.4.spec: E: unused-rpmlintrc-filter "missing-call-to-chdir-with-chroot"
mysql8.4.spec: E: unused-rpmlintrc-filter "no-documentation"
mysql8.4.spec: E: unused-rpmlintrc-filter "no-manual-page-for-binary"
mysql8.4.spec: E: unused-rpmlintrc-filter "W: obsolete-not-provided mysql-cluster"
mysql8.4.spec: E: unused-rpmlintrc-filter "W: obsolete-not-provided mysql-bench"
mysql8.4.spec: E: unused-rpmlintrc-filter "W: obsolete-not-provided community-mysql-bench"
mysql8.4.spec: E: unused-rpmlintrc-filter "conffile-without-noreplace-flag /var/log/mariadb/mariadb.log"
mysql8.4.spec: E: unused-rpmlintrc-filter "non-standard-dir-perm /var/log/mysql 750"
mysql8.4.spec:733: W: macro-in-comment %{buildroot}
mysql8.4.spec:733: W: macro-in-comment %{_sysconfdir}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.
0 packages and 1 specfiles checked; 11 errors, 5 warnings, 2 filtered, 11 badness; has taken 0.1 s
============================ rpmlint session ends ============================
1. Sould mysql.rpmlintrc be removed (unused-rpmlintrc-filter) ?
2. Fix 733 "macro-in-comment":
diff --git a/mysql8.4.spec b/mysql8.4.spec
index cd30d14..7510a03 100644
--- a/mysql8.4.spec
+++ b/mysql8.4.spec
@@ -730,7 +730,7 @@ mysqlcheck,mysqldump,mysqlimport,mysqlshow,mysqlslap,my_print_defaults}.1*
%if %{with config}
mkdir -p %{buildroot}%{_sysconfdir}/my.cnf.d
%else
-#rm %{buildroot}%{_sysconfdir}/my.cnf
+#rm %%{buildroot}%%{_sysconfdir}/my.cnf
%endif
%if ! %{with common}
1) That's weird, since when I run the RPMlint by hand, it reports issues that should be otherwise filtered out, e.g.: mysql8.4-server.x86_64: W: no-manual-page-for-binary mysql_migrate_keyring mysql8.4-server.x86_64: W: no-manual-page-for-binary mysqld_pre_systemd May it be because it's called 'mysql.rpmlintrc' instead of 'mysql8.4.rpmlintrc' ? 2) Right, will fix. 3) I made a re-base to the latest upstream version (8.4.2 -> 8.4.3), so I hope it will finish by tomorrow. (The build itself takes 1-2 hours, but 'fedora-review' runs forever on such a huge package) Created attachment 2057941 [details]
fedpkg lint
(In reply to Michal Schorm from comment #4) > 1) That's weird, since when I run the RPMlint by hand, it reports issues > that should be otherwise filtered out, e.g.: > mysql8.4-server.x86_64: W: no-manual-page-for-binary mysql_migrate_keyring > mysql8.4-server.x86_64: W: no-manual-page-for-binary mysqld_pre_systemd > > May it be because it's called 'mysql.rpmlintrc' instead of > 'mysql8.4.rpmlintrc' ? Maybe it is for "fedpkg lint". BTW, "fedpkg lint" shows a lot of warnings(595), most of them are files-duplicate(545) and these errors(20): mysql8.4-test-data.noarch: E: zero-length /usr/share/mysql-test/collections/disabled-valgrind.list mysql8.4-test-data.noarch: E: zero-length /usr/share/mysql-test/r/xml_report_invalid_chars.result mysql8.4-test-data.noarch: E: zero-length /usr/share/mysql-test/std_data/bug37631.MYD mysql8.4-test-data.noarch: E: zero-length /usr/share/mysql-test/suite/innodb/t/table_encrypt_2-master.opt mysql8.4-test-data.noarch: E: zero-length /usr/share/mysql-test/suite/ndb_opt/rbwr.result mysql8.4-test-data.noarch: E: zero-length /usr/share/mysql-test/suite/sys_vars/r/log_error_services_basic.result mysql8.4.src: E: spelling-error ('mysqld', '%description -l en_US mysqld -> MySQL') mysql8.4.x86_64: E: spelling-error ('mysqld', '%description -l en_US mysqld -> MySQL') mysql8.4-server.x86_64: E: non-standard-dir-perm /var/lib/mysql-files 750 mysql8.4-server.x86_64: E: non-standard-dir-perm /var/log/mysql 750 mysql8.4-server.x86_64: E: non-executable-script /usr/libexec/mysql-scripts-common 644 /bin/sh mysql8.4-test-data.noarch: E: non-executable-script /usr/share/mysql-test/lib/t/copytree.t 644 /usr/bin/perl mysql8.4-test-data.noarch: E: non-executable-script /usr/share/mysql-test/lib/t/dummyd.pl 644 /usr/bin/perl mysql8.4-test-data.noarch: E: non-executable-script /usr/share/mysql-test/lib/t/rmtree.t 644 /usr/bin/perl mysql8.4-test-data.noarch: E: non-executable-script /usr/share/mysql-test/suite/ndbcrunch/cruncher.lua 644 /usr/bin/env sysbench mysql8.4-test-data.noarch: E: non-executable-script /usr/share/mysql-test/suite/ndbcrunch/sb_run.pl 644 /usr/bin/perl mysql8.4-server.x86_64: E: missing-dependency-to-logrotate for logrotate script /etc/logrotate.d/mysqld mysql8.4-server.x86_64: E: incoherent-logrotate-file /etc/logrotate.d/mysqld mysql8.4-test-data.noarch: E: files-duplicated-waste 6217959 mysql8.4-test.x86_64: E: file-parent-ownership-mismatch Path "/usr/share/mysql-test/platform-specific-tests.list" owned by "root" is stored in directory owned by "mysql" (In reply to Xose Vazquez Perez from comment #6) > BTW, "fedpkg lint" shows a lot of warnings(595), most of them are > files-duplicate(545) and these errors(20): These are the relevant errors: mysql8.4-server.x86_64: E: non-standard-dir-perm /var/lib/mysql-files 750 mysql8.4-server.x86_64: E: non-executable-script /usr/libexec/mysql-scripts-common 644 /bin/sh mysql8.4-server.x86_64: E: missing-dependency-to-logrotate for logrotate script /etc/logrotate.d/mysqld mysql8.4-server.x86_64: E: incoherent-logrotate-file /etc/logrotate.d/mysqld > "fedpkg lint" shows a lot of warnings(595), most of them are files-duplicate(545) The 'files-duplicate' likely comes from the test-suite, which contains a lot of empty files of specific names, e.g. as a pre-recorded test results, which are then compared to the actual test results. I'd strongly advise to ignore nearly any linter findings in the '/usr/share/mysql-test' path, as most of the issues found are expected behavior specifically crafted for the test-suite. Though this one can be fixed: mysql8.4-test.x86_64: E: file-parent-ownership-mismatch Path "/usr/share/mysql-test/platform-specific-tests.list" owned by "root" is stored in directory owned by "mysql" as that's a downstream file. > mysql8.4-server.x86_64: E: non-executable-script /usr/libexec/mysql-scripts-common 644 /bin/sh Is that a problem? This is a helper script. A code that is never meant to be executed directly. It is sourced by various other scripts in /usr/bin. That also is the reason why the 'mysql-scripts-common' is in the /usr/libexec instead of /usr/bin as per FSH. Since it is only sourced, I don't see a reason for having it executable. > mysql8.4-server.x86_64: E: non-standard-dir-perm /var/lib/mysql-files 750 > mysql8.4-server.x86_64: E: non-standard-dir-perm /var/log/mysql 750 This permission is valid in certain use cases - certain category of software working with MySQL DB is added to the group 'mysql' to get read-only access to some files it can then monitor and examine, such as the DB server logs. But such external software should not get write privileges. At the same time, some data is confidential, so it shouldn't be shared outside the mysql user & group - e.g. the DB logs again are a great example. Same with the '/var/lib/mysql-files' which is used as a specific location for file import / export operations to / from the DB. > mysql8.4-server.x86_64: E: missing-dependency-to-logrotate for logrotate script /etc/logrotate.d/mysqld > mysql8.4-server.x86_64: E: incoherent-logrotate-file /etc/logrotate.d/mysqld The logrotate requires extra manual steps to be set up properly. The logrotate file has an example configuration, but is all commented out. That is expected as it needs manual steps to be enabled. I will add Suggests: logrotate to the SPECfile, so it advertises such feature, but does not pull it in unnecessarily. -- The 8.4.3 build succeeded yesterday, so the latests upstream release is prepared now. https://copr.fedorainfracloud.org/coprs/mschorm/mysql8.4/build/8268175/ -- I've added some fixes for the issues you raised and submitted another build. Fixes can be reviewed here: https://gitlab.com/mschorm/centos_rpms_mysql8.4/-/commit/5a0b1778502b973e4ff23df5338677c3b12a7730 -- If you are willing to take the role of reviewer, please assign this ticket to yourself and move it to ASSIGNED state, so it is clear both to me and others that this ticket is under active review and does not look for a reviewer anymore. I've made a mistake in the fix mentioned above. Corrected commit is here: https://gitlab.com/mschorm/centos_rpms_mysql8.4/-/commit/5a0b1778502b973e4ff23df5338677c3b12a7730 