Bug 591298
| Summary: | Review Request: apache-commons-codec - Implementations of common encoders and decoders | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Mat Booth <mat.booth> |
| Component: | Package Review | Assignee: | Stanislav Ochotnicky <sochotni> |
| Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | akurtako, cedric.olivier, fedora-package-review, guido.grazioli, nobody, notting, sochotni |
| Target Milestone: | --- | Flags: | sochotni:
fedora-review+
dennis: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-05-20 21:21:30 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 588764 | ||
|
Description
Mat Booth
2010-05-11 20:09:26 UTC
*** Bug 225926 has been marked as a duplicate of this bug. *** Mat, I don't think that #225926 is a duplicate of this one. Yeah, I realised the moment I clicked the button, it's a duplicate of #591305. Sorry about that. I'll take this. The specfile your link points to is not the same as inside srpm, please fix this Terribly sorry, try now. I've made no changes other than regenerating the SRPM, so the links above are still valid. Noted that this is re-review
OK: rpmlint must be run on every package. The output should be posted in the review.
OUTPUT:
rpmlint ~/rpmbuild/{SRPMS,RPMS/noarch}/apache-commons-codec*-1.4-6*rpm
apache-commons-codec.noarch: W: non-conffile-in-etc /etc/maven/fragments/apache-commons-codec
3 packages and 0 specfiles checked; 0 errors, 1 warnings.
False positive, OK
OK: The package must be named according to the Package Naming Guidelines .
OK: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption. .
OK : The package must meet the Packaging Guidelines .
OK: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines .
OK: The License field in the package spec file must match the actual license.
OK: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.
OK: The spec file must be written in American English.
OK: The spec file for the package MUST be legible.
OK: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this.
OK: The package MUST successfully compile and build into binary rpms on at least one primary architecture.
OK: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense.
OK: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.
OK: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun.
OK: Packages must NOT bundle copies of system libraries.
OK: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory.
OK: A Fedora package must not list a file more than once in the spec file's %files listings.
OK: Permissions on files must be set properly. Executables should be set with executable permissions, for example. Every %files section must include a %defattr(...) line.
OK: Each package must consistently use macros.
OK: The package must contain code, or permissable content.
OK: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity).
OK: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present.
OK: All filenames in rpm packages must be valid UTF-8.
Other problems:
- required for renames: check for proper Provides/Obsoletes was OK
- these are quite old:
> Provides: %{short_name} = %{version}-%{release}
> Obsoletes: %{short_name} < %{version}-%{release}
And should be fairly safe to remove them for rawhide F14+ (currently on F-12 only plexus-xmlrpc does and it will have to be revised anyway)
What is the reason to have:
> # enable OSGi automatic dep solving
> %define _use_internal_dependency_generator 0
> %define __find_provides /usr/lib/rpm/osgideps.pl -p
> %define __find_requires /usr/lib/rpm/osgideps.pl -r
I believe they are not used/needed anywhere in the spec file. If they really are needed, define them with %global. Isn't maven supposed to take care of this?
- javadoc sub-package must have jpackage-utils in Requires (it is
owner of javadoc directory
- jpackage-utils should be required in post/postun for %update_maven_depmap
- provide backward compatible pom file with old GROUP_ID/ARTIFACT_ID. jakarta-commons-codec
used %add_to_maven_depmap %{short_name} %{short_name} %{version} JPP %{short_name}
Suggestions (Not required for + :-) ):
- since you are already using install for copying files, why not use
it for creating dirs too? Instead of:
> mkdir -p %{buildroot}%{_javadocdir}/%{name}-%{version}
use
install -d -m 755 %{buildroot}%{_javadocdir}/%{name}-%{version}
- another one:
> (cd %{buildroot}%{_javadocdir} && ln -sf %{name}-%{version} %{name})
Why create subshell when simple
ln -s %{name}-%{version} %{buildroot}%{_javadocdir}/%{name}
would be enough?
- You also have more commons packages so I suggest you use %global to
define base_name as codec, short_name as commons-%{base_name} and use
base name in URL/Source0, elsewhere as needed. You will then be able to re-use spec file changes more easily in the future.
