Bug 885495
| Summary: | Review Request: python-keyczar - open source cryptographic toolkit | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Maxim Burgerhout <maxim> |
| Component: | Package Review | Assignee: | Eduardo Echeverria <echevemaster> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | echevemaster, misc, notting |
| Target Milestone: | --- | Flags: | echevemaster:
fedora-review+
gwync: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-01-07 04:06:37 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Maxim Burgerhout
2012-12-09 20:53:53 UTC
Hi Maxim
In epel5 the packages that install python modules needs to define python_sitelib or python to indicate where to find the python directory and what modules are installed in, This is no needed in the latest releases of Fedora.
Also
%if 0%{?rhel} <= 5
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
%endif
not correct, should be:
%if 0%{?rhel} && 0%{?rhel} <= 5
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
%endif
http://fedoraproject.org/wiki/Packaging:Python#Macros
Now, if you want to provide this package to epel5, see
https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies#Distribution_specific_guidelines
The entry
%{python_sitelib}/*
should be
%{python_sitelib}/
see: https://fedoraproject.org/wiki/Packaging:UnownedDirectories
- The package appears to contain unit tests, if so should run the tests, see the directory "tests" in the tarball, speciffically alltests.py
kind regards
Thanks for reviewing, I appreciate it. All fixed errors fixed. I did the %files entry slightly different in order not to own the site-packages directory itself. New versions of SPEC and SRPM at the above location. Hi Maxim: I have bad news python-pyasn1 not is available in epel5 http://koji.fedoraproject.org/koji/packageinfo?packageID=5620 I tried koji build and fail the build of package http://koji.fedoraproject.org/koji/taskinfo?taskID=4771725 http://kojipkgs.fedoraproject.org//work/tasks/1725/4771725/mock_output.log Therefore may not provide the package for epel5, unless you talk to the package maintainer, the maintainer is rcritten his email is: rcritten at redhat dot com, As an aside, if hypothetically we could build for now epel5: the line what I marked with asterisk (buildroot), should not be there %if 0%{?rhel} && 0%{?rhel} <= 5 %{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")} %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")} * BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) %endif Usually, going after Source0: Source0: http://keyczar.googlecode.com/files/%{name}-%{version}.tar.gz BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) - Note that if you can not obtain of the package python-pyasn1 in epel5, will need to remove all specific references to building to epel5 (buildroot, %clean and the rm -rf $RPM_BUILD_ROOT), IMHO you should build for the latest releases of Fedora and then may ask change request according to this: https://fedoraproject.org/wiki/Package_SCM_admin_requests#Package_Change_Requests_for_existing_packages - Please bump the release number of the spec file on changes and try to write a meaningful changelog entry https://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs There are issues with the license (there is no proper license file) ===== MUST items ===== [ ]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [ ]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Apache (v2.0)", "Unknown or generated". 2 files have unknown license. Detailed output of licensecheck in /home/makerpm/keyczar/885495-python- keyczar/licensecheck.txt Please see the next link for more details on how to proceed. https://fedoraproject.org/wiki/Packaging:LicensingGuidelines#License_Text I agree on the EL5 / EL6 point. I removed the EL5 specific code from the spec file. I contacted upstream in order to get a LICENSE file added to the tarball. I'll upload an updated version hopefully containing the LICENSE file from upstream :) Are there other things that need fixing? Might as well do those now. I'll contact the maintainer of python-pyasn1 as well. Eduardo, if you are doing the review, could you assign it to you, as this would remote it from https://fedoraproject.org/PackageReviewStatus/NEW.html ? (In reply to comment #5) > Eduardo, if you are doing the review, could you assign it to you, as this > would remote it from https://fedoraproject.org/PackageReviewStatus/NEW.html ? Ok Michael, I took the review, thanks Maxim.- Any news regarding the license? As a matter of fact, there is news. Upstream agreed to add a LICENSE file to the tarball, which I await eagerly. I'll get back to you asap. Ok, upstream added the license and some patches to a new release 0.71c. Spec URL: http://wzzrd.fedorapeople.org/python-keyczar/python-keyczar.spec SRPM URL: http://wzzrd.fedorapeople.org/python-keyczar/python-keyczar-0.71c-1.fc19.src.rpm Hi Maxim:
I will make the formal review-
- The warnings about the spelling errors can be ignored
Package Review
==============
Key:
[x] = Pass
[!] = Fail
[-] = Not applicable
[?] = Not evaluated
[ ] = Manual review needed
===== MUST items =====
Generic:
[x]: Package is licensed with an open-source compatible license and meets
other legal requirements as defined in the legal section of Packaging
Guidelines.
[x]: Package successfully compiles and builds into binary rpms on at least one
supported primary architecture.
[x]: %build honors applicable compiler flags or justifies otherwise.
[x]: All build dependencies are listed in BuildRequires, except for any that
are listed in the exceptions section of Packaging Guidelines.
[x]: Package contains no bundled libraries.
[x]: Changelog in prescribed format.
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
beginning of %install.
[x]: Sources contain only permissible code or content.
[x]: Each %files section contains %defattr if rpm < 4.4
[x]: Macros in Summary, %description expandable at SRPM build time.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package requires other packages for directories it uses.
[x]: Package uses nothing in %doc for runtime.
[x]: Package is not known to require ExcludeArch.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package complies to the Packaging Guidelines
[x]: Spec file lacks Packager, Vendor, PreReq tags.
[x]: If (and only if) the source package includes the text of the license(s)
in its own file, then that file, containing the text of the license(s)
for the package is included in %doc.