New build is here: https://copr.fedorainfracloud.org/coprs/mschorm/mysql8.4/build/8271071/ Ready for next review iteration (In reply to Michal Schorm from comment #8) > > "fedpkg lint" shows a lot of warnings(595), most of them are files-duplicate(545) > > The 'files-duplicate' likely comes from the test-suite, which contains a lot > of empty files of specific names, e.g. as a pre-recorded test results, which > are then compared to the actual test results. > I'd strongly advise to ignore nearly any linter findings in the > '/usr/share/mysql-test' path, as most of the issues found are expected > behavior specifically crafted for the test-suite. > > Though this one can be fixed: > mysql8.4-test.x86_64: E: file-parent-ownership-mismatch Path > "/usr/share/mysql-test/platform-specific-tests.list" owned by "root" is > stored in directory owned by "mysql" > as that's a downstream file. > > > mysql8.4-server.x86_64: E: non-executable-script /usr/libexec/mysql-scripts-common 644 /bin/sh > > Is that a problem? > This is a helper script. A code that is never meant to be executed directly. > It is sourced by various other scripts in /usr/bin. > That also is the reason why the 'mysql-scripts-common' is in the > /usr/libexec instead of /usr/bin as per FSH. > Since it is only sourced, I don't see a reason for having it executable. > > > mysql8.4-server.x86_64: E: non-standard-dir-perm /var/lib/mysql-files 750 > > mysql8.4-server.x86_64: E: non-standard-dir-perm /var/log/mysql 750 > > This permission is valid in certain use cases - certain category of software > working with MySQL DB is added to the group 'mysql' to get read-only access > to some files it can then monitor and examine, such as the DB server logs. > But such external software should not get write privileges. At the same > time, some data is confidential, so it shouldn't be shared outside the mysql > user & group - e.g. the DB logs again are a great example. > Same with the '/var/lib/mysql-files' which is used as a specific location > for file import / export operations to / from the DB. > > > mysql8.4-server.x86_64: E: missing-dependency-to-logrotate for logrotate script /etc/logrotate.d/mysqld > > mysql8.4-server.x86_64: E: incoherent-logrotate-file /etc/logrotate.d/mysqld > > The logrotate requires extra manual steps to be set up properly. > The logrotate file has an example configuration, but is all commented out. > That is expected as it needs manual steps to be enabled. > > I will add > Suggests: logrotate > to the SPECfile, so it advertises such feature, but does not pull it in > unnecessarily. > > -- > > The 8.4.3 build succeeded yesterday, so the latests upstream release is > prepared now. > https://copr.fedorainfracloud.org/coprs/mschorm/mysql8.4/build/8268175/ > > -- > > I've added some fixes for the issues you raised and submitted another build. > Fixes can be reviewed here: > > https://gitlab.com/mschorm/centos_rpms_mysql8.4/-/commit/ > 5a0b1778502b973e4ff23df5338677c3b12a7730 Fine. Any rpmlint ERROR should be whitelisted in the mysql8.4.rpmlintrc file. > -- > If you are willing to take the role of reviewer, please assign this ticket > to yourself and move it to ASSIGNED state, so it is clear both to me and > others that this ticket is under active review and does not look for a > reviewer anymore. I can give you a hint to fix some errors, and speed up the process. But I am not in the "packager group", I am sorry, Come on guys! This a review for a critical package that is three months old!. BTW: If you want "steal" some ideas from the upstream vendor: https://repo.mysql.com/yum/mysql-8.4-community/el/9/SRPMS/mysql-community-8.4.3-1.el9.src.rpm https://repo.mysql.com/yum/mysql-8.4-community/fc/41/SRPMS/mysql-community-8.4.3-10.fc41.src.rpm I will take this as a reviewer. Xose, if you have some suggestions, feel free to give them to Michal. The more eyes see this, the more errors/issues will be resolved. Btw, thank you for the review so far :) Michal, can you please create the `mysql8.4.rpmlintrc file` as Xose suggested? ===== MUST items =====
C/C++:
[x]: Package does not contain kernel modules.