(In reply to comment #7) > Noted that this is re-review > Noted that you've noted that this is a re-review. ;-) > Other problems: > - required for renames: check for proper Provides/Obsoletes was OK > - these are quite old: > > Provides: %{short_name} = %{version}-%{release} > > Obsoletes: %{short_name} < %{version}-%{release} > > And should be fairly safe to remove them for rawhide F14+ (currently on F-12 > only plexus-xmlrpc does and it will have to be revised anyway) > Agreed, this provides/obsoletes is ancient. Consider it gone. > > What is the reason to have: > > # enable OSGi automatic dep solving > > %define _use_internal_dependency_generator 0 > > %define __find_provides /usr/lib/rpm/osgideps.pl -p > > %define __find_requires /usr/lib/rpm/osgideps.pl -r > I believe they are not used/needed anywhere in the spec file. If they really > are needed, define them with %global. Isn't maven supposed to take care of > this? > This is to boot-strap automatic dep-solving for RPMs that provide OSGi bundles needed for Eclipse. Maven only generates the headers, it doesn't care about RPM dependencies. It is not yet enabled by default, hence these lines. They will be removed when it is ready. See bug #488352. I have changed them to use global. > - javadoc sub-package must have jpackage-utils in Requires (it is > owner of javadoc directory Done. > - jpackage-utils should be required in post/postun for %update_maven_depmap Done. > - provide backward compatible pom file with old GROUP_ID/ARTIFACT_ID. > jakarta-commons-codec > used %add_to_maven_depmap %{short_name} %{short_name} %{version} JPP > %{short_name} > If no package in Fedora needs the legacy pom, is this still necessary? If "org.apache.commons" if the right way, I'd rather just do that. > Suggestions (Not required for + :-) ): > - since you are already using install for copying files, why not use > it for creating dirs too? Instead of: > > mkdir -p %{buildroot}%{_javadocdir}/%{name}-%{version} > use > install -d -m 755 %{buildroot}%{_javadocdir}/%{name}-%{version} > > - another one: > > (cd %{buildroot}%{_javadocdir} && ln -sf %{name}-%{version} %{name}) > > Why create subshell when simple > ln -s %{name}-%{version} %{buildroot}%{_javadocdir}/%{name} > would be enough? > Good ideas, done. > - You also have more commons packages so I suggest you use %global to > define base_name as codec, short_name as commons-%{base_name} and use > base name in URL/Source0, elsewhere as needed. You will then be able to re-use > spec file changes more easily in the future. I don't normally have a problem search and replacing, but ok. :-) New SPEC/SRPM: http://mbooth.fedorapeople.org/reviews/apache-commons-codec.spec http://mbooth.fedorapeople.org/reviews/apache-commons-codec-1.4-7.fc13.src.rpm >If no package in Fedora needs the legacy pom, is this still necessary? If
> "org.apache.commons" if the right way, I'd rather just do that.
Is it possible to find out in some easy way? For my future reference :-) You are right though, it's good to avoid polluting the spec file if it's possible. When I did this in my specs I added a big comment stating why it's there...But this really is not a show-stopper. Since we are doing this in rawhide, we will have time to find out if something doesn't work.
Thanks for explaining those OSGi bundles and your changes.
