Bug 891239

Summary: nodejs-uid-number - Convert a username/group name to a UID/GID number
Product: [Fedora] Fedora Reporter: T.C. Hollingsworth <tchollingsworth>
Component: Package ReviewAssignee: Miro Hrončok <mhroncok>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: maurizio.antillon, mhroncok, misc, notting
Target Milestone: ---Flags: mhroncok: fedora‑review+
limburgher: fedora‑cvs+
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-01-15 04:30:25 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Bug Depends On:    
Bug Blocks: 891171    

Description T.C. Hollingsworth 2013-01-02 04:26:10 EST
Spec: http://patches.fedorapeople.org/npm/nodejs-uid-number.spec
SRPM: http://patches.fedorapeople.org/npm/nodejs-uid-number-0.0.3-2.fc17.src.rpm
Koji scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=4831122
FAS username: patches

Convert a username/group name to a UID/GID number.

This package is part of the npm stack and a future F19 Feature for Node.js.

This package may depend on other packages in the npm stack that aren't explicitly
listed as dependencies of this bug.  For more information, see bug 891171.

Please use nodejs-0.6.5-3 or later when building or using this package.
Comment 1 Michael Scherer 2013-01-06 10:01:22 EST
fedora-review about the md5sum of the source code :

$ cat /home/misc/checkout/git/FedoraReview/891239-nodejs-uid-number/diff.txt
Seulement dans /home/misc/checkout/git/FedoraReview/891239-nodejs-uid-number/upstream-unpacked/Source0/package: LICENCE
diff -U2 -r /home/misc/checkout/git/FedoraReview/891239-nodejs-uid-number/upstream-unpacked/Source0/package/package.json /home/misc/checkout/git/FedoraReview/891239-nodejs-uid-number/srpm-unpacked/uid-number-0.0.3.tgz-extract/package/package.json
--- /home/misc/checkout/git/FedoraReview/891239-nodejs-uid-number/upstream-unpacked/Source0/package/package.json	2012-06-04 06:03:15.000000000 +0200
+++ /home/misc/checkout/git/FedoraReview/891239-nodejs-uid-number/srpm-unpacked/uid-number-0.0.3.tgz-extract/package/package.json	2012-03-27 09:14:47.000000000 +0200
@@ -14,5 +14,4 @@
   "engines": {
     "node": "*"
-  },
-  "license": "BSD"
+  }
 }
Comment 2 T.C. Hollingsworth 2013-01-10 03:01:36 EST
That's very strange.   Maybe upstream changed the tarball on me?  I did originally package that in March 2012.

Anyway, this update has a fresh tarball and fixes some issues found in other reviews:
Spec: http://patches.fedorapeople.org/npm/nodejs-uid-number.spec
SRPM: http://patches.fedorapeople.org/npm/nodejs-uid-number-0.0.3-3.fc17.src.rpm
Koji scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=4854411
Comment 3 Miro Hrončok 2013-01-11 08:05:24 EST
Summary OK.

TODO: Description might be longer.

MUST: rpmlint must be run on the source rpm and all binary rpms the build produces. The output should be posted in the review.

$ rpmlint ../SRPMS/nodejs-uid-number-0.0.3-3.fc18.src.rpm ../RPMS/noarch/nodejs-uid-number-0.0.3-3.fc18.noarch.rpm
nodejs-uid-number.src: W: spelling-error Summary(en_US) username -> user name, user-name, surname
nodejs-uid-number.src: W: spelling-error %description -l en_US username -> user name, user-name, surname
nodejs-uid-number.src: W: file-size-mismatch uid-number-0.0.3.tgz = 1506, http://registry.npmjs.org/uid-number/-/uid-number-0.0.3.tgz = 2264
nodejs-uid-number.noarch: W: spelling-error Summary(en_US) username -> user name, user-name, surname
nodejs-uid-number.noarch: W: spelling-error %description -l en_US username -> user name, user-name, surname
nodejs-uid-number.noarch: W: only-non-binary-in-usr-lib
nodejs-uid-number.noarch: E: script-without-shebang /usr/lib/node_modules/uid-number/get-uid-gid.js
2 packages and 0 specfiles checked; 1 errors, 6 warnings.

script-without-shebang and file-size-mismatch will be solved later
All others are false positive.

