Bug 1190740 - Review Request: mycila-xmltool - simple library to do common operations on xml
Summary: Review Request: mycila-xmltool - simple library to do common operations on xml
Keywords:
Status: ASSIGNED
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Mat Booth
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On: 1190735
Blocks: FE-JAVASIG 1190746
TreeView+ depends on / blocked
 
Reported: 2015-02-09 14:51 UTC by zzambers
Modified: 2018-08-18 11:26 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
msimacek: fedora-review?


Attachments (Terms of Use)

Description zzambers 2015-02-09 14:51:01 UTC
Spec URL: http://www.zkusebnidomena.czweb.org/rpms/mycila-xmltool/mycila-xmltool.spec
SRPM URL: http://www.zkusebnidomena.czweb.org/rpms/mycila-xmltool/mycila-xmltool-4.2.ga-1.fc22.src.rpm
Description: 
Simple Java library to do common operations with an XML document.
It is optional build dependency of elasticsearch.

Comment 1 Guido Grazioli 2015-02-26 03:21:50 UTC
https://admin.fedoraproject.org/pkgdb/package/xmltool/

Comment 2 zzambers 2015-02-27 11:41:19 UTC
hello,
I looked at the package you posted, you are right, but artifactId and groupId in pom.xml have changed since then. I have downloaded sources (using fedpkg) of newest version of that package (3.3) and artifactId in pom is "xmltool", but current version of that library uses artifactId "mycila-xmltool" and groupId has changed from "com.mycila.xmltool" to "com.mycila". I am not sure if updating of existing package or creating new package is better solution in this case.

But in case of new package I think name "mycila-xmltool" would make more sense because it is same as artifactId and also new web page of that library names it "Mycila XML Tool" : http://code.mycila.com/xmltool/

Comment 3 Guido Grazioli 2015-02-27 12:29:42 UTC
aargh; they did change groupId and artifactId so many times, even while i was maintaining both packages (they were optional dependencies of objenesis).

Anyway, I think it would be better to go ahead with your two reviews, then obsolete the two older packages (I did not update for very long time and are outdated both for java packaging guidelines and release version) when your packages are deployed. About the naming, up to you.

Maybe give a peek at how the naming/obsolete/provide thing was handled at the time all the jakarta-* packages were renamed to apache-*

Comment 4 Sopot Cela 2016-05-23 11:12:28 UTC
This version of pom builds for rawhide with latest upstream version:

Spec URL: https://sopotc.fedorapeople.org/mycilla-xmltool/mycila-pom.spec
SRPM URL: https://sopotc.fedorapeople.org/mycilla-xmltool/mycila-xmltool-4.4.ga-1.fc24.src.rpm

Comment 5 Sopot Cela 2016-05-23 11:20:09 UTC
There was a paste error in the previous comment. These urls are the latest and greatest:

Spec URL: https://sopotc.fedorapeople.org/mycilla-xmltool/mycila-xmltool.spec
SRPM URL: https://sopotc.fedorapeople.org/mycilla-xmltool/mycila-xmltool-4.4.ga-1.fc24.src.rpm

Comment 6 Michael Simacek 2016-06-06 12:16:54 UTC
Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed


Issues
------
- Group tags are obsolete - remove them.
- License tag is incorrect.
- I don't see any MIT in the source code. Why do you think it should be
  there?
- No license file. Both ASL 2.0 and MIT require the license file to be
  shipped with the source.
- %pom_xpath_remove pom:project/pom:build/pom:plugins/pom:plugin/pom:configuration
  This looks a bit dangerous as it will delete any configuration of any
  plugin that might appear there in the future.
  I'd suggest using this instead (untested):
  %pom_xpath_remove pom:useDefaultManifestFile
- It's a package rename - therefore it should have proper provides and
  obsoletes.
- Please unify whitespace. Currently there is a mix of spaces and tabs
  that looks horrible when opened in editor with different configuration
  than yours.
- Javadoc %description should refer to %{name}, not %{summary}.
  So it should be: This package provides javadoc for %{name}.
- Please don't declare variables for every name component, they just
  make the spec less readable (i.e. get rid of the two globals)
- Changelog entry doesn't correspond to the current version.
- Requires on java-headless are unnecessary, they should be generated by
  the tooling automatically.
- Test failures - did you investigate why they fail. Have you tried just
  disabling particular failing test instead of the whole suite?
- You have runtime dependency on junit, because you're missing the test
  scope. I'd suggest using %pom_change_dep macro instead of removing and
  adding, because it avoids exactly this kind of errors.
- Executable readme.