Modified spec is good. This package is APPROVED
One small thing I realized: Please add Obsoletes (no Provides necessary) for jakarta javadoc subpackage when you commit to CVS (In reply to comment #9) > >If no package in Fedora needs the legacy pom, is this still necessary? If > > "org.apache.commons" if the right way, I'd rather just do that. > > Is it possible to find out in some easy way? For my future reference :-) You > are right though, it's good to avoid polluting the spec file if it's possible. > When I did this in my specs I added a big comment stating why it's there...But > this really is not a show-stopper. Since we are doing this in rawhide, we will > have time to find out if something doesn't work. > Unfortunately I don't have an easy way to confirm this, but until very recently, this package provided no pom at all. I only added when I took over ownership of commons-codec, so I'd be surprised if there has been anything added to Fedora in the last few months that depends on it. > Thanks for explaining those OSGi bundles and your changes. > > Modified spec is good. This package is APPROVED Thanks (In reply to comment #10) > One small thing I realized: Please add Obsoletes (no Provides necessary) for > jakarta javadoc subpackage when you commit to CVS Will do, thanks. New Package CVS Request ======================= Package Name: apache-commons-codec Short Description: Implementations of common encoders and decoders Owners: mbooth Branches: devel InitialCC: (In reply to comment #11) > (In reply to comment #9) > > >If no package in Fedora needs the legacy pom, is this still necessary? If > > > "org.apache.commons" if the right way, I'd rather just do that. > > > > Is it possible to find out in some easy way? For my future reference :-) You > > are right though, it's good to avoid polluting the spec file if it's possible. > > When I did this in my specs I added a big comment stating why it's there...But > > this really is not a show-stopper. Since we are doing this in rawhide, we will > > have time to find out if something doesn't work. > > > > Unfortunately I don't have an easy way to confirm this, but until very > recently, this package provided no pom at all. I only added when I took over > ownership of commons-codec, so I'd be surprised if there has been anything > added to Fedora in the last few months that depends on it. > The poms (for commons-* and jakarta-commons-*) are provided within maven2-common-poms, which is used in the local repo as a backup pom/depmap source (in /usr/share/maven/default_poms). That was done to workaround packages not providing poms along jars, but if you provide a pom file (which goes to /usr/share/maven/poms), that one will be chosen first during build. In this case about renaming, i'm not sure if letting the old named poms stay in maven2-common-poms does any hurt. Btw, i think most if not all projects will depend on commons-* and not apache|jakarta-commons-* Right, but in this case, maven2-common-poms has never carried a pom for commons-codec. (In reply to comment #14) > Right, but in this case, maven2-common-poms has never carried a pom for > commons-codec. Oops, that's a lie. I take it all back, there was a commons-codec pom in maven2-common-poms. :-) Would you like me add the legacy depmap to this package? Mat, please add it. Guido, once this is in would you remove the codec pom and depmap from commons-poms? We should aim at making commons-poms unneeded Yep i was trying to clarify in general (to myself too :) ). What i meant was that in this process of renaming from jakarta- to apache- , we have to be sure that any package provides the relevant pom along the jar (i'm lurking around these reviews); after that i will drop any commons-* pom (and depmap) from maven2-common-poms, but the parent pom, IIF that doesn't break anything, but that shouldn't be the case. (In reply to comment #16) > Mat, please add it. Will do, thanks. (In reply to comment #17) > Yep i was trying to clarify in general (to myself too :) ). > > What i meant was that in this process of renaming from jakarta- to apache- , > we have to be sure that any package provides the relevant pom along the jar > (i'm lurking around these reviews); after that i will drop any commons-* pom > (and depmap) from maven2-common-poms, but the parent pom, IIF that doesn't > break anything, but that shouldn't be the case. Hmm, which parent pom?? We should package every parent pom separately like we are doing for forge-parent https://bugzilla.redhat.com/show_bug.cgi?id=591482 Once we have this we can make the parent pom package Requires everything specified in it resulting in a much cleaner and simpler BR sections in dependant packages. (In reply to comment #19) > Hmm, which parent pom?? > We should package every parent pom separately like we are doing for > forge-parent https://bugzilla.redhat.com/show_bug.cgi?id=591482 This one: /usr/share/maven2/default_poms/JPP-commons-parent.pom http://svn.apache.org/viewvc/commons/proper/commons-parent/tags/commons-parent-15/ but i cant find a review request for it yet. > Once we have this we can make the parent pom package Requires everything > specified in it resulting in a much cleaner and simpler BR sections in > dependant packages. There is a profile in the apache parent to build all proper components, but those are built individually afaik; if you package the parent pom alone in a package, it wont buildrequire anything (empty %build, %install pom, %update depmap),or am i completely wrong? Ok for the record, this is the SPEC/SRPM I will be importing into CVS: http://mbooth.fedorapeople.org/reviews/apache-commons-codec.spec http://mbooth.fedorapeople.org/reviews/apache-commons-codec-1.4-8.fc13.src.rpm CVS Done Built for F14, closing. |