Bug 985622

Summary: Review Request: rubygem-safe_yaml - Parse YAML safely
Product: [Fedora] Fedora Reporter: Troy Dawson <tdawson>
Component: Package ReviewAssignee: Josef Stribny <jstribny>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: hhorak, jstribny, notting, package-review
Target Milestone: ---Flags: jstribny: fedora-review+
gwync: fedora-cvs+
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: rubygem-safe_yaml-0.9.4-2.fc19 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-08-10 12:40:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Troy Dawson 2013-07-17 22:44:20 UTC
Spec URL: http://tdawson.fedorapeople.org/review/rubygem-safe_yaml.spec
SRPM URL: http://tdawson.fedorapeople.org/review/rubygem-safe_yaml-0.9.4-1.fc20.src.rpm
Description: 
The SafeYAML gem provides an alternative implementation of 
YAML.load suitable for accepting user input in Ruby applications. 
Unlike Ruby's built-in implementation of YAML.load, SafeYAML's 
version will not expose apps to arbitrary code execution exploits.

Fedora Account System Username: tdawson

Comment 1 Troy Dawson 2013-07-17 22:45:49 UTC
rpmlint output:
$ rpmlint rubygem-safe_yaml.spec /home/quake/rpmbuild/SRPMS/rubygem-safe_yaml-0.9.4-1.fc20.src.rpm /home/quake/rpmbuild/RPMS/noarch/rubygem-safe_yaml-0.9.4-1.fc20.noarch.rpm /home/quake/rpmbuild/RPMS/noarch/rubygem-safe_yaml-doc-0.9.4-1.fc20.noarch.rpm
rubygem-safe_yaml-doc.noarch: W: spelling-error Summary(en_US) yaml -> yam, yams, yawl
rubygem-safe_yaml-doc.noarch: W: spelling-error %description -l en_US yaml -> yam, yams, yawl
3 packages and 1 specfiles checked; 0 errors, 2 warnings.

(Not much I can do when the spell checker doesn't like yaml)

Comment 2 Josef Stribny 2013-07-22 12:39:10 UTC
* I understand that specs cannot be run at the moment, but perhaps would be
  better to fix the spec file in the way that it could run them when the deps
  are fulfilled.

  That probably requires running the specs in the right directory:

  pushd .%{gem_instdir}
  rspec -Ilib spec
  popd

  and requiring RSpec as BuildRequires:

  BuildRequires: rubygem(rspec)

  (both within your 0%{?enable_tests} condition).


Otherwise the spec matches the guidelines, rpmlint doesn't complain, package builds, installs and runs fine so I am APPROVING. Please, fix the issue above (or delete the conditions whatsoever) before pushing it and don't forget to bump the release. Thank you.

Comment 3 Troy Dawson 2013-07-22 14:19:52 UTC
Spec URL: http://tdawson.fedorapeople.org/review/rubygem-safe_yaml.spec
SRPM URL: http://tdawson.fedorapeople.org/review/rubygem-safe_yaml-0.9.4-2.fc19.src.rpm

- Updated BuildRequires (in 0%{?enable_tests} condition)
-- now has BuildRequires: rubygem(rspec)
- Update %check (in 0%{?enable_tests} condition)
-- Now does pushd / popd to correct directory for testing

Thanks for these comments.  You are correct, if I'm going to put that condition in, so we can easily do the tests when the requirements are there, I should get it correct.

Comment 4 Troy Dawson 2013-07-29 19:32:03 UTC
New Package SCM Request
=======================
Package Name: rubygem-safe_yaml
Short Description: Parse YAML safely
Owners: tdawson
Branches: f18 f19 el6
InitialCC:

Comment 5 Gwyn Ciesla 2013-07-29 20:12:19 UTC
Git done (by process-git-requests).

Comment 6 Fedora Update System 2013-07-29 21:56:35 UTC
rubygem-safe_yaml-0.9.4-2.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/rubygem-safe_yaml-0.9.4-2.fc19

Comment 7 Fedora Update System 2013-08-02 03:27:50 UTC
rubygem-safe_yaml-0.9.4-2.fc19 has been pushed to the Fedora 19 testing repository.

Comment 8 Fedora Update System 2013-08-10 12:40:08 UTC
rubygem-safe_yaml-0.9.4-2.fc19 has been pushed to the Fedora 19 stable repository.