MUST: The package must be named according to the Package Naming Guidelines. OK
MUST: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption. OK
MUST: The package must meet the Packaging Guidelines. OK
MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines.
MUST: The License field in the package spec file must match the actual license.

There is no license statement in the source tarball.
FIX: Use fresh tarball with LICENSE file
FIX: Change License from MIT to BSD, as it is in that LICENSE file

MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.

In tarball in SRPM is no LICENSE file, OK to not add it.
FIX: After using fresh tarball, don't forget to add it.

MUST: The spec file must be written in American English. OK
MUST: The spec file for the package MUST be legible. OK
MUST: The sources used to build the package must match the upstream source, as provided in the spec URL.

$ sha256sum ../SOURCES/uid-number-0.0.3.tgz 
27c86765f74658fb373b970684b1656c576006e694801fe5fa3f784cef59900b  ../SOURCES/uid-number-0.0.3.tgz
$ spectool -g nodejs-uid-number.spec 
Getting http://registry.npmjs.org/uid-number/-/uid-number-0.0.3.tgz to ./uid-number-0.0.3.tgz
$ sha256sum uid-number-0.0.3.tgz 
e8eab0de35bcb20a55f58a276b2f6cfe1c531fae5982d7a3af7286807dbbe42b  uid-number-0.0.3.tgz

Checksums don't match.

$ env LANG=C diff -ru package-*
Only in package-upstream: LICENCE
diff -ru package-srpm/package.json package-upstream/package.json
--- package-srpm/package.json	2012-03-27 09:14:47.000000000 +0200
+++ package-upstream/package.json	2012-06-04 06:03:15.000000000 +0200
@@ -13,5 +13,6 @@
   "optionalDependencies": {},
   "engines": {
     "node": "*"
-  }
+  },
+  "license": "BSD"
 }

This is the very same problem as in comment #1 - did you use the fresh tarball?

FIX: Use fresh tarball

MUST: The package MUST successfully compile and build into binary rpms on at least one primary architecture. OK
MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. OK, builds in mock
MUST: Packages must NOT bundle copies of system libraries. OK
MUST: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. OK
MUST: A Fedora package must not list a file more than once in the spec file's %files listings. OK
MUST: Permissions on files must be set properly.

$ rpm -q -lv -p ../RPMS/noarch/nodejs-uid-number-0.0.3-3.fc18.noarch.rpm 
drwxr-xr-x    2 root    root                        0 led 11 13:46 /usr/lib/node_modules/uid-number
-rwxr-xr-x    1 root    root                      644 úno 28  2012 /usr/lib/node_modules/uid-number/get-uid-gid.js
drwxr-xr-x    2 root    root                        0 led 11 13:46 /usr/lib/node_modules/uid-number/node_modules
-rw-r--r--    1 root    root                      420 bře 27  2012 /usr/lib/node_modules/uid-number/package.json
-rw-r--r--    1 root    root                     1691 bře 27  2012 /usr/lib/node_modules/uid-number/uid-number.js
drwxr-xr-x    2 root    root                        0 led 11 13:46 /usr/share/doc/nodejs-uid-number-0.0.3
-rw-r--r--    1 root    root                      345 úno 28  2012 /usr/share/doc/nodejs-uid-number-0.0.3/README.md

FIX: chmod -x get-uid-gid.js

MUST: Each package must consistently use macros. OK
MUST: The package must contain code, or permissable content. OK
MUST: If a package includes something as %doc, it must not affect the runtime of the application. OK
MUST: Packages must not own files or directories already owned by other packages. OK
MUST: All filenames in rpm packages must be valid UTF-8. OK

SHOULD: The reviewer should test that the package builds in mock. OK
SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself. OK

Please, use the fresh tarball and solve FIXes and consider solving the TODO.

