|Summary:||Review Request: mozilla-https-everywhere - HTTPS/HSTS enforcement extension for Mozilla browsers|
|Product:||[Fedora] Fedora||Reporter:||Russell Golden <niveusluna>|
|Component:||Package Review||Assignee:||Kevin Fenzi <kevin>|
|Status:||CLOSED ERRATA||QA Contact:||Fedora Extras Quality Assurance <extras-qa>|
|Version:||rawhide||CC:||alreay1, notting, package-review, tomspur|
|Fixed In Version:||mozilla-https-everywhere-1.0.3-2.el6||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2011-10-18 22:08:12 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
|Bug Depends On:||1154321|
Description Russell Golden 2011-09-17 16:56:41 UTC
Spec URL: mozilla-https-everywhere.spec SRPM URL: https://niveusluna.org/kahiru/repo/fedora/free/SRPMS/mozilla-https-everywhere-1.0.1-1.fc15.src.rpm Description: I'm just gonna copy and paste this from upstream, if that's okay. HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.
Comment 1 Russell Golden 2011-09-17 16:58:38 UTC
...How the heck did that happen? Spec URL: https://niveusluna.org/kahiru/repo/fedora/free/SRPMS/mozilla-https-everywhere.spec Sorry about that, could've sworn I pasted the URL properly...
Comment 2 Al Reay 2011-09-18 23:40:01 UTC
Hi Russell, I'm not a proven packager so I can't sponsor or approve your package but I'll cheerfully do an informal review for you. * just a niggle, the srpm link isn't fully formed with respect to the https certificate, to avoid wget/curl download errors make sure that it's got a 'www' prefix to match the servername as per the cert. * I think your use of explicit 'requires' tag is OK here because automatic dependency resolution by RPM won't work as you're using it only to see if a directory structure exists (as opposed to using a library or binary) Nice simple package, I think you'll have no problems getting this one through. Good luck Al
Comment 3 Russell Golden 2011-09-19 00:14:24 UTC
Huh. On my machine, neither wget nor curl complains about my cert. When I made it, I was under the impression the cert would work for both my SLD and the subdomain www. I only entered the subdomain because StartCom wouldn't give me a cert otherwise. Thanks for the informal review!
Comment 4 Thomas Spura 2011-09-20 08:41:48 UTC
Hmm, there is a draft of packaging such extensions a bit differently here: https://fedoraproject.org/wiki/User:Kalev/MozillaExtensionsDraft So I further adjusted the noscript extension to follow that guideline a bit. Maybe you want to have a look at the new macros, I'm using there. I think, it's a bit clearer than just inst_dir and symlink_dir: http://pkgs.fedoraproject.org/gitweb/?p=mozilla-noscript.git;a=blob;f=mozilla-noscript.spec;h=2b16f6814b6f6b4ae9e351a0cbe46e2734b14e8e;hb=HEAD Not an issue, while reviewing this, more a RFC. Maybe that draft or the current packaging can still be enhanced :)
Comment 5 Russell Golden 2011-09-20 16:36:31 UTC
Hm. Draft or no, that makes the SRPM *much* more readable. Thanks for the info. Note: This extension is not packaged by upstream with an extension UUID, but with email@example.com. Every Mozilla browser currently packaged by Fedora can handle a name instead of a UUID, so it shouldn't be a problem. Just wanted to give a heads up in case someone wondered what was going on.
Comment 6 Russell Golden 2011-09-26 02:21:58 UTC
Comment 7 Kevin Fenzi 2011-10-08 20:55:23 UTC
I'll go ahead and look at reviewing this. Expect a review later today hopefully... Do you have any packages you have pre-reviewed? Or are you planning on submitting any other packages at this time?
Comment 8 Russell Golden 2011-10-08 21:04:09 UTC
No, and no. In case it's needed, here's the link for the latest SRPM: https://niveusluna.org/files/repo/fedora/free/SRPMS/mozilla-https-everywhere-1.0.3-1.fc15.src.rpm The spec file is still at the same location. It doesn't change except for version number.