===== MUST items =====

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %license.
[!]: License field in the package spec file matches the actual license.
     Note: There is no build directory. Running licensecheck on vanilla
     upstream sources. No licenses found. Please check the source files for
     licenses manually.
[!]: License file installed when any subpackage combination is installed.
[x]: Package contains no bundled libraries without FPC exception.
[!]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[x]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
     names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[!]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[!]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[x]: Package contains systemd file(s) if in need.
[x]: Package is not known to require an ExcludeArch tag.
[x]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 30720 bytes in 1 files.
[?]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: All build dependencies are listed in BuildRequires, except for any
     that are listed in the exceptions section of Packaging Guidelines.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

Java:
[x]: Bundled jar/class files should be removed before build
     Note: Can't find any BUILD directory (--prebuilt option?)
[x]: Packages have proper BuildRequires/Requires on jpackage-utils
     Note: Maven packages do not need to (Build)Require jpackage-utils. It
     is pulled in by maven-local
[x]: Javadoc documentation files are generated and included in -javadoc
     subpackage
[x]: Javadoc subpackages should not have Requires: jpackage-utils
[x]: Javadocs are placed in %{_javadocdir}/%{name} (no -%{version} symlink)

Maven:
[x]: If package contains pom.xml files install it (including metadata) even
     when building with ant
[x]: POM files have correct Maven mapping
[x]: Maven packages should use new style packaging
[x]: Old add_to_maven_depmap macro is not being used
[x]: Packages DO NOT have Requires(post) and Requires(postun) on jpackage-
     utils for %update_maven_depmap macro
[x]: Package DOES NOT use %update_maven_depmap in %post/%postun
[x]: Packages use .mfiles file list instead of %{_datadir}/maven2/poms

===== SHOULD items =====

Generic:
[!]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[!]: Final provides and requires are sane (see attachments).
[x]: Fully versioned dependency in subpackages if applicable.
     Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in mycila-
     xmltool-javadoc
[?]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[x]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[?]: Package should compile and build into binary rpms on all supported
     architectures.
[-]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
     files.
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

Java:
[x]: Package uses upstream build method (ant/maven/etc.)
[x]: Packages are noarch unless they use JNI

===== EXTRA items =====

Generic:
[!]: Spec file according to URL is the same as in SRPM.
     Note: Spec file as given by url is not the same as in SRPM (see
     attached diff).
     See: (this test has no URL)
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).


Rpmlint
-------
Checking: mycila-xmltool-4.4.ga-1.fc25.noarch.rpm
          mycila-xmltool-javadoc-4.4.ga-1.fc25.noarch.rpm
          mycila-xmltool-4.4.ga-1.fc25.src.rpm
mycila-xmltool.noarch: W: spelling-error %description -l en_US scrash -> crash, s crash, rash
mycila-xmltool.noarch: W: spelling-error %description -l en_US namespaces -> name spaces, name-spaces, names paces
mycila-xmltool.noarch: W: spelling-error %description -l en_US XPath -> X Path, Path
mycila-xmltool.noarch: W: spelling-error %description -l en_US schemas -> schema, sachems, schemes
mycila-xmltool.noarch: W: spelling-error %description -l en_US namspaces -> backspaces
mycila-xmltool.noarch: W: spelling-error %description -l en_US namespace -> name space, name-space, names pace
mycila-xmltool.noarch: E: description-line-too-long C  *  Navigate into the document with shortcuts and XPath (note: XPath supports namespaces)
mycila-xmltool.noarch: W: incoherent-version-in-changelog 4.2.ga-1 ['4.4.ga-1.fc25', '4.4.ga-1']
mycila-xmltool.noarch: W: invalid-license ASL 2.0 MIT
mycila-xmltool.noarch: W: spurious-executable-perm /usr/share/doc/mycila-xmltool/README.md
mycila-xmltool-javadoc.noarch: W: invalid-license ASL 2.0 MIT
mycila-xmltool-javadoc.noarch: W: spurious-executable-perm /usr/share/doc/mycila-xmltool-javadoc/README.md
mycila-xmltool.src: W: spelling-error %description -l en_US scrash -> crash, s crash, rash
mycila-xmltool.src: W: spelling-error %description -l en_US namespaces -> name spaces, name-spaces, names paces
mycila-xmltool.src: W: spelling-error %description -l en_US XPath -> X Path, Path
mycila-xmltool.src: W: spelling-error %description -l en_US schemas -> schema, sachems, schemes
mycila-xmltool.src: W: spelling-error %description -l en_US namspaces -> backspaces
mycila-xmltool.src: W: spelling-error %description -l en_US namespace -> name space, name-space, names pace
mycila-xmltool.src: E: description-line-too-long C  *  Navigate into the document with shortcuts and XPath (note: XPath supports namespaces)
mycila-xmltool.src: W: invalid-license ASL 2.0 MIT
mycila-xmltool.src:3: W: mixed-use-of-spaces-and-tabs (spaces: line 3, tab: line 1)
3 packages and 0 specfiles checked; 2 errors, 19 warnings.




