| Summary: | Review Request: crudminer - Find known-vulnerable software in a web root | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Konstantin Ryabitsev <icon> |
| Component: | Package Review | Assignee: | Brett Lentz <brett.lentz> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | brett.lentz, icon, notting, package-review |
| Target Milestone: | --- | Flags: | brett.lentz:
fedora-review+
gwync: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | crudminer-0.3.2-2.fc16 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-10-26 18:31:45 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Konstantin Ryabitsev
2011-10-24 13:41:05 UTC
To test, run "crudminer /usr/share/doc/crudminer-*/tests". $ rpmlint crudminer.spec 0 packages and 1 specfiles checked; 0 errors, 0 warnings. $ rpm -ivvv ~/rpmbuild/RPMS/noarch/crudminer-0.3.2-1.fc16.noarch.rpm D: ========== Directories not explicitly included in package: D: 0 /etc/ D: 2 /usr/bin/ D: 3 /usr/share/doc/ D: 98 /usr/share/man/man5/ D: 99 /var/lib/ Other comments: Summary: Find known-vulnerable software in a web root "known-vulnerable" isn't really a compound word. You can drop the hyphen. The phrase "web root" isn't something I'm familiar with. Is there a better way to describe what you mean by this phrase? %description Locate known-vulnerable software in a web root by comparing the installed files against a list of known-vulnerable products. The use of known-vulnerable twice is a bit redundant. I'd consider revising it. In %install and %clean you have both $RPM_BUILD_ROOT and %{buildroot}. Please pick one, and use it consistently throughout the spec.
See also: http://fedoraproject.org/wiki/Packaging/Guidelines#Using_.25.7Bbuildroot.7D_and_.25.7Boptflags.7D_vs_.24RPM_BUILD_ROOT_and_.24RPM_OPT_FLAGS
Just to be clear. Comment #2 is minor quibbles, not required to fix. Just things to consider for future builds. Comment #3 is the only thing that needs to be fixed before the package can be approved. Thank you. Updated spec file and .src.rpm: http://fedorapeople.org/~icon/f/crudminer.spec http://fedorapeople.org/~icon/f/crudminer-0.3.2-2.fc15.src.rpm Looks good to me. Approved. Thanks, Brett! New Package SCM Request ======================= Package Name: crudminer Short Description: Find and report insecure web software in a web root Owners: icon Branches: f15 f16 el4 el5 el6 InitialCC: Git done (by process-git-requests). Thanks, all. crudminer-0.3.2-2.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/crudminer-0.3.2-2.fc15 crudminer-0.3.2-3.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/crudminer-0.3.2-3.el5 crudminer-0.3.2-2.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/crudminer-0.3.2-2.fc16 crudminer-0.3.2-2.el4 has been submitted as an update for Fedora EPEL 4. https://admin.fedoraproject.org/updates/crudminer-0.3.2-2.el4 crudminer-0.3.2-2.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/crudminer-0.3.2-2.el6 crudminer-0.3.2-2.el4 has been pushed to the Fedora EPEL 4 stable repository. crudminer-0.3.2-2.el6 has been pushed to the Fedora EPEL 6 stable repository. crudminer-0.3.2-3.el5 has been pushed to the Fedora EPEL 5 stable repository. crudminer-0.3.2-2.fc15 has been pushed to the Fedora 15 stable repository. crudminer-0.3.2-2.fc16 has been pushed to the Fedora 16 stable repository. |