Bug 515046

Summary: Review Request: perl-XML-Parser-Lite-Tree-XPath - XPath access to XML::Parser::Lite::Tree structures
Product: [Fedora] Fedora Reporter: Juan J. Martínez <reidrac>
Component: Package ReviewAssignee: Nobody's working on this, feel free to take it <nobody>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: ashay.humane, fedora-package-review, jan.klepek, mi, notting
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-03-23 06:26:53 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 507801, 525050    
Bug Blocks:    

Description Juan J. Martínez 2009-08-01 04:14:21 EDT
Spec URL:
This is a pure-Perl implementation of XPath as complement to
XML::Parser::Lite::Tree, a pure-Perl XML tree parser and builder. It aims to
implement 100% of the W3C XPath specification.

This is my first package for fedora and I need someone to sponsor.
Comment 1 Ashay Humane 2009-08-09 18:40:46 EDT
Here is my informal review:

 NA = Not Applicable
 X = Check
 ! = Problem
 ? = Not evaluated

=== Required Items ===
[X] MUST: rpmlint must be run on every package. The output should be posted in the review.[1]            
    rpmlint is clean.
[X] MUST: The package must be named according to the Package Naming Guidelines .
[X] MUST: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption. [2] .
[X] MUST: The package must meet the Packaging Guidelines .
[X] MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines .
[X] MUST: The License field in the package spec file must match the actual license. [3]
[NA] MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.[4]
[X] MUST: The spec file must be written in American English. [5]
[X] MUST: The spec file for the package MUST be legible. [6]
[X] MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this.
[X] MUST: The package MUST successfully compile and build into binary rpms on at least one primary architecture. [7]   
  Tested with rpmbuild and mock on:
[NA] MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line. [8]
[X] MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense.
[NA] MUST: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.[9]
[NA] MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. [10]
[NA] MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker. [11]
[X] MUST: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. [12]
[X] MUST: A Fedora package must not list a file more than once in the spec file's %files listings. [13]
[X] MUST: Permissions on files must be set properly. Executables should be set with executable permissions, for example. Every %files section must include a %defattr(...) line. [14]
[X] MUST: Each package must have a %clean section, which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). [15]
[X] MUST: Each package must consistently use macros. [16]
[X] MUST: The package must contain code, or permissable content. [17]
[NA] MUST: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity). [18]
[X] MUST: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. [18]
[NA] MUST: Header files must be in a -devel package. [19]
[NA] MUST: Static libraries must be in a -static package. [20]
[NA] MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for directory ownership and usability). [21]
[NA] MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package. [19]
[NA] MUST: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name} = %{version}-%{release} [22]
[NA] MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.[20]
[NA] MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation. [23]
[X] MUST: Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. [24]
[X] MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot} (or $RPM_BUILD_ROOT). [25]
[X] MUST: All filenames in rpm packages must be valid UTF-8. [26]

==== Suggested Items ====
[?] SHOULD: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [27]
[?] SHOULD: The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available. [28]
[X] SHOULD: The reviewer should test that the package builds in mock. [29]
    Tested in mock fedora-11-x86_64 and fedora-11-i386
[?] SHOULD: The package should compile and build into binary rpms on all supported architectures. [30]
[X] SHOULD: The reviewer should test that the package functions as described. A package should not segfault instead of running, for example.
[?] SHOULD: If scriptlets are used, those scriptlets must be sane. This is vague, and left up to the reviewers judgement to determine sanity. [31]
[?] SHOULD: Usually, subpackages other than devel should require the base package using a fully versioned dependency. [22]
[?] SHOULD: The placement of pkgconfig(.pc) files depends on their usecase, and this is usually for development purposes, so should be placed in a -devel pkg. A reasonable exception is that the main pkg itself is a devel tool not installed in a user runtime, e.g. gcc or gdb. [21]
[?] SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself. [32]
Comment 2 Jan Klepek 2009-08-15 14:15:40 EDT
wrong license, see [1]

disabled tests, should be enabled and as test fails, this should be reporter to upstream that fedora is not shipping something what is broken.
see [1]

3] Makefile created during %prep is not using cp -p, modify/patch this Makefile that it will use it (could be done by sed for example)

[1] https://fedoraproject.org/wiki/Packaging:Perl
[2] https://fedoraproject.org/wiki/Packaging/Guidelines#Timestamps
Comment 3 Juan J. Martínez 2009-08-15 14:27:20 EDT
Jan --

1. I believe the artistic license version 2.0 it's OK for Fedora [1].

2. I think the tests fail because of features not implemented, but I can confirm that with the developer. Anyway I'll check the whole test part, thank you.