Rpmlint (installed packages)
----------------------------
sh: /usr/bin/python: No such file or directory
mycila-xmltool-javadoc.noarch: W: invalid-license ASL 2.0 MIT
mycila-xmltool-javadoc.noarch: W: spurious-executable-perm /usr/share/doc/mycila-xmltool-javadoc/README.md
mycila-xmltool.noarch: W: spelling-error %description -l en_US scrash -> crash, s crash, rash
mycila-xmltool.noarch: W: spelling-error %description -l en_US namespaces -> name spaces, name-spaces, names paces
mycila-xmltool.noarch: W: spelling-error %description -l en_US XPath -> X Path, Path
mycila-xmltool.noarch: W: spelling-error %description -l en_US schemas -> schema, sachems, schemes
mycila-xmltool.noarch: W: spelling-error %description -l en_US namspaces -> backspaces
mycila-xmltool.noarch: W: spelling-error %description -l en_US namespace -> name space, name-space, names pace
mycila-xmltool.noarch: E: description-line-too-long C  *  Navigate into the document with shortcuts and XPath (note: XPath supports namespaces)
mycila-xmltool.noarch: W: incoherent-version-in-changelog 4.2.ga-1 ['4.4.ga-1.fc25', '4.4.ga-1']
mycila-xmltool.noarch: W: invalid-license ASL 2.0 MIT
mycila-xmltool.noarch: W: spurious-executable-perm /usr/share/doc/mycila-xmltool/README.md
2 packages and 0 specfiles checked; 1 errors, 11 warnings.



Diff spec file in url and in SRPM
---------------------------------
--- /home/msimacek/reviews/1190740-mycila-xmltool/srpm/mycila-xmltool.spec	2016-06-06 13:26:02.329911958 +0200
+++ /home/msimacek/reviews/1190740-mycila-xmltool/srpm-unpacked/mycila-xmltool.spec	2016-05-23 13:07:52.000000000 +0200
@@ -67,4 +67,4 @@
 
 %changelog	
-* Tue Feb 03 2015 Zdenek Zambersky <zzambers@redhat.com> 4.4.ga-1
+* Tue Feb 03 2015 Zdenek Zambersky <zzambers@redhat.com> 4.2.ga-1
 - initial rpm


Requires
--------
mycila-xmltool-javadoc (rpmlib, GLIBC filtered):
    javapackages-tools

mycila-xmltool (rpmlib, GLIBC filtered):
    java-headless
    javapackages-tools
    mvn(junit:junit)
    mvn(org.apache.commons:commons-pool2)



Provides
--------
mycila-xmltool-javadoc:
    mycila-xmltool-javadoc

mycila-xmltool:
    mvn(com.mycila:mycila-xmltool)
    mvn(com.mycila:mycila-xmltool:pom:)
    mycila-xmltool



Source checksums
----------------
https://github.com/mycila/xmltool/archive/mycila-xmltool-4.4.ga.tar.gz :
  CHECKSUM(SHA256) this package     : cf234cb984a710dfddcab69a1a77e85a11d207939c6dcf1743d43c63d6907a2e
  CHECKSUM(SHA256) upstream package : cf234cb984a710dfddcab69a1a77e85a11d207939c6dcf1743d43c63d6907a2e


Generated by fedora-review 0.6.1 (f03e4e7) last change: 2016-05-02
Command line :/usr/bin/fedora-review -b 1190740
Buildroot used: fedora-rawhide-x86_64
Active plugins: Generic, Shell-api, Java
Disabled plugins: C/C++, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP
Disabled flags: EXARCH, DISTTAG, EPEL5, BATCH, EPEL6

Comment 7 Michael Simacek 2016-07-11 13:06:19 UTC
Any progress on this?

Comment 8 Sopot Cela 2016-07-11 15:17:23 UTC
No progress was made from my side. Assigning to Mat since I will not be able to spend time on this.


Note You need to log in before you can comment on or make changes to this bug.