Bug 700566

Summary: Review Request: stanse - An automatic bug-finding tool for C
Product: [Fedora] Fedora Reporter: Karel Klíč <kklic>
Component: Package ReviewAssignee: Jerry James <loganjerry>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: akurtako, fedora-package-review, loganjerry, notting, rvokal
Target Milestone: ---Flags: loganjerry: fedora-review?
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-10-26 13:36:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 700335, 700345, 700427    
Bug Blocks:    

Description Karel Klíč 2011-04-28 16:54:24 UTC 
Spec URL: http://kklic.fedorapeople.org/stanse.spec
SRPM URL: http://kklic.fedorapeople.org/stanse-1.2.0-1.fc14.src.rpm
Description:
An implementation of modern approaches to static analysis and
automatic bug finding for programs written in C. Stanse can
automatically discover some types of bugs in real-life sized projects.

$ rpmlint stanse-1.2.0-1.fc14.src.rpm
stanse.src: W: invalid-url Source0: stanse-1.2.0.tar.bz2
1 packages and 0 specfiles checked; 0 errors, 1 warnings.

$ rpmlint stanse-1.2.0-1.fc14.i386.rpm
stanse.i386: W: no-manual-page-for-binary st_xml_bugcount
stanse.i386: W: no-manual-page-for-binary stcc
stanse.i386: W: no-manual-page-for-binary stpreproc
stanse.i386: W: no-manual-page-for-binary stanse
stanse.i386: W: no-manual-page-for-binary stcparser-c
stanse.i386: W: no-manual-page-for-binary stanse-make
1 packages and 0 specfiles checked; 0 errors, 6 warnings.

$ rpmlint stanse-javadoc-1.2.0-1.fc14.noarch.rpm
1 packages and 0 specfiles checked; 0 errors, 0 warnings.

$ rpmlint  stanse-web-1.2.0-1.fc14.noarch.rpm
stanse-web.noarch: W: no-documentation
stanse-web.noarch: W: no-manual-page-for-binary st_xml2sqlite3
1 packages and 0 specfiles checked; 0 errors, 2 warnings.

$ rpmlint stanse-debuginfo-1.2.0-1.fc14.i386.rpm
stanse-debuginfo.i386: E: debuginfo-without-sources
1 packages and 0 specfiles checked; 1 errors, 0 warnings.
-> debuginfo needs fixing
Comment 1 Alexander Kurtakov 2011-04-29 06:04:50 UTC 
Shouldn't this package be noarch??
Comment 2 Karel Klíč 2011-04-29 07:18:17 UTC 
One part of Stanse (source code parser) is written in C for speed reasons.
Comment 3 Karel Klíč 2011-05-02 12:32:16 UTC 
Spec URL: http://kklic.fedorapeople.org/stanse.spec
SRPM URL: http://kklic.fedorapeople.org/stanse-1.2.0-2.fc14.src.rpm

* Mon May  2 2011 Karel Klíč <kklic> - 1.2.0-2
- Required package com.inamik.utils.tableformatter changed name to inamik-tableformatter
- Fixed debuginfo generation by adding debug="true" to cpptasks:cc task in build.xml
- Use utf-8 encoding when compiling java source files and invoking javadoc
- Use proper classpath for javadoc

$ rpmlint ./stanse-debuginfo-1.2.0-2.fc14.i386.rpm 
1 packages and 0 specfiles checked; 0 errors, 0 warnings.
Comment 4 Jerry James 2011-11-18 21:13:42 UTC 
I'll take this review.  Here are some preliminary comments.

First, version 1.2.2 is available on the upstream web site.  This means you can delete all the comments about sneaking version 1.2.0 from elsewhere. :-)

Second, installation of stanse-web-1.2.0-2 fails:

error: Failed dependencies:
	perl(dbs.pl) is needed by stanse-web-1.2.0-2.fc16.noarch

Third, neither subpackage requires the main package.  Should they?

Fourth, the %defattr declarations in the %files sections are no longer necessary.

If you can address those items, I'll do a full review.
Comment 5 Karel Klíč 2011-11-22 18:20:19 UTC 
There is a licensing problem with version 1.2.2: it includes json-dced076c.jar which comes from  https://github.com/douglascrockford/JSON-java. That project is distributable under problematic license:
https://bugzilla.redhat.com/show_bug.cgi?id=594420
https://bugzilla.redhat.com/show_bug.cgi?id=455507

I have contacted Stanse upstream.
Comment 6 Jerry James 2011-11-22 19:15:39 UTC 
Oh, bummer.  OK, I'll stand by for upstream's response.
Comment 7 Jerry James 2012-08-17 15:31:52 UTC 
Hi Karel, any news?
Comment 8 Jerry James 2012-10-24 21:53:49 UTC 
Karel: ping.
Comment 9 Karel Klíč 2012-10-26 13:36:52 UTC 
Jerry, Stanse development is stuck.  I talked to the main developers, and they are not interested in continuing the development.

So I think it would be a waste of time to maintain this package in Fedora.  We would be in a bad position with regard to keeping up with new versions of GCC.