Bug 1298978 - Review Request: nodejs-read-package-tree - npm's package tree parser
Review Request: nodejs-read-package-tree - npm's package tree parser
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jared Smith
Fedora Extras Quality Assurance
:
Depends On:
Blocks: nodejs-reviews
  Show dependency treegraph
 
Reported: 2016-01-15 10:20 EST by Stephen Gallagher
Modified: 2016-02-23 09:50 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-02-23 09:50:08 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
jsmith.fedora: fedora‑review+


Attachments (Terms of Use)

  None (edit)
Description Stephen Gallagher 2016-01-15 10:20:07 EST
Spec URL: https://sgallagh.fedorapeople.org/packagereview/nodejs-read-package-tree/nodejs-read-package-tree.spec
SRPM URL: https://sgallagh.fedorapeople.org/packagereview/nodejs-read-package-tree/nodejs-read-package-tree-5.1.2-1.fc24.src.rpm
Description: Read the contents of node_modules.
Fedora Account System Username: sgallagh
Comment 1 Upstream Release Monitoring 2016-01-15 11:03:14 EST
sgallagh's scratch build of nodejs-read-package-tree-5.1.2-1.fc24.src.rpm for f24-nodejs4 failed http://koji.fedoraproject.org/koji/taskinfo?taskID=12563950
Comment 2 Upstream Release Monitoring 2016-01-15 11:07:52 EST
sgallagh's scratch build of nodejs-read-package-tree-5.1.2-2.fc24.src.rpm for f24-nodejs4 failed http://koji.fedoraproject.org/koji/taskinfo?taskID=12563972
Comment 3 Jared Smith 2016-01-15 11:28:09 EST
The package looks fairly good on first glance, but it would be nice if you added a %global called "enable_tests" that could be flipped on (in the future), and a comment stating that the tests won't work with the current version of nodejs-tap.  

If you add that, I'll finish up the formal review this afternoon.
Comment 4 Zuzana Svetlikova 2016-01-15 11:54:59 EST
When I tried to run tests, it failed on missing other dependencies. Also aren't BuildRoot and Group tags deprecated?
Comment 5 Stephen Gallagher 2016-01-15 12:35:17 EST
(In reply to Zuzana Svetlikova from comment #4)
> When I tried to run tests, it failed on missing other dependencies. Also
> aren't BuildRoot and Group tags deprecated?

Yeah, it turns out that there are a number of other issues here that weren't obvious on my first attempt. I'm fixing it up and should have a new version available for review in about an hour. Sorry for sending this out prematurely.
Comment 6 Upstream Release Monitoring 2016-01-15 12:40:18 EST
sgallagh's scratch build of nodejs-read-package-tree-5.1.2-2.fc24.src.rpm for f24-nodejs4 completed http://koji.fedoraproject.org/koji/taskinfo?taskID=12564492
Comment 8 Upstream Release Monitoring 2016-01-15 12:46:45 EST
sgallagh's scratch build of nodejs-read-package-tree-5.1.2-2.fc24.src.rpm for f24-nodejs4 completed http://koji.fedoraproject.org/koji/taskinfo?taskID=12564567
Comment 9 Stephen Gallagher 2016-01-15 12:52:17 EST
(In reply to Stephen Gallagher from comment #5)
> (In reply to Zuzana Svetlikova from comment #4)
> > When I tried to run tests, it failed on missing other dependencies. Also
> > aren't BuildRoot and Group tags deprecated?
> 
> Yeah, it turns out that there are a number of other issues here that weren't
> obvious on my first attempt. I'm fixing it up and should have a new version
> available for review in about an hour. Sorry for sending this out
> prematurely.

Also, please be aware that currently, this will *only* build and run %check in the f24-nodejs4 tag, because one of its dependencies is only available there. (Jared and I realized that we have a couple packages that are incompatible with Node.js 0.10.x in this final stretch, so they're being built only in the side-tag until we're ready to merge it back in).
Comment 10 Jared Smith 2016-01-15 15:39:55 EST
Outstanding items
=================
[!]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[!]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[!]: rpmlint warnings (summary not capitalized)
[!]: Spec file in the SRPM doesn't seem to match the spec file provided
[!]: BuildRequires that are npm packages should be expressed in the form of
     "npm(debuglog)" not "nodejs-debuglog"




Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed

===== MUST items =====

Generic:
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: License field in the package spec file matches the actual license.
[x]: All build dependencies are listed in BuildRequires, except for any
     that are listed in the exceptions section of Packaging Guidelines.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[!]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
     Note: rm -rf %{buildroot} present but not required
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
     names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[-]: Package is not known to require an ExcludeArch tag.
[x]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 10240 bytes in 1 files.
[x]: Package complies to the Packaging Guidelines
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %license.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