[x]: Development (unversioned) .so files in -devel subpackage, if present.
Note: Unversioned so-files in private %_libdir subdirectory (see
attachment). Verify they are not in ld path.
[x]: If your application is a C or C++ application you must list a
BuildRequires against gcc, gcc-c++ or clang.
[x]: Header files in -devel subpackage, if present.
[x]: Package does not contain any libtool archives (.la)
[x]: Package contains no static executables.
[x]: Rpath absent or only used for internal libs.
Generic:
[x]: Package successfully compiles and builds into binary rpms on at least
one supported primary architecture.
Note: Using prebuilt packages
[ ]: Package is licensed with an open-source compatible license and meets
other legal requirements as defined in the legal section of Packaging
Guidelines.
[ ]: License field in the package spec file matches the actual license.
Note: Checking patched sources after %prep for licenses. Licenses
found: "GNU General Public License, Version 2", "Unknown or
generated", "GNU General Public License, Version 2 and/or JSON
License", "Boost Software License 1.0 and/or Public domain", "Public
domain", "GNU Library General Public License, Version 2.0", "GNU
General Public License, Version 2 [generated file]", "GNU General
Public License v3.0 or later", "*No copyright* Public domain", "GNU
General Public License, Version 2 and/or NTP License", "BSD 3-Clause
License and/or JSON License and/or MIT License", "zlib License", "BSD
3-Clause License", "MIT License", "FSF Unlimited License (with License
Retention) [generated file]", "GNU General Public License v2.0 or
later [generated file]", "X11 License [generated file]", "BSD 3-Clause
License [generated file]", "FSF Unlimited License [generated file]",
"GNU General Public License v2.0 or later", "BSD 2-Clause License
and/or GNU General Public License, Version 2", "Boost Software License
1.0", "Boost Software License 1.0 [generated file]", "NTP License",
"FSF Unlimited License (with License Retention) and/or GNU General
Public License v2.0 or later", "FSF Unlimited License (with License
Retention)", "The Perl 5 License", "BSD 2-Clause License", "*No
copyright* GNU General Public License, Version 2", "BSD 3-Clause
License and/or GNU General Public License, Version 2", "Boost Software
License 1.0 and/or NTP License", "Boost Software License 1.0 and/or
MIT License", "*No copyright* BSD 3-Clause License", "GNU General
Public License, Version 2 and/or Public domain", "Boost Software
License 1.0 and/or MIT License and/or X11 License", "*No copyright*
Apache License 2.0", "Boost Software License 1.0 and/or zlib License".
23466 files have unknown license. Detailed output of licensecheck in
/var/lib/copr-rpmbuild/results/mysql8.4/licensecheck.txt
[ ]: License file installed when any subpackage combination is installed.
[ ]: If the package is under multiple licenses, the licensing breakdown
must be documented in the spec.
[x]: Package must own all directories that it creates.
Note: Directories without known owners: /etc/logrotate.d
[x]: %build honors applicable compiler flags or justifies otherwise.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[x]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[x]: Package contains systemd file(s) if in need.
[x]: Useful -debuginfo package or justification otherwise.
[?]: Package is not known to require an ExcludeArch tag.
[x]: Package complies to the Packaging Guidelines
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
Note: There are rpmlint messages (see attachment).
