Bug 966201

Hi David.

- If your package is "just" for Fedora/EPEL6, you don't need of

  rm -rf %{buildroot}

  entire %clean section (http://fedoraproject.org/wiki/Packaging:Guidelines#.25clean)

  %defattr(-,root,root,-)
(http://fedoraproject.org/wiki/Packaging:Guidelines#File_Permissions)

- In the %file section (and in the %description) , the macro %{name} use is most appropriate.

- README file says

> `tnftp' is a `port' of the NetBSD FTP client to other systems.
> See http://www.NetBSD.org/ for more details about NetBSD.
  
I think http://www.NetBSD.org/  is fitting as URL:, maybe also with a comment about why.

Thanks for the feedback.  I made the changes you suggested.  I am only intending this package for rawhide now and EPEL-6.  I'll let it get picked up starting with F-20.

Spec URL: http://dcantrel.fedorapeople.org/tnftp.spec
SRPM URL: http://dcantrel.fedorapeople.org/tnftp-20130505-1.el6.src.rpm

- As I already said, rm -rf %{buildroot} is not necessary for Fedora and EPEL6.

- Remember to update the changelog at every change.
http://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs

- You should include ChangeLog in %doc line.

- I think you should add the ISC license together BSD
https://fedoraproject.org/wiki/Packaging:LicensingGuidelines?rd=Packaging/LicensingGuidelines#Mixed_Source_Licensing_Scenario

Some source files are licensed as 

> $ licensecheck -r * | grep ISC
>libnetbsd/inet_pton.c: ISC
>libnetbsd/strlcpy.c: ISC
>libnetbsd/strlcat.c: ISC
>libnetbsd/inet_ntop.c: ISC

(In reply to Antonio Trande from comment #3)
> - As I already said, rm -rf %{buildroot} is not necessary for Fedora and
> EPEL6.

My mistake, I thought you only meant removing the %clean section.  I've removed this remaining rm statement.

> - Remember to update the changelog at every change.
> http://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs

I will once it's incorporated as a package.  During the review phase, I see no point because there are no releases yet.  It's starting new and fresh and for those wanting to see the backstory of how it became to be a release 1 package, they can refer to this package review bug which is referenced in the first entry in the spec file changelog.

> - You should include ChangeLog in %doc line.

Done.

> - I think you should add the ISC license together BSD
> https://fedoraproject.org/wiki/Packaging:LicensingGuidelines?rd=Packaging/
> LicensingGuidelines#Mixed_Source_Licensing_Scenario
> 
> Some source files are licensed as 
> 
> > $ licensecheck -r * | grep ISC
> >libnetbsd/inet_pton.c: ISC
> >libnetbsd/strlcpy.c: ISC
> >libnetbsd/strlcat.c: ISC
> >libnetbsd/inet_ntop.c: ISC

So, like: "BSD and ISC" ?

That's what I did.  New copies uploaded:

Spec URL: http://dcantrel.fedorapeople.org/tnftp.spec
SRPM URL: http://dcantrel.fedorapeople.org/tnftp-20130505-1.el6.src.rpm

Thanks!

Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed



===== MUST items =====

C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[x]: Package does not contain any libtool archives (.la)
[x]: Rpath absent or only used for internal libs.

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: %build honors applicable compiler flags or justifies otherwise.
[-]: Package contains no bundled libraries without FPC exception.
[!]: Changelog in prescribed format.

The Packaging Guidelines (http://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs) are clear:

> Changelog entries should provide a brief summary of the changes done to the 
> package between releases, 
> including noting updating to a new version, adding a patch, fixing other spec > sections,
> note bugs fixed, and CVE's if any. They must never simply contain an entire 
> copy of the source CHANGELOG entries. 
> The intent is to give the user a hint as to 
> what changed in a package update without overwhelming them with the technical > details.

Please, update it with all corrections. ;)

[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[-]: Package requires other packages for directories it uses.
[-]: Package uses nothing in %doc for runtime.
[x]: Package is not known to require ExcludeArch.
[x]: Package complies to the Packaging Guidelines
[x]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses found:
     "BSD (3 clause)", "BSD (2 clause)", "GPL (v2 or later)", "Unknown or
     generated", "ISC". 4 files have unknown license. Detailed output of
     licensecheck in /home/sagitter/966201-tnftp/licensecheck.txt
[x]: Package consistently uses macro is (instead of hard-coded directory
     names).
[-]: If the package is under multiple licenses, the licensing breakdown must
     be documented in the spec.
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Useful -debuginfo package or justification otherwise.
[-]: Large documentation must go in a -doc subpackage.
     Note: Documentation size is 81920 bytes in 5 files.
[x]: All build dependencies are listed in BuildRequires, except for any that
     are listed in the exceptions section of Packaging Guidelines.
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Each %files section contains %defattr if rpm < 4.4
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Fully versioned dependency in subpackages, if present.
[x]: If (and only if) the source package includes the text of the license(s)
     in its own file, then that file, containing the text of the license(s)
     for the package is included in %doc.
[x]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package do not use a name that already exist
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as provided
     in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local
[x]: Package successfully compiles and builds into binary rpms on at least one
     supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).

