Bug 464190

1. URL is not correct. I assume you meant https://fedorahosted.org/expendable instead
2. Is there a specific reason for using 0.1 as release tag ? It's not incorrect, but usually we use natural numbers
3. Could you please add a note to the URL, mentioning that the real source tarball is at https://fedorahosted.org/expendable/attachment/wiki/ProjectReleases/expendable-0.0.2.tar.bz2?format=raw ? When using the provided %Source0, the automated tools download a short html and bail out in pain.
4. rpmlint has a couple of complaints, which should be fixed:
Launching rpmlint
Source RPM:
expendable.src: W: summary-ended-with-dot Home finances modeling program.
expendable.src: W: no-version-in-last-changelog
expendable.src: W: strange-permission expendable.spec 0600
1 packages and 0 specfiles checked; 0 errors, 3 warnings.

rpmlint of expendable:
expendable.noarch: E: zero-length /usr/share/doc/expendable-0.0.2/ChangeLog
expendable.noarch: E: zero-length /usr/share/doc/expendable-0.0.2/NEWS
expendable.noarch: W: summary-ended-with-dot Home finances modeling program.
expendable.noarch: W: no-version-in-last-changelog

5. http://koji.fedoraproject.org/koji/getfile?taskID=845586&name=build.log shows some oddities (/usr/lib/rpm/pythondeps.sh: line 8: python: command not found
 ) which I also see in a local mock build. Are those normal ?
6. We still require to have fedora as vendor in the desktop file. Your call to desktop-file-install does not set it.

Thanks.  Updated:

Spec URL: http://twaugh.fedorapeople.org/expendable/expendable.spec
SRPM URL:
http://twaugh.fedorapeople.org/expendable/expendable-0.0.2-0.1.src.rpm

1. URL fixed.
2. No, no reason, changed.
3. Source0 comment added.
4. rpmlint comments fixed.
5. Added python as a build requirement.

 As far as I can see, you have abused a bit your position as upstream of the program and modified the source tarball in order to use fedora as vendor when installing the desktop file. This is nice. What is not nice is that you have not modified the name of the tarball, so people who have downloaded the file in the past and those who would download it now would not know that there is a difference between the two versions. The proper way would have been to release a new version, maybe as a expendable-0.0.3.tar.bz2 or expendable-0.0.2a.tar.bz2 or whatever else you seem fit. And by the way, you do realize that by hardcoding vendor=fedora in the Makefile, you  make unhappy anyone else who wants to package it for another distro, right ?
 The URL provided in #2 for the src.rpm should have been http://twaugh.fedorapeople.org/expendable/expendable-0.0.2-1.src.rpm
 When you modify the spec file, please not only bump the release field but also add a comment to the changelog. In this case, the new spec should have included something similar to:

%changelog
* Fri Sep 26 2008 Tim Waugh <twaugh> 0.0.2-1
- fixed URL tag and rpmlint complaints, added python as a build requirement.
- new upstream version

* Fri Sep 26 2008 Tim Waugh <twaugh> 0.0.2-0.1
- Initial spec file.


And now the review:

Key:
 - = N/A
 x = Check
 ! = Problem
 ? = Not evaluated

=== REQUIRED ITEMS ===
 [x] Package is named according to the Package Naming Guidelines.
 [x] Spec file name must match the base package %{name}, in the format %{name}.spec.
 [x] Package meets the Packaging Guidelines.
 [x] Package successfully compiles and builds into binary rpms on at least one supported architecture.
     Tested on: devel/x86_64
 [x] Rpmlint output:
source RPM: empty
binary RPM:empty
 [x] Package is not relocatable.
 [x] Buildroot is correct (%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n))
 [x] Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines.
 [x] License field in the package spec file matches the actual license.
     License type:GPLv2+
 [x] If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc.
 [x] Spec file is legible and written in American English.
 [!] Sources used to build the package do not match the upstream source, as provided in the spec URL.
     SHA1SUM of source file included in the rpm: a859d6a72fa7bcb3fa136a80919993bae86193cd
     SHA1SUM of source file downloaded from the project page: 8495935d5795a492a05079eb6e3bc9756c9994d7
--> see issue below
 [x] Package is not known to require ExcludeArch.
 [x] All build dependencies are listed in BuildRequires, except for any that are listed in the excep
tions section of Packaging Guidelines.
 [-] The spec file handles locales properly.
 [-] ldconfig called in %post and %postun if required.
 [x] Package must own all directories that it creates.
 [x] Package requires other packages for directories it uses.
 [x] Package does not contain duplicates in %files.
 [x] Permissions on files are set properly.
 [x] Package has a %clean section, which contains rm -rf %{buildroot}.
 [x] Package consistently uses macros.
 [x] Package contains code, or permissable content.
 [-] Large documentation files are in a -doc subpackage, if required.
 [x] Package uses nothing in %doc for runtime.
 [-] Header files in -devel subpackage, if present.
 [-] Static libraries in -devel subpackage, if present.
 [-] Package requires pkgconfig, if .pc files are present.
 [-] Development .so files in -devel subpackage, if present.
 [-] Fully versioned dependency in subpackages, if present.
 [x] Package does not contain any libtool archives (.la).
 [x] Package contains a properly installed %{name}.desktop file if it is a GUI application.
 [x] Package does not own files or directories owned by other packages.

=== SUGGESTED ITEMS ===
 [x] Latest version is packaged.
 [x] Package does not include license text files separate from upstream.
 [-] Description and summary sections in the package spec file contains translations for supported Non-English languages, if available.
 [x] Reviewer should test that the package builds in mock.
     Tested on: devel/x86_64
 [x] Package should compile and build into binary rpms on all supported architectures.
     Tested on:package is noarch, should work on any arch with a proper python
 [?] Package functions as described.
 [-] Scriptlets must be sane, if used.
 [-] The placement of pkgconfig(.pc) files is correct.
 [-] File based requires are sane.


=== Issues ===
 The tarball bundled in the src.rpm has not been pushed to the project page. Please take advantage of that and use a different name (so as to make the versions of the two tar.bz2 distinguishable) for it. Everything else seems fine so fix this and I'll approve the package.

(In reply to comment #3)
> What is not nice is that you have
> not modified the name of the tarball, so people who have downloaded the file in
> the past and those who would download it now would not know that there is a
> difference between the two versions.

Sorry!  Actually the mistake was in the source RPM: I accidentally used an mis-labelled tarball that was not for release.  Thanks for spotting it.

I've fixed the spec file to add the vendor tag now, and replaced the correct 0.0.2 release tarball into the source RPM.

Spec URL: http://twaugh.fedorapeople.org/expendable/expendable.spec
SRPM URL:
http://twaugh.fedorapeople.org/expendable/expendable-0.0.2-2.src.rpm

Excellent. Package APPROVED.

New Package CVS Request
=======================
Package Name: expendable
Short Description: Home finances modeling program
Owners: twaugh
Branches: F-8 F-9
InitialCC:

cvs done.

Tim, the package seems to have been built (several times..). Any reason to not close the bug ?

Sorry, forgot.  Closing now.