Package NEEDSWORK.
Comment 4 T.C. Hollingsworth 2013-01-11 15:48:05 EST
Sorry, i forgot to `mv uid-number-0.0.3.tgz.1 uid-number-0.0.3.tgz`.  A LICENCE file is now included and the executable permissions on get-uid-gid.js have been removed.

Spec: http://patches.fedorapeople.org/npm/nodejs-uid-number.spec
SRPM: http://patches.fedorapeople.org/npm/nodejs-uid-number-0.0.3-4.fc17.src.rpm
Comment 5 Miro Hrončok 2013-01-11 17:48:35 EST
The SRPM looks like a renamed spec.

$ rpm --install nodejs-uid-number-0.0.3-4.fc17.src.rpm
error: nodejs-uid-number-0.0.3-4.fc17.src.rpm: not an rpm package (or package manifest): 
$ file nodejs-uid-number-0.0.3-4.fc17.src.rpm 
nodejs-uid-number-0.0.3-4.fc17.src.rpm: ASCII text
$ head nodejs-uid-number-0.0.3-4.fc17.src.rpm 
Name:       nodejs-uid-number
Version:    0.0.3
Release:    4%{?dist}
Summary:    Convert a username/group name to a UID/GID number
License:    BSD
Group:      System Environment/Libraries
URL:        https://github.com/isaacs/uid-number
Source0:    http://registry.npmjs.org/uid-number/-/uid-number-%{version}.tgz
BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch:  noarch
Comment 7 Miro Hrončok 2013-01-13 10:52:43 EST
MUST: rpmlint must be run on the source rpm and all binary rpms the build produces. The output should be posted in the review.

$ rpmlint ../SRPMS/nodejs-uid-number-0.0.3-4.fc18.src.rpm ../RPMS/noarch/nodejs-uid-number-0.0.3-4.fc18.noarch.rpm
nodejs-uid-number.src: W: spelling-error Summary(en_US) username -> user name, user-name, surname
nodejs-uid-number.src: W: spelling-error %description -l en_US username -> user name, user-name, surname
nodejs-uid-number.noarch: W: spelling-error Summary(en_US) username -> user name, user-name, surname
nodejs-uid-number.noarch: W: spelling-error %description -l en_US username -> user name, user-name, surname
nodejs-uid-number.noarch: W: only-non-binary-in-usr-lib
2 packages and 0 specfiles checked; 0 errors, 5 warnings.

All false positives.

MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines. OK
MUST: The License field in the package spec file must match the actual license.

Checked in LICENSE file, BSD. OK

MUST: The sources used to build the package must match the upstream source, as provided in the spec URL.

$ sha256sum ../SOURCES/uid-number-0.0.3.tgz 
e8eab0de35bcb20a55f58a276b2f6cfe1c531fae5982d7a3af7286807dbbe42b  ../SOURCES/uid-number-0.0.3.tgz
$ spectool -g nodejs-uid-number.spec 
Getting http://registry.npmjs.org/uid-number/-/uid-number-0.0.3.tgz to ./uid-$ sha256sum uid-number-0.0.3.tgz 
e8eab0de35bcb20a55f58a276b2f6cfe1c531fae5982d7a3af7286807dbbe42b  uid-number-0.0.3.tgz

OK

MUST: Permissions on files must be set properly.

