Bug 817271
Summary: | Review Request:openerp - Business Applications Server | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Alec Leamas <leamas.alec> |
Component: | Package Review | Assignee: | Richard Shaw <hobbes1069> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | hobbes1069, notting, package-review, robinlee.sysu |
Target Milestone: | --- | Flags: | hobbes1069:
fedora-review+
gwync: fedora-cvs+ |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-07-03 06:41:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 817270, 818264 | ||
Bug Blocks: |
Description
Alec Leamas
2012-04-28 13:47:33 UTC
Updating metadata Updating to 6.1, new links: spec: http://dl.dropbox.com/u/17870887/openerp-6.1/openerp.spec srpm: http://dl.dropbox.com/u/17870887/openerp-6.1/openerp-6.1-1.fc16.src.rpm The URL of Source0 in 6.1 specfile seems 404. And if you change the name of the package, you should update the title of this report. And the summary is missed in the title. Thanks for input. However, note the 'NotReady' whiteboard status: this is a work in progress not ready for review. As of now, the python-xlwt dependency is only available in rawhide. And as of now python-xlwt is in updates-testing for F16 and F17 The test tool openerp-client is under review in bug 818805. I think this bug is ready for review. Ok, licenses is one of my weak points and I'm not sure you have all the bases covered but I could definitely be wrong :) Licenses detected in source: $ licensecheck -r . | awk -F ": " '{ print $2 }' | sort | uniq -c 1 AGPL 22 AGPL (v2.1 or later) LGPL (v2.1 or later) 1276 AGPL (v3 or later) 9 AGPL (v3 or later) GENERATED FILE 2 AGPL (v3 or later) LGPL (v3 or later) 5 BSD (2 clause) 6 BSD (3 clause) 7 BSD (4 clause) 43 GPL 2 GPL GENERATED FILE 40 GPL (v2 or later) 41 GPL (v3 or later) 1 LGPL 1 *No copyright* AGPL (v3 or later) 43 *No copyright* GENERATED FILE 161 *No copyright* UNKNOWN 4 UNKNOWN Is just using "AGPLv3+" good enough to cover all of the AGPLs listed? Same for GPL. Also, BSD (4 clause) should be referenced as "BSD with advertising"... Also, it's never OK to patch licenses. The bad FSF address is not considered a blocker but it is recommended to at least tell upstream about it. You might as well send them your patch. Duh, I looked at your LICENSING file... never mind. But perhaps using the guidelines version of the comment and file name would be good? # For a breakdown of the licensing, see PACKAGE-LICENSING (In reply to comment #8) > Also, it's never OK to patch licenses. The bad FSF address is not considered > a blocker but it is recommended to at least tell upstream about it. You > might as well send them your patch. License files can't be patched, agreed. But license text in source can be patched, see https://fedoraproject.org/wiki/Common_Rpmlint_issues#incorrect-fsf-address (OK, I actually wrote that :), but it's still kind of a reference) (In reply to comment #9) > Duh, I looked at your LICENSING file... never mind. But perhaps using the > guidelines version of the comment and file name would be good? > > # For a breakdown of the licensing, see PACKAGE-LICENSING Sure, I can change it according to that. I read this as you hadn't noticed the break-down when you wrote comment #7 Holding updated links in wait for more remarks or conclusions. (In reply to comment #10) > (In reply to comment #8) > > Also, it's never OK to patch licenses.[cut] You > > might as well send them your patch. Already done, see the comment attached to the patch. (In reply to comment #11) > (In reply to comment #10) > > (In reply to comment #8) > > > Also, it's never OK to patch licenses.[cut] You > > > might as well send them your patch. > Already done, see the comment attached to the patch. Yup, sorry. I use puTTY at work to ssh into my home machine and the blue on black is almost unreadable :) I would just drop the patch since it's not a blocker and let it be fixed on the next upstream release. If you insist, I will certainly drop it. But I prefer to use it - it's a question of keeping rpmlint output at a reasonable size. Without the patch, the output is just insane. And since the guidelines allows it, why not? Of course, if they release another version without applying the patch it's some work. But it's generated by a script, so I'm not that worried. I can even drop it at an update. But for the review, I think it's an advantage to keep it. But, like I said, it's your decision. Nah, good enough for me. Ok, now that the whole freecad, pycxx, zipios issues on my end are done, time to get back to this. Working on the full review. Ok, a couple of nit-picks: 1. The source tag could use the %name and %version tags a little more: Source0: http://nightly.openerp.com/6.1/nightly/src/openerp-%{version}%{oe_rel}.tar.gz could be: Source0: http://nightly.openerp.com/%{version}/nightly/src/%{name}-%{version}%{oe_rel}.tar.gz unless the 6.1 doesn't get the patch level version number when/if it occurs. 