Bug 469997
Summary: | Review Request: ratproxy - A passive web application security assessment tool | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Rakesh Pandit <rpandit> |
Component: | Package Review | Assignee: | Mamoru TASAKA <mtasaka> |
Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | fedora-package-review, lucilanga, mtasaka, notting, opensource |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | Flags: | mtasaka:
fedora-review+
kevin: fedora-cvs+ |
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-01-19 12:50:15 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Rakesh Pandit
2008-11-05 06:36:19 UTC
Instead of the sed command, you better run make CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE" You can add -Wno-pointer-sign like upstream does if you do not want to see tons of pointer signedness warnings, but it would probably better to fix this in the code. :-) Something not so nice is, that the tarball contains a non free precompiled binary in flare-dist/flare, i.e. add a rm -rf flare-dist/ flare in %prep. In the future there may be checks may prevent the rpm from beeing built if there are precompiled binaries present. I have reported about all these issues upstream. Number of lines required for fixing warnings are enormous. Warnings are around 1000+ lines. So, I am using flag to suppress these warnings. Regarding some fwrite warnings (not handling return values) I have also reported them. I think these are not blockers. Thanks - Updated http://rakesh.fedorapeople.org/spec/ratproxy.spec http://rakesh.fedorapeople.org/srpm/ratproxy-1.51-2.fc9.src.rpm This is not a blocker but... as this is a network application (binds specific port, logs data to specific dir) will you consider providing sysvinit script, default logdir, logrotation, etc...? Would it be okay without them? I wouldn't like to .. may be later on in case administrators bug me. I selected it from security spin wish list. What you suggest ? (In reply to comment #4) > Would it be okay without them? I wouldn't like to .. may be later on in case > administrators bug me. I selected it from security spin wish list. What you > suggest ? I guess you can add scripts later. Anyway a sysvinit script would be nice. -This package contains flare binary that is not free and cannot be shipped in Fedora. You need to remove this before packaging, see: https://fedoraproject.org/wiki/PackagingDrafts/SourceUrl#When_Upstream_uses_Prohibited_Code (In reply to comment #5) > -This package contains flare binary that is not free and cannot be shipped in > Fedora. You need to remove this before packaging, see: > https://fedoraproject.org/wiki/PackagingDrafts/SourceUrl#When_Upstream_uses_Prohibited_Code The URL does not cover binaries: | Some upstream packages include patents or trademarks that we are not allowed to | ship even as source code. I do not think think this binary can be shipped with fedora and has to be treated as prohibited source, but we can always ask legal. No matter whether flare-dist/flare is binary or not, as flare-dist/LICENSE.TXT says this part is definitely NON-FREE (Redistribution is solely for non-commercial purposes), this part cannot be shipped (even if in srpm form) in Fedora. NON-FREE stuff. Cannot be shipped in. Ah.. is flare-dist/ part really needed for this package? I tried to rebuild your latest srpm, however for me this part does not seem to be used. If not needed, you can - remove flare-dist part - repackage tarball - and use the repackaged tarball as Fedora source tarball (as Lucian said in comment 5) I took this package from security spin wish list and don't have much interest (on a personal note) because I don't use it. Anyway I will have a re-look. Thanks all for pointing put issues. I will bump with changes soon. http://rakesh.fedorapeople.org/spec/ratproxy.spec http://rakesh.fedorapeople.org/srpm/ratproxy-1.51-3.fc10.src.rpm Somebody interested in review ? Well, for 1.51-3: - I guess Solaris.README is not needed. Other things are okay. ---------------------------------------------------------- This package (ratproxy) is APPROVED by mtasaka ---------------------------------------------------------- Thanks, I will remove that file before importing. New Package CVS Request ======================= Package Name: ratproxy Short Description: A passive web application security assessment tool Owners: rakesh Branches: F-9 F-10 InitialCC: Cvsextras Commits: yes cvs done. ratproxy-1.51-4.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/ratproxy-1.51-4.fc9 ratproxy-1.51-4.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/ratproxy-1.51-4.fc10 |