$ rpm -q -lv -p ../RPMS/noarch/nodejs-uid-number-0.0.3-4.fc18.noarch.rpm 
drwxr-xr-x    2 root    root                        0 led 13 16:47 /usr/lib/node_modules/uid-number
-rw-r--r--    1 root    root                      644 úno 28  2012 /usr/lib/node_modules/uid-number/get-uid-gid.js
drwxr-xr-x    2 root    root                        0 led 13 16:47 /usr/lib/node_modules/uid-number/node_modules
-rw-r--r--    1 root    root                      440 čen  4  2012 /usr/lib/node_modules/uid-number/package.json
-rw-r--r--    1 root    root                     1691 bře 27  2012 /usr/lib/node_modules/uid-number/uid-number.js
drwxr-xr-x    2 root    root                        0 led 13 16:47 /usr/share/doc/nodejs-uid-number-0.0.3
-rw-r--r--    1 root    root                     1318 čen  4  2012 /usr/share/doc/nodejs-uid-number-0.0.3/LICENCE
-rw-r--r--    1 root    root                      345 úno 28  2012 /usr/share/doc/nodejs-uid-number-0.0.3/README.md

OK

TODO: Description might be longer.

Package APPROVED.
Comment 8 T.C. Hollingsworth 2013-01-13 16:39:00 EST
New Package SCM Request
=======================
Package Name: nodejs-uid-number
Short Description: Convert a username/group to a UID/GID number
Owners: patches
Branches: f18 el6
InitialCC:
Comment 9 Jon Ciesla 2013-01-14 07:29:09 EST
Git done (by process-git-requests).
Comment 10 Fedora Update System 2013-04-05 19:15:23 EDT
node-gyp-0.9.1-2.fc18, nodejs-async-0.2.6-1.fc18, nodejs-chmodr-0.1.0-2.fc18, nodejs-fstream-npm-0.1.4-1.fc18, nodejs-glob-3.1.21-1.fc18, nodejs-minimatch-0.2.11-1.fc18, nodejs-mkdirp-0.3.5-1.fc18, nodejs-npm-registry-client-0.2.18-2.fc18, nodejs-read-package-json-0.2.2-1.fc18, nodejs-request-2.14.0-1.fc18, nodejs-semver-1.1.4-1.fc18, npm-1.2.14-2.fc18, nodejs-abbrev-1.0.4-2.fc18, nodejs-ansi-0.1.2-4.fc18, nodejs-inherits-1.0.0-6.fc18, nodejs-mute-stream-0.0.3-3.fc18, nodejs-read-1.0.4-4.fc18, nodejs-retry-0.6.0-2.fc18, nodejs-slide-1.1.3-4.fc18, nodejs-uid-number-0.0.3-4.fc18, nodejs-sigmund-1.0.0-2.fc18, nodejs-osenv-0.0.3-2.fc18, nodejs-init-package-json-0.0.7-3.fc18, nodejs-delayed-stream-0.0.5-2.fc18, nodejs-proto-list-1.2.2-2.fc18, nodejs-which-1.0.5-4.fc18, nodejs-chownr-0.0.1-6.fc18, nodejs-opts-1.2.2-2.fc18, nodejs-once-1.1.1-2.fc18, nodejs-couch-login-0.1.15-2.fc18, nodejs-archy-0.0.2-5.fc18, nodejs-block-stream-0.0.6-4.fc18, nodejs-npmlog-0.0.2-2.fc18, nodejs-opener-1.3.0-4.fc18, nodejs-tobi-cookie-0.3.2-2.fc18, nodejs-promzard-0.2.0-3.fc18, nodejs-combined-stream-0.0.4-1.fc18, nodejs-config-chain-1.1.5-1.fc18, nodejs-fstream-0.1.22-1.fc18, nodejs-fstream-ignore-0.0.6-1.fc18, nodejs-graceful-fs-1.2.0-1.fc18, nodejs-ini-1.1.0-1.fc18, nodejs-lockfile-0.3.0-1.fc18, nodejs-lru-cache-2.2.2-1.fc18, nodejs-mime-1.2.9-1.fc18, nodejs-nopt-2.1.1-1.fc18, nodejs-npmconf-0.0.23-1.fc18, nodejs-read-installed-0.1.1-1.fc18, nodejs-rimraf-2.1.4-1.fc18, nodejs-tar-0.1.16-1.fc18, nodejs-form-data-0.0.7-1.fc18 has been pushed to the Fedora 18 stable repository.