3. OK, I'll fix this.

Thank you for the pointers.

[1]: Artistic 2.0, https://fedoraproject.org/wiki/Licensing#Good_Licenses
Comment 4 Jan Klepek 2009-08-15 16:03:43 EDT
(In reply to comment #3)
> Jan --
> 1. I believe the artistic license version 2.0 it's OK for Fedora [1].
Did you read https://fedoraproject.org/wiki/Packaging:Perl?.

I don't argue about validity of artistic license for fedora, artistic license is completely ok. 

In readme for XML::Parser::Lite::Tree::Xpath is:
"License: Perl Artistic License 2.0
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself. "

So from this i see it is dual licensed (artistic 2.0 and same terms as perl itself).

"Perl itself is dual licensed, under both the GPL and Artistic licenses. Many perl modules follow this practice; when they do, the license tag should be filled out as "GPL+ or Artistic", not the other way around."

From this point, i don't see only "Artistic license" acceptable, there should be "GPL+ or Artistic" to follow perl specific packaging guidelines.

> 2. I think the tests fail because of features not implemented, but I can
> confirm that with the developer. Anyway I'll check the whole test part, thank
> you.

Please check, I'm looking into this too to determine if code is broken or functions are just not implemented at all. So far it looks like broken code for me.
Comment 5 Jason Tibbitts 2009-08-18 13:30:30 EDT
Actually, the license is unclear, as the README file makes two contradictory statements regarding the license:


Copyright (C) 2004-2009 Cal Henderson <cal@iamcal.com>
License: Perl Artistic License 2.0

This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself. 

If they worked an "or" in there between those statements things would be OK, but as it is I believe that clarification from the author is mandatory here.  The code itself is no help as it either contains a bare copyright notice with no license grant (which is rather bad) or contains no copyright or license information at all.  Blocking FE-Legal; this package cannot be approved until the license is clarified.
Comment 6 Juan J. Martínez 2009-08-18 14:45:01 EDT
Jason, Jan --

I've asked the author for a licence clarification (at first I asked him to change the module license to allow its inclusion into Fedora, but he made a mistake leaving the "This library is..." sentence -- well, that was MY mistake because I didn't realize it before submitting the request, sorry).

I've asked him about the tests too, and I hope he can tell me if the code is stable enough to be included into Fedora or not (in last case, I'd close this request).

Thank you for you help!
Comment 7 Juan J. Martínez 2009-08-19 11:32:18 EDT

 1. License issue: the author removed the offending line referring to Perl license. Now the module it's properly licensed (Artistic 2.0).
 2. Tests problems: the author answered that the problem was in the dependency XML::Parser::Lite::Tree, so he released a new version of the module and XML::Parser::Lite::Tree::XPath requires XML::Parser::Lite::Tree >= 0.10.
 3. Regarding the "install -p" issue, the install line executed is generated from Makefile.PL and I think it's safe (as far as I can see in other spec files).

Updated data follows...

Spec URL:
This is a pure-Perl implementation of XPath as complement to
XML::Parser::Lite::Tree, a pure-Perl XML tree parser and builder. It aims to
implement 100% of the W3C XPath specification.

This is my first package for fedora and I need someone to sponsor.

Moreover I've upgraded XML::Parser::Lite::Tree (spec fetched from CVS), because this package needs to be updated (as stated previously in point .2). You can fetch the spec/SRPM from:

Comment 8 Jason Tibbitts 2009-09-22 20:42:12 EDT
Can you file a ticket against perl-XML-Parser-Lite-Tree requesting that it be updated to 0.10, and then add that ticket number to the "Depends on" field of this ticket?  This package cannot be reviewed until that update is made (because currently the package doesn't build at all).
Comment 9 Michal Ingeli 2009-09-24 03:48:08 EDT
0.12 is the newest version of perl-XML-Parser-Lite-Tree and was pushed for testing just now
Comment 10 Juan J. Martínez 2010-03-23 06:26:53 EDT
I'm not using this module anymore, so I don't know I'm the right person to maintain the package.
Comment 11 Jan Klepek 2010-03-23 13:10:06 EDT
I have opened new review request for it in #576272