[x]: The License field must be a valid SPDX expression.
[x]: Package requires other packages for directories it uses.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
beginning of %install.
[x]: %config files are marked noreplace or the reason is justified.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package must not depend on deprecated() packages.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
work.
[x]: Package is named using only allowed ASCII characters.
[x]: No %config files under /usr.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
%{name}.spec.
[x]: systemd_post is invoked in %post, systemd_preun in %preun, and
systemd_postun in %postun for Systemd service files.
Note: Systemd service file(s) in mysql8.4-server
[x]: File names are valid UTF-8.
[x]: Large documentation must go in a -doc subpackage. Large could be size
(~1MB) or number of files.
Note: Documentation size is 1233 bytes in 3 files.
[x]: Packages must not store files under /srv, /opt or /usr/local
Perl:
[x]: Package contains the mandatory BuildRequires and Requires:.
===== SHOULD items =====
Generic:
[x]: Reviewer should test that the package builds in mock.
[-]: If the source package does not include license text(s) as a separate
file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Fully versioned dependency in subpackages if applicable.
Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in
mysql8.4-libs , mysql8.4-common , mysql8.4-errmsg , mysql8.4-devel ,
mysql8.4-test-data
[x]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[x]: Patches link to upstream bugs/comments/lists or are otherwise
justified.
[x]: Scriptlets must be sane, if used.
[-]: Sources are verified with gpgverify first in %prep if upstream
publishes signatures.
Note: gpgverify is not used.
[x]: Package should compile and build into binary rpms on all supported
architectures.
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
files.
[x]: Files in /run, var/run and /var/lock uses tmpfiles.d when appropriate
[?]: Spec use %global instead of %define unless justified.
Note: %define requiring justification: %define majorversion %(echo
%{package_version} | cut -d'.' -f1-2 ), %define
conflict_with_other_streams() %{expand:Provides:
%{majorname}%{?1:-%{1}}-anyConflicts: %{majorname}%{?1:-%{1}}-any},
%define mysqlX_if_default() %{expand:Provides:
mysql%{majorversion}%{?1:-%{1}} = %{sameevr}Provides:
mysql%{majorversion}%{?1:-%{1}}%{?_isa} = %{sameevr}}, %define
mysqlX_if_default() %{nil}, %define add_metadata()
%{expand:%conflict_with_other_streams %{**}%mysqlX_if_default %{**}}
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
$RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: The placement of pkgconfig(.pc) files are correct.
[x]: Sources can be downloaded from URI in Source: tag
[x]: SourceX is a working URL.
#### My comments and questions
> Issues:
> =======
> - If (and only if) the source package includes the text of the license(s)
> in its own file, then that file, containing the text of the license(s)
> for the package is included in %license.
> Note: License file alter_allow_copying.result is not marked as %license
> See: https://docs.fedoraproject.org/en-US/packaging-
> guidelines/LicensingGuidelines/#_license_text
The `alter_allow_copying.result` file is part of the testsuite and can be ignored.
> [x]: Development (unversioned) .so files in -devel subpackage, if present.
> Note: Unversioned so-files in private %_libdir subdirectory (see
> attachment). Verify they are not in ld path.
> Unversioned so-files
> --------------------
> mysql8.4-server: /usr/lib64/mysql/plugin/adt_null.so
.....
These libraries are not visible to the dynamic linker (verified using ldconfig -p)
> [ ]: Package is not known to require an ExcludeArch tag.
Is it still necessary to include the `ExcludeArch: %{ix86}` [1]?
[1] https://gitlab.com/mschorm/centos_rpms_mysql8.4/-/blob/c10s/mysql8.4.spec?ref_type=heads#L1
> [?]: Spec use %global instead of %define unless justified.
> Note: %define requiring justification: %define majorversion %(echo
> %{package_version} | cut -d'.' -f1-2 ), %define
> conflict_with_other_streams() %{expand:Provides:
> %{majorname}%{?1:-%{1}}-anyConflicts: %{majorname}%{?1:-%{1}}-any},
> %define mysqlX_if_default() %{expand:Provides:
> mysql%{majorversion}%{?1:-%{1}} = %{sameevr}Provides:
> mysql%{majorversion}%{?1:-%{1}}%{?_isa} = %{sameevr}}, %define
> mysqlX_if_default() %{nil}, %define add_metadata()
> %{expand:%conflict_with_other_streams %{**}%mysqlX_if_default %{**}}
Is the %define justified? It looks like it’s not redefined anywhere in the spec, so I believe you could use the %global.