2. If your using "install" to install additional files from the source then you need to add the -p option to preserve time stamps, i.e.: install -m 644 -D install/openerp-server.conf \ %{buildroot}%{_sysconfdir}/openerp/openerp-server.conf to: install -pm 644 -D install/openerp-server.conf \ %{buildroot}%{_sysconfdir}/openerp/openerp-server.conf 3. I'm not a reviewers that insists on using %dir in %files and calling out each directory/file underneath it separately but if you're going to glob a whole directory it's a good practice to leave a trailing slash on the entry so it's obvious to someone else looking at your spec: %{_datadir}/openerp to: %{_datadir}/openerp/ 4. I assume some of the strange permissions are needed for functionality or security? It would probably be a good idea to add comments to the entries in %files where you're assigning non-standard perms. (In reply to comment #16) > Ok, a couple of nit-picks: > > 1. The source tag could use the %name and %version tags a little more: > Source0: > http://nightly.openerp.com/6.1/nightly/src/openerp-%{version}%{oe_rel}.tar.gz > could be: > Source0: > http://nightly.openerp.com/%{version}/nightly/src/%{name}- > %{version}%{oe_rel}.tar.gz > > unless the 6.1 doesn't get the patch level version number when/if it occurs. I certainly could, and I will if you insist. However, using openerp instead of name is on purpose and as I understand it according to the guidelines. The macro section explicitly says that using macros (besides paths) is a question of personal preferences, and I prefer writing the name "in clear". > > 2. If your using "install" to install additional files from the source then > you need to add the -p option to preserve time stamps, i.e.: > > install -m 644 -D install/openerp-server.conf \ > %{buildroot}%{_sysconfdir}/openerp/openerp-server.conf > to: > install -pm 644 -D install/openerp-server.conf \ > %{buildroot}%{_sysconfdir}/openerp/openerp-server.conf > Fixed. "blushes" > 3. I'm not a reviewers that insists on using %dir in %files and calling out > each directory/file underneath it separately but if you're going to glob a > whole directory it's a good practice to leave a trailing slash on the entry > so it's obvious to someone else looking at your spec: > > %{_datadir}/openerp > to: > %{_datadir}/openerp/ Fixed > > 4. I assume some of the strange permissions are needed for functionality or > security? It would probably be a good idea to add comments to the entries in > %files where you're assigning non-standard perms. Fixed Updating in place, same links, no release bumb (which actually is OK, promise :) ) (In reply to comment #17) > (In reply to comment #16) > > Ok, a couple of nit-picks: > > > > 1. The source tag could use the %name and %version tags a little more: > > Source0: > > http://nightly.openerp.com/6.1/nightly/src/openerp-%{version}%{oe_rel}.tar.gz > > could be: > > Source0: > > http://nightly.openerp.com/%{version}/nightly/src/%{name}- > > %{version}%{oe_rel}.tar.gz > > > > unless the 6.1 doesn't get the patch level version number when/if it occurs. > I certainly could, and I will if you insist. However, using openerp instead > of name is on purpose and as I understand it according to the guidelines. > The macro section explicitly says that using macros (besides paths) is a > question of personal preferences, and I prefer writing the name "in clear". Nah, just something I've seen recommended. > Updating in place, same links, no release bumb (which actually is OK, > promise :) ) Hmm... Once bitten twice shy for me. I was chastised for doing just that early in my packaging career :) (In reply to comment #18) > > Updating in place, same links, no release bump (which actually is OK, > > promise :) ) > > Hmm... Once bitten twice shy for me. I was chastised