Bug 1298269 - Review Request: nodejs-spdx-expression-parse - Parse SPDX license expressions
Review Request: nodejs-spdx-expression-parse - Parse SPDX license expressions
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jared Smith
Fedora Extras Quality Assurance
Depends On:
Blocks: nodejs-reviews 1298301 1298310
  Show dependency treegraph
Reported: 2016-01-13 11:07 EST by Stephen Gallagher
Modified: 2016-01-13 16:27 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-01-13 16:27:53 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
jsmith.fedora: fedora‑review+

Attachments (Terms of Use)

  None (edit)
Comment 1 Jared Smith 2016-01-13 12:01:03 EST
Package Review

[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed

Package is approved.  (Please adjust the permissions on the spec file before committing to git.)

===== MUST items =====

[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
[x]: License field in the package spec file matches the actual license.
[-]: If the package is under multiple licenses, the licensing breakdown
     must be documented in the spec.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[-]: Package is not known to require an ExcludeArch tag.
[-]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 10240 bytes in 1 files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: All build dependencies are listed in BuildRequires, except for any
     that are listed in the exceptions section of Packaging Guidelines.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

===== SHOULD items =====

[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[-]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
[x]: Sources can be downloaded from URI in Source: tag
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: SourceX is a working URL.
[x]: Package should compile and build into binary rpms on all supported
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).
[x]: Spec file according to URL is the same as in SRPM.

Checking: nodejs-spdx-expression-parse-1.0.2-2.fc24.noarch.rpm
nodejs-spdx-expression-parse.noarch: W: only-non-binary-in-usr-lib
nodejs-spdx-expression-parse.noarch: W: dangling-symlink /usr/lib/node_modules/spdx-expression-parse/node_modules/spdx-license-ids /usr/lib/node_modules/spdx-license-ids
nodejs-spdx-expression-parse.noarch: W: dangling-symlink /usr/lib/node_modules/spdx-expression-parse/node_modules/spdx-exceptions /usr/lib/node_modules/spdx-exceptions
nodejs-spdx-expression-parse.src: W: strange-permission nodejs-spdx-expression-parse.spec 640
nodejs-spdx-expression-parse.src:58: W: macro-in-comment %nodejs_symlink_deps
2 packages and 0 specfiles checked; 0 errors, 5 warnings.

Rpmlint (installed packages)
sh: /usr/bin/python: No such file or directory
nodejs-spdx-expression-parse.noarch: W: only-non-binary-in-usr-lib
nodejs-spdx-expression-parse.noarch: W: dangling-symlink /usr/lib/node_modules/spdx-expression-parse/node_modules/spdx-exceptions /usr/lib/node_modules/spdx-exceptions
nodejs-spdx-expression-parse.noarch: W: dangling-symlink /usr/lib/node_modules/spdx-expression-parse/node_modules/spdx-license-ids /usr/lib/node_modules/spdx-license-ids
1 packages and 0 specfiles checked; 0 errors, 3 warnings.

nodejs-spdx-expression-parse (rpmlib, GLIBC filtered):


Source checksums
https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz :
  CHECKSUM(SHA256) this package     : 99443d092d03385f1375a16bd82d192a712feb745b7bf2c7b1ef8103ab934e21
  CHECKSUM(SHA256) upstream package : 99443d092d03385f1375a16bd82d192a712feb745b7bf2c7b1ef8103ab934e21
https://raw.githubusercontent.com/kemitchell/spdx-expression-parse.js/v1.0.2/generate-parser.js :
  CHECKSUM(SHA256) this package     : 358d9820ff56f405774a94d3b3f5fc3020d05513cba66b0d6c02f693a5ed6d11
  CHECKSUM(SHA256) upstream package : 358d9820ff56f405774a94d3b3f5fc3020d05513cba66b0d6c02f693a5ed6d11

Generated by fedora-review 0.6.0 (3c5c9d7) last change: 2015-05-20
Command line :/usr/bin/fedora-review -b 1298269
Buildroot used: fedora-rawhide-x86_64
Active plugins: Generic, Shell-api
Disabled plugins: Java, C/C++, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP, Ruby
Comment 2 Gwyn Ciesla 2016-01-13 13:16:56 EST
Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/nodejs-spdx-expression-parse

Note You need to log in before you can comment on or make changes to this bug.