I'm going to review the licenses, which may take more time so I'm providing first feedback, so you might respond to the questions.
It looks like the license is referring to the external file `README.mysql-license` [1]. However, the site that it refers to claims it is deprecated [2]. This package now uses a newer `Universal FOSS Exception, Version 1.0` [3]. This license is not yet allowed in Fedora-allowed licenses [4]. Also, the above-mentioned file may violate this other license checkbox: > [ ]: Package does not include license text files separate from upstream. It looks like it was added quite a time ago in this commit [5], but I'm not sure it's the upstream file (please verify) [1] https://gitlab.com/mschorm/centos_rpms_mysql8.4/-/blob/c10s/README.mysql-license?ref_type=heads [2] https://www.mysql.com/about/legal/licensing/foss-exception/ [3] https://oss.oracle.com/licenses/universal-foss-exception/ [4] https://gitlab.com/fedora/legal/fedora-license-data/-/issues/182 [5] https://src.fedoraproject.org/rpms/mysql8.0/c/de3bd6c4ed2b2b7ed694ec908d082679eca0890e?branch=rawhide Excludearch: > Is it still necessary to include the `ExcludeArch: %{ix86}` [1]? Yes, MySQL 8.4 is not supported on 32-bit architectures. (Support dropped with first MySQL 8.1 version) --- %global instead of %define: Well, YOU introduced the code there :P https://src.fedoraproject.org/rpms/mysql8.0/c/59a23?branch=rawhide I asked Filip Janus, the original author of the logic, whether he can remember having a particular reason using the %define. I don't see it as a huge problem, but rather a possible enhancement. More than 1350 packages use %define tags in over 4300 places in Fedora, as per sourcegraph search before the search result limit was hit: https://sourcegraph.com/search?q=context:global+repo:%5Esrc.fedoraproject.org/+%25define&patternType=regexp&sm=0 --- Licensing: I agree that the content of the file 'README.mysql-license' should be updated and clarified. I take it as a downstream file, used for informative purposes for Fedora and RHEL consumers. Take a look at the update I've made: https://gitlab.com/mschorm/centos_rpms_mysql8.4/-/commit/35e8a62d7280801f8b3366cfcc33637953afcc35 However the actual current license (the 'The Universal FOSS Exception, Version 1.0') text is part of the LICENSE blob file which we pack. https://src.fedoraproject.org/rpms/mysql8.0/blob/rawhide/f/mysql8.0.spec#_847 So no matter whether we link to the online copy of the license, the > [ ]: Package does not include license text files separate from upstream. check should be satisfied. --- Updated review links Spec URL: https://download.copr.fedorainfracloud.org/results/mschorm/mysql8.4/fedora-rawhide-x86_64/08838319-mysql8.4/mysql8.4.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/mschorm/mysql8.4/fedora-rawhide-x86_64/08838319-mysql8.4/mysql8.4-8.4.4-2.fc43.src.rpm COPR build: https://copr.fedorainfracloud.org/coprs/mschorm/mysql8.4/build/8838319/ Code available at: https://gitlab.com/mschorm/centos_rpms_mysql8.4/-/commits/fedora_review?ref_type=heads Copr build: https://copr.fedorainfracloud.org/coprs/build/8844273 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2305346-mysql8.4/fedora-rawhide-x86_64/08844273-mysql8.4/fedora-review/review.txt Found issues: - openssl-devel-engine is deprecated, you must not depend on it. Read more: https://docs.fedoraproject.org/en-US/packaging-guidelines/deprecating-packages/ - License file alter_allow_copying.result is not marked as %license Read more: https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/#_license_text Please know that there can be false-positives. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string. > Found issues: > > - openssl-devel-engine is deprecated, you must not depend on it. This should be resolved. It looks like openssl has deprecated this subpackage a month ago [1] [1] https://src.fedoraproject.org/rpms/openssl/c/4f8f7aa19f71284aaff50ee5659b89cfa98932e4 > %global instead of %define: I discussed this with Filip, and we agreed it could be changed to %global, so since it's required by FPG, we should comply. After a discussion with a legal team as well, the licenses are good to go. [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: License field in the package spec file matches the actual