for doing just that > early in my packaging career :) The Guidelines have been updated: http://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs, look for Multiple Changelog Entries per Release). BTW: those two sentences were not trivial, "chastised" and "once bitten twice shy" being completely new to me. Even if I'll never learn packaging properly, I'll at least learn some English. By now you should know I appreciate that :) --a (In reply to comment #19) > (In reply to comment #18) > > > > Updating in place, same links, no release bump (which actually is OK, > > > promise :) ) > > > > Hmm... Once bitten twice shy for me. I was chastised for doing just that > > early in my packaging career :) > > The Guidelines have been updated: > http://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs, look for > Multiple Changelog Entries per Release). > > BTW: those two sentences were not trivial, "chastised" and "once bitten > twice shy" being completely new to me. Even if I'll never learn packaging > properly, I'll at least learn some English. By now you should know I > appreciate that :) Hehe. I couldn't tell since your English is so good. It's hard these days because so many have a gmail account I can't rely on the domain suffix :) Ok, got the full review done. One final nit but not a blocker. %attr(0755,openerp,openerp) %{_localstatedir}/run/openerp should probably be prefixed with %dir since it's just and empty directory, right? Package Review ============== Key: - = N/A x = Pass ! = Fail ? = Not evaluated ==== Generic ==== [x]: MUST Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: MUST Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [-]: MUST %build honors applicable compiler flags or justifies otherwise. [x]: MUST All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. [x]: MUST Buildroot is not present Note: Unless packager wants to package for EPEL5 this is fine [x]: MUST Package contains no bundled libraries. [x]: MUST Changelog in prescribed format. [x]: MUST Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) Note: Clean would be needed if support for EPEL is required [x]: MUST Sources contain only permissible code or content. [x]: MUST Each %files section contains %defattr if rpm < 4.4 Note: Note: defattr macros not found. They would be needed for EPEL5 [x]: MUST Macros in Summary, %description expandable at SRPM build time. [x]: MUST Package requires other packages for directories it uses. [x]: MUST Package uses nothing in %doc for runtime. [x]: MUST Package is not known to require ExcludeArch. [x]: MUST Permissions on files are set properly. [x]: MUST Package does not contain duplicates in %files. [x]: MUST Spec file lacks Packager, Vendor, PreReq tags. [x]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. Note: rm -rf would be needed if support for EPEL5 is required [-]: MUST Large documentation files are in a -doc subpackage, if required. [x]: MUST If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [x]: MUST License field in the package spec file matches the actual license. [x]: MUST Package consistently uses macros (instead of hard-coded directory names). [x]: MUST Package is named according to the Package Naming Guidelines. [x]: MUST Package does not generate any conflict. [x]: MUST Package obeys FHS, except libexecdir and /usr/target. [x]: MUST Package must own all directories that it creates. [x]: MUST Package does not own files or directories owned by other packages. [x]: MUST Package installs properly. [x]: MUST Requires correct, justified where necessary. [!]: MUST Rpmlint output is silent. rpmlint openerp-6.1-1.fc18.noarch.rpm openerp.noarch: E: explicit-lib-dependency pyftpdlib openerp.noarch: W: non-standard-gid /etc/openerp/openerp-server.conf openerp openerp.noarch: E: non-readable /etc/openerp/openerp-server.conf 0660L openerp.noarch: W: non-standard-gid /etc/openerp openerp openerp.noarch: W: non-standard-uid /var/run/openerp openerp openerp.noarch: W: non-standard-gid /var/run/openerp openerp openerp.noarch: W: no-manual-page-for-binary openerp-gen-cert 1 packages and 0 specfiles checked; 2 errors, 5 warnings. rpmlint openerp-6.1-1.fc18.src.rpm openerp.src: W: strange-permission openerp-gen-cert 0755L openerp.src:14: W: macro-in-comment %{version} 1 packages and 0 specfiles checked; 0 errors, 2 warnings. [x]: MUST Sources used to build the package