[x]: License field in the package spec file matches the actual license.
Note: Checking patched sources after %prep for licenses. Licenses found:
"Apache (v2.0)", "Unknown or generated". 2 files have unknown license.
Detailed output of licensecheck in /home/makerpm/keyczar24122012/885495
-python-keyczar/licensecheck.txt
* The package is licensed under ASL 2.0
[x]: Package consistently uses macro is (instead of hard-coded directory
names).
[x]: Package is named using only allowed ASCII characters.
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
Note: Package contains no Conflicts: tag(s)
[x]: Package do not use a name that already exist
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
Provides are present.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Package installs properly.
[x]: Package is not relocatable.
[x]: Requires correct, justified where necessary.
[x]: CheckResultdir
[x]: Rpmlint is run on all rpms the build produces.
Note: There are rpmlint messages (see attachment).
[x]: Sources used to build the package match the upstream source, as provided
in the spec URL.
[x]: Spec file is legible and written in American English.
[x]: Spec file name must match the spec package %{name}, in the format
%{name}.spec.
[-]: Package contains systemd file(s) if in need.
[x]: File names are valid UTF-8.
[-]: Large documentation must go in a -doc subpackage.
Note: Documentation size is 184320 bytes in 3 files.
[x]: Packages must not store files under /srv, /opt or /usr/local
Python:
[x]: Package contains BR: python2-devel or python3-devel
[x]: Binary eggs must be removed in %prep
[x]: Python eggs must not download any dependencies during the build process.
[x]: A package which is used by another package via an egg interface should
provide egg info.
[x]: Package meets the Packaging Guidelines::Python
===== SHOULD items =====
Generic:
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
$RPM_BUILD_ROOT)
[x]: If the source package does not include license text(s) as a separate file
from upstream, the packager SHOULD query upstream to include it.
[x]: Dist tag is present.
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Final provides and requires are sane (rpm -q --provides and rpm -q
--requires).
[?]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[x]: The placement of pkgconfig(.pc) files are correct.
[x]: SourceX tarball generation or download is documented.
[x]: SourceX / PatchY prefixed with %{name}.
[x]: SourceX is a working URL.
[-]: Description and summary sections in the package spec file contains
translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
architectures.
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed files.
[x]: Spec use %global instead of %define.
===== EXTRA items =====
Generic:
[x]: Rpmlint is run on all installed packages.
Note: There are rpmlint messages (see attachment).
[x]: Spec file according to URL is the same as in SRPM.
[x]: Large data in /usr/share should live in a noarch subpackage if package is
arched.
Rpmlint
-------
Checking: python-keyczar-0.71c-1.fc17.src.rpm
python-keyczar-0.71c-1.fc17.noarch.rpm
python-keyczar.src: W: spelling-error %description -l en_US cryptographic -> cryptography, cryptographer, crystallographic
python-keyczar.noarch: W: spelling-error %description -l en_US cryptographic -> cryptography, cryptographer, crystallographic
2 packages and 0 specfiles checked; 0 errors, 2 warnings.
Rpmlint (installed packages)
----------------------------
# rpmlint python-keyczar
python-keyczar.noarch: W: spelling-error %description -l en_US cryptographic -> cryptography, cryptographer, crystallographic
1 packages and 0 specfiles checked; 0 errors, 1 warnings.
# echo 'rpmlint-done:'
Requires
--------
python-keyczar-0.71c-1.fc17.noarch.rpm (rpmlib, GLIBC filtered):
python(abi) = 2.7
python-crypto
python-pyasn1
Provides
--------
python-keyczar-0.71c-1.fc17.noarch.rpm:
python-keyczar = 0.71c-1.fc17
MD5-sum check
-------------
http://keyczar.googlecode.com/files/python-keyczar-0.71c.tar.gz :
CHECKSUM(SHA256) this package : 34845f4d8388b11e1176d36e90c2126cff564a621133bd1a946aa6640d2e9035
CHECKSUM(SHA256) upstream package : 34845f4d8388b11e1176d36e90c2126cff564a621133bd1a946aa6640d2e9035
I don't see anymore blockers, therefore
----------------
PACKAGE APPROVED
----------------
New Package SCM Request ======================= Package Name: python-keyczar Short Description: open source cryptographic toolkit Owners: wzzrd Branches: f17 f18 el6 InitialCC: Eduardo, can you reset the flag fedora-review to the correct value ? There is a bug in bugzilla or firefox that reset the form when submitted, and so the flag got cleared and added back by maxim, except that maxim can only set the review as set by himself, not for someone else. (In reply to comment #11) > Eduardo, can you reset the flag fedora-review to the correct value ? > There is a bug in bugzilla or firefox that reset the form when submitted, > and so the flag got cleared and added back by maxim, except that maxim can > only set the review as set by himself, not for someone else. Sure, no problem. Git done (by process-git-requests). python-keyczar-0.71c-1.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/python-keyczar-0.71c-1.fc18 python-keyczar-0.71c-1.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/python-keyczar-0.71c-1.fc17 python-keyczar-0.71c-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/python-keyczar-0.71c-1.el6 python-keyczar-0.71c-1.el6 has been pushed to the Fedora EPEL 6 testing repository. python-keyczar-0.71c-1.fc17 has been pushed to the Fedora 17 stable repository. python-keyczar-0.71c-1.el6 has been pushed to the Fedora EPEL 6 stable repository. python-keyczar-0.71c-1.fc18 has been pushed to the Fedora 18 stable repository. |