license. [x]: License file installed when any subpackage combination is installed. [x]: If the package is under multiple licenses, the licensing breakdown must be documented in the spec. [x]: Package does not include license text files separate from upstream. I did a major rework. Until now, the code was derived from CentOS Stream 10 branch, which was based on Fedora content. Now I've rebased all the relevant changes from the CentOS Stream 10 branch onto the current Fedora Rawhide branch. So now it both contains the latest Fedora changes and the code is a natural evolution of the existing Fedora package - mysql8.0 The current links are: Spec URL: https://download.copr.fedorainfracloud.org/results/mschorm/mysql8.4/fedora-rawhide-x86_64/08898139-mysql8.4/mysql8.4.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/mschorm/mysql8.4/fedora-rawhide-x86_64/08898139-mysql8.4/mysql8.4-8.4.4-1.fc43.src.rpm COPR fedora-review report: https://download.copr.fedorainfracloud.org/results/mschorm/mysql8.4/fedora-rawhide-x86_64/08898139-mysql8.4/fedora-review/review.txt Git: https://src.fedoraproject.org/fork/mschorm/rpms/mysql8.0/commits/mysql8.4_package_review -- I've tried to fix the "%global instead of %define". I managed to fix one occurrence: https://src.fedoraproject.org/fork/mschorm/rpms/mysql8.0/c/ffb3296?branch=mysql8.4_package_review However when I changed the other instances, the code broke. The other instances use the %define for function calls, processing arguments, and so on. They are responsible for proper generation of virtual Provides and Conflicts. When I tried to use %global there, the generated virtual relationship broke, making the sub-packages conflicting with every other, leaving the package FTI. I will try to revisit it in the future, but at this moment I wasn't able to fix the whole problem. I hope this is effort is acceptable for the review to pass. Created attachment 2084800 [details]
The .spec file difference from Copr build 8844273 to 8899674
Copr build: https://copr.fedorainfracloud.org/coprs/build/8899674 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2305346-mysql8.4/fedora-rawhide-x86_64/08899674-mysql8.4/fedora-review/review.txt Found issues: - openssl-devel-engine is deprecated, you must not depend on it. Read more: https://docs.fedoraproject.org/en-US/packaging-guidelines/deprecating-packages/ - License file alter_allow_copying.result is not marked as %license Read more: https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/#_license_text Please know that there can be false-positives. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string. I removed the openssl engine dependency. The current links are: Spec URL: https://download.copr.fedorainfracloud.org/results/mschorm/mysql8.4/fedora-rawhide-x86_64/08900187-mysql8.4/mysql8.4.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/mschorm/mysql8.4/fedora-rawhide-x86_64/08900187-mysql8.4/mysql8.4-8.4.4-1.fc43.src.rpm COPR fedora-review report: https://download.copr.fedorainfracloud.org/results/mschorm/mysql8.4/fedora-rawhide-x86_64/08900187-mysql8.4/fedora-review/review.txt Git: https://src.fedoraproject.org/fork/mschorm/rpms/mysql8.0/commits/mysql8.4_package_review Created attachment 2084981 [details]
The .spec file difference from Copr build 8899674 to 8902500
Copr build: https://copr.fedorainfracloud.org/coprs/build/8902500 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2305346-mysql8.4/fedora-rawhide-x86_64/08902500-mysql8.4/fedora-review/review.txt Found issues: - License file alter_allow_copying.result is not marked as %license Read more: https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/#_license_text Please know that there can be false-positives. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string. Thank you for all the fixes. I approve this package from the reviewer POV. The Pagure repository was created at https://src.fedoraproject.org/rpms/mysql8.4 8.4.5 was released yesterday, changes in MySQL 8.4.5 (2025-04-15, LTS Release): https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-5.html The package reached Rawhide repos. Is installable, can be upgraded to and the basic functionality was checked. User testing and feedback is encouraged. The rebase to upstream latest release is WIP, but not in scope of this ticket. |