match the upstream source, as provided in the spec URL. /home/build/817271/openerp-6.1-20120505-233516.tar.gz : MD5SUM this package : 572987da13d71942c252339b38d5d575 MD5SUM upstream package : 572987da13d71942c252339b38d5d575 [x]: MUST Spec file is legible and written in American English. [x]: MUST Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: MUST Package contains a SysV-style init script if in need of one. [x]: MUST File names are valid UTF-8. [-]: MUST Useful -debuginfo package or justification otherwise. [x]: SHOULD Reviewer should test that the package builds in mock. [-]: SHOULD If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: SHOULD Dist tag is present. [-]: SHOULD No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: SHOULD Final provides and requires are sane (rpm -q --provides and rpm -q --requires). [?]: SHOULD Package functions as described. [x]: SHOULD Latest version is packaged. [x]: SHOULD Package does not include license text files separate from upstream. [x]: SHOULD Patches link to upstream bugs/comments/lists or are otherwise justified. [-]: SHOULD Scriptlets must be sane, if used. [!]: SHOULD SourceX / PatchY prefixed with %{name}. Note: Source0: http://nightly.openerp.com/6.1/nightly/src/openerp-%{version}%{oe_rel}.tar.gz (openerp-%{version}%{oe_rel}.tar.gz) Source1: openerp.service (openerp.service) Source2: openerp-gen-cert (openerp-gen-cert) Source3: README.fedora (README.fedora) Source4: LICENSING (LICENSING) Patch0: openerp-fsf-fix.patch (openerp-fsf-fix.patch) Patch1: openerp-unbundle- pyftpdlib.patch (openerp-unbundle-pyftpdlib.patch) Patch10: openerp- server-relicense-dict_tools-to-LGPL2.1.patch (openerp-server-relicense- dict_tools-to-LGPL2.1.patch) [x]: SHOULD SourceX is a working URL. [-]: SHOULD Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: SHOULD Package should compile and build into binary rpms on all supported architectures. [-]: SHOULD %check is present and all tests pass. [x]: SHOULD Packages should try to preserve timestamps of original installed files. [x]: SHOULD Spec use %global instead of %define. Issues: [!]: MUST Rpmlint output is silent. rpmlint openerp-6.1-1.fc18.noarch.rpm openerp.noarch: E: explicit-lib-dependency pyftpdlib openerp.noarch: W: non-standard-gid /etc/openerp/openerp-server.conf openerp openerp.noarch: E: non-readable /etc/openerp/openerp-server.conf 0660L openerp.noarch: W: non-standard-gid /etc/openerp openerp openerp.noarch: W: non-standard-uid /var/run/openerp openerp openerp.noarch: W: non-standard-gid /var/run/openerp openerp openerp.noarch: W: no-manual-page-for-binary openerp-gen-cert 1 packages and 0 specfiles checked; 2 errors, 5 warnings. rpmlint openerp-6.1-1.fc18.src.rpm openerp.src: W: strange-permission openerp-gen-cert 0755L openerp.src:14: W: macro-in-comment %{version} 1 packages and 0 specfiles checked; 0 errors, 2 warnings. See: http://fedoraproject.org/wiki/Packaging/Guidelines#rpmlint Generated by fedora-review 0.1.3 External plugins: *** APPROVED *** (In reply to comment #21) > Ok, got the full review done. One final nit but not a blocker. > > %attr(0755,openerp,openerp) %{_localstatedir}/run/openerp > > should probably be prefixed with %dir since it's just and empty directory, > right? Right! (fixed) This is the beginning of the end of quite a journey. I first tried to breath life into #641261, and worked with an (at the time) openerp employee Panos Christeas over spring 2011. And now it goes through. It's kind of a relief. Now, let's see if I can get it right, this has become a challenge: New Package SCM Request ======================= Package Name: openerp Short Description: Business Applications Server Owners: leamas Branches: f16 f17 InitialCC: Two things: 1. The git/scm crawler may find your request but generally it should go at the top and any explanatory text goes under it. 2. Don't forget to set the fedora-cvs flag to "?". Didn't make this time either... Thanks for this remark, some English lessons and of course also for the review! --alec Git done (by process-git-requests). openerp-6.1-1.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/openerp-6.1-1.fc16 openerp-6.1-1.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/openerp-6.1-1.fc17 openerp-6.1-1.fc17 has been pushed to the Fedora 17 stable repository. openerp-6.1-1.fc16 has been pushed to the Fedora 16 stable repository. |