===== SHOULD items =====

Generic:
[-]: If the source package does not include license text(s) as a separate file
     from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
     architectures.
[-]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed files.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: Dist tag is present.
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Uses parallel make.
[x]: SourceX tarball generation or download is documented.
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define.

===== EXTRA items =====

Generic:
[x]: Large data in /usr/share should live in a noarch subpackage if package is
     arched.
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).
[x]: Spec file according to URL is the same as in SRPM.


Rpmlint
-------
Checking: tnftp-20130505-1.fc20.x86_64.rpm
tnftp.x86_64: W: spelling-error %description -l en_US netkit -> net kit, net-kit, Nettie
tnftp.x86_64: W: spelling-error %description -l en_US lukemftp -> lukewarm
1 packages and 0 specfiles checked; 0 errors, 2 warnings.




Rpmlint (installed packages)
----------------------------
# rpmlint tnftp
tnftp.x86_64: W: spelling-error %description -l en_US netkit -> net kit, net-kit, Nettie
tnftp.x86_64: W: spelling-error %description -l en_US lukemftp -> lukewarm
1 packages and 0 specfiles checked; 0 errors, 2 warnings.
# echo 'rpmlint-done:'



Requires
--------
tnftp (rpmlib, GLIBC filtered):
    libc.so.6()(64bit)
    libcrypto.so.10()(64bit)
    libcrypto.so.10(libcrypto.so.10)(64bit)
    libssl.so.10()(64bit)
    libssl.so.10(libssl.so.10)(64bit)
    libtinfo.so.5()(64bit)
    rtld(GNU_HASH)



Provides
--------
tnftp:
    tnftp
    tnftp(x86-64)



Source checksums
----------------
ftp://ftp.netbsd.org/pub/NetBSD/misc/tnftp/tnftp-20130505.tar.gz :
  CHECKSUM(SHA256) this package     : 6f650e25f6fd51538f677b789b49379f367ae9f1dee74c94cfe24d92abc2cffb
  CHECKSUM(SHA256) upstream package : 6f650e25f6fd51538f677b789b49379f367ae9f1dee74c94cfe24d92abc2cffb


Generated by fedora-review 0.4.1 (b2e211f) last change: 2013-04-29
Buildroot used: fedora-rawhide-x86_64
Command line :/usr/bin/fedora-review -m fedora-rawhide-x86_64 -b 966201

(In reply to Antonio Trande from comment #5)
 exception.
> [!]: Changelog in prescribed format.
> 
> The Packaging Guidelines
> (http://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs) are clear:
> 
> > Changelog entries should provide a brief summary of the changes done to the 
> > package between releases, 
> > including noting updating to a new version, adding a patch, fixing other spec > sections,
> > note bugs fixed, and CVE's if any. They must never simply contain an entire 
> > copy of the source CHANGELOG entries. 
> > The intent is to give the user a hint as to 
> > what changed in a package update without overwhelming them with the technical > details.

This is for general packaging, not the package review process.  Packages that are part of the distribution must conform to these changelog guidelines.  But we're not there yet.  We are working up to the "initial package" state.  This package is not yet in Fedora so it has no history yet it needs to be compared with.

Furthermore, the package review guidelines make no mention of the changelog:
http://fedoraproject.org/wiki/Packaging:ReviewGuidelines

There's nothing that says I *can't* list these changes in the changelog now, but I really see no point.  What's going on right now is that you and I are reviewing the package for inclusion in Fedora.  The very first time other Fedora users will see it is after we get through this process.  At that point it will be their first view of the package in the distribution.  Release number 1.  Subsequent updates to the package at that point warrant a changelog entry, but not now.  There's no reason.

This is _explicitly_ written here:
https://fedoraproject.org/wiki/Packaging:FrequentlyMadeMistakes]

Increase the "Release" tag every time you upload a new package to avoid confusion. The reviewer and other interested parties probably still have older versions of your SRPM lying around to check what has changed between the old and new packages; those get confused when the revision didn't change.

And increasing release number means corresponding changelog must appear.

My point has been missed and I really don't care to continue to try to explain it.  I would really just like to have tnftp available to me in Fedora and EPEL.  Here is the most recent revision, all changelog'ed up:

http://dcantrel.fedorapeople.org/tnftp.spec
http://dcantrel.fedorapeople.org/tnftp-20130505-4.el6.src.rpm

Thanks.

Package approved !

New Package SCM Request
=======================
Package Name: tnftp
Short Description: FTP (File Transfer Protocol) client from NetBSD
Owners: dcantrel
Branches: f19 el6
InitialCC:

Git done (by process-git-requests).

tnftp-20130505-4.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/tnftp-20130505-4.fc19

tnftp-20130505-4.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/tnftp-20130505-4.el6

tnftp-20130505-4.el6 has been pushed to the Fedora EPEL 6 testing repository.

tnftp-20130505-4.fc19 has been pushed to the Fedora 19 stable repository.

tnftp-20130505-4.el6 has been pushed to the Fedora EPEL 6 stable repository.

Package Change Request
======================
Package Name: tnftp
New Branches: epel7
Owners: dcantrel
InitialCC: 

Please create an EPEL-7 branch for tnftp so I can make this package available to RHEL-7 users.

Git done (by process-git-requests).