Comment 9 Kevin Fenzi 2011-10-08 22:04:06 UTC
OK - Package meets naming and packaging guidelines OK - Spec file matches base package name. OK - Spec has consistant macro usage. OK - Meets Packaging Guidelines. OK - License (GPLv2+) OK - License field in spec matches OK - License file included in package OK - Spec in American English OK - Spec is legible. OK - Sources match upstream md5sum: 05ea1355a3f2e91b1ca10dd8bb88a7ea ./https-everywhere-1.0.3.xpi 05ea1355a3f2e91b1ca10dd8bb88a7ea ./https-everywhere-1.0.3.xpi.orig OK - BuildRequires correct OK - Package has %defattr and permissions on files is good. OK - Package has a correct %clean section. OK - Package has correct buildroot OK - Package is code or permissible content. OK - Packages %doc files don't affect runtime. OK - Package has rm -rf RPM_BUILD_ROOT at top of %install OK - Package compiles and builds on at least one arch. OK - Package has no duplicate files in %files. OK - Package doesn't own any directories other packages own. OK - Package owns all the directories it creates. OK - Package obey's FHS standard (except for 2 exceptions) See below - No rpmlint output. OK - final provides and requires are sane. SHOULD Items: OK - Should build in mock. OK - Should build on all supported archs OK - Should function as described. OK - Should have sane scriptlets. OK - Should have dist tag OK - Should package latest version OK - Should not use file requires outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin Issues: 1. rpmlint says: mozilla-https-everywhere.noarch: W: spelling-error %description -l en_US unencrypted -> encrypted mozilla-https-everywhere.noarch: W: incoherent-version-in-changelog 1.0.1-1 ['1.0.3-1.fc17', '1.0.3-1'] mozilla-https-everywhere.src: W: spelling-error %description -l en_US unencrypted -> encrypted You need to fix the changelog. The others can be ignored. So, the only minor issue is the changelog entry. You can fix that before you import. This package is APPROVED. I will go ahead and sponsor you. You can continue the process from: https://fedoraproject.org/wiki/PackageMaintainers/Join#Add_Package_to_Source_Code_Management_.28SCM.29_system_and_Set_Owner Please feel free to ask me if you have any questions or run into problems. Welcome to the packagers!
Comment 10 Russell Golden 2011-10-09 01:37:23 UTC
Spec file updated to include changelogs. New SRPM: https://niveusluna.org/kahiru/repo/fedora/free/RPMS/noarch/mozilla-https-everywhere-1.0.3-2.fc15.noarch.rpm No idea if this is needed for CVS or not. If so, it's here. If not, people can hit delete on their emails. :)
Comment 11 Russell Golden 2011-10-09 01:49:27 UTC
New Package SCM Request ======================= Package Name: mozilla-https-everywhere Short Description: HTTPS/HSTS enforcement extension for Mozilla browsers Owners: niveusluna Branches: f14 f15 f16 el5 el6 InitialCC:
Comment 12 Gwyn Ciesla 2011-10-09 17:50:19 UTC
Git done (by process-git-requests).
Comment 13 Fedora Update System 2011-10-09 20:01:25 UTC
mozilla-https-everywhere-1.0.3-2.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/mozilla-https-everywhere-1.0.3-2.fc14
Comment 14 Fedora Update System 2011-10-09 20:03:04 UTC
mozilla-https-everywhere-1.0.3-2.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/mozilla-https-everywhere-1.0.3-2.fc16
Comment 15 Fedora Update System 2011-10-09 20:04:28 UTC
mozilla-https-everywhere-1.0.3-2.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/mozilla-https-everywhere-1.0.3-2.fc15
Comment 16 Fedora Update System 2011-10-09 20:06:39 UTC
mozilla-https-everywhere-1.0.3-2.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/mozilla-https-everywhere-1.0.3-2.el5
Comment 17 Fedora Update System 2011-10-09 20:06:42 UTC
mozilla-https-everywhere-1.0.3-2.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/mozilla-https-everywhere-1.0.3-2.el6
Comment 18 Fedora Update System 2011-10-10 02:49:48 UTC
mozilla-https-everywhere-1.0.3-2.fc15 has been pushed to the Fedora 15 testing repository.
Comment 19 Fedora Update System 2011-10-18 22:08:12 UTC
mozilla-https-everywhere-1.0.3-2.fc15 has been pushed to the Fedora 15 stable repository.
Comment 20 Fedora Update System 2011-10-18 22:12:29 UTC
mozilla-https-everywhere-1.0.3-2.fc14 has been pushed to the Fedora 14 stable repository.
Comment 21 Fedora Update System 2011-10-19 04:34:42 UTC
mozilla-https-everywhere-1.0.3-2.fc16 has been pushed to the Fedora 16 stable repository.
Comment 22 Fedora Update System 2011-11-02 00:06:26 UTC
mozilla-https-everywhere-1.0.3-2.el5 has been pushed to the Fedora EPEL 5 stable repository.
Comment 23 Fedora Update System 2011-11-02 00:08:50 UTC
mozilla-https-everywhere-1.0.3-2.el6 has been pushed to the Fedora EPEL 6 stable repository.