===== SHOULD items =====

Generic:
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[!]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
     Note: %clean present but not required
[-]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
     architectures.
[-]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
     files.
[x]: Sources can be downloaded from URI in Source: tag
[x]: Buildroot is not present
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

Generic:
[!]: Spec file according to URL is the same as in SRPM.
     Note: Spec file as given by url is not the same as in SRPM (see
     attached diff).
     See: (this test has no URL)


Rpmlint
-------
Checking: nodejs-read-package-tree-5.1.2-2.fc24.noarch.rpm
          nodejs-read-package-tree-5.1.2-2.fc24.src.rpm
nodejs-read-package-tree.noarch: W: spelling-error Summary(en_US) npm's -> Np's
nodejs-read-package-tree.noarch: W: summary-not-capitalized C npm's package tree parser
nodejs-read-package-tree.noarch: W: incoherent-version-in-changelog 5.1.2-1 ['5.1.2-2.fc24', '5.1.2-2']
nodejs-read-package-tree.noarch: W: only-non-binary-in-usr-lib
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/read-package-json /usr/lib/node_modules/read-package-json
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/once /usr/lib/node_modules/once
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/readdir-scoped-modules /usr/lib/node_modules/readdir-scoped-modules
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/dezalgo /usr/lib/node_modules/dezalgo
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/debuglog /usr/lib/node_modules/debuglog
nodejs-read-package-tree.src: W: spelling-error Summary(en_US) npm's -> Np's
nodejs-read-package-tree.src: W: summary-not-capitalized C npm's package tree parser
2 packages and 0 specfiles checked; 0 errors, 11 warnings.




Diff spec file in url and in SRPM
---------------------------------
--- /home/jsmith/Documents/Personal/Reviews/1298978/nodejs-read-package-tree.spec	2016-01-15 12:44:27.000000000 -0500
+++ /home/jsmith/Documents/Personal/Reviews/1298978/review-nodejs-read-package-tree/srpm-unpacked/nodejs-read-package-tree.spec	2016-01-15 12:36:01.000000000 -0500
@@ -8,7 +8,10 @@
 Release:        2%{?dist}
 Summary:        npm's package tree parser
+
+Group:          System Environment/Libraries
 License:        ISC
 URL:            https://github.com/npm/read-package-tree
 Source0:        http://registry.npmjs.org/read-package-tree/-/read-package-tree-%{version}.tgz
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildArch:  noarch
@@ -65,8 +68,4 @@
 
 %changelog
-* Fri Jan 15 2016 Stephen Gallagher <sgallagh@redhat.com> - 5.1.2-2
-- Run basic tests in %%check
-- Temporarily disable extensive tests due to incompatible nodejs-tap
-
 * Fri Jan 15 2016 Stephen Gallagher <sgallagh@redhat.com> - 5.1.2-1
 - Initial release to support Node.js 4.x


Requires
--------
nodejs-read-package-tree (rpmlib, GLIBC filtered):
    nodejs(engine)
    npm(debuglog)
    npm(dezalgo)
    npm(once)
    npm(read-package-json)
    npm(readdir-scoped-modules)



Provides
--------
nodejs-read-package-tree:
    nodejs-read-package-tree
    npm(read-package-tree)



Source checksums
----------------
http://registry.npmjs.org/read-package-tree/-/read-package-tree-5.1.2.tgz :
  CHECKSUM(SHA256) this package     : baa89c17fae6a99c2310ed5d4d35adfc875714f20d07f7c0b7c8bf75f757a73b
  CHECKSUM(SHA256) upstream package : baa89c17fae6a99c2310ed5d4d35adfc875714f20d07f7c0b7c8bf75f757a73b


Generated by fedora-review 0.6.0 (3c5c9d7) last change: 2015-05-20
Command line :/usr/bin/fedora-review -n nodejs-read-package-tree -p
Buildroot used: fedora-rawhide-x86_64
Active plugins: Generic, Shell-api
Disabled plugins: Java, C/C++, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP, Ruby
Disabled flags: EXARCH, DISTTAG, EPEL5, BATCH, EPEL6
Comment 12 Upstream Release Monitoring 2016-01-15 15:49:45 EST
sgallagh's scratch build of nodejs-read-package-tree-5.1.2-3.fc24.src.rpm for f24-nodejs4 failed http://koji.fedoraproject.org/koji/taskinfo?taskID=12566100
Comment 14 Upstream Release Monitoring 2016-01-15 15:54:08 EST
sgallagh's scratch build of nodejs-read-package-tree-5.1.2-4.fc24.src.rpm for f24-nodejs4 completed http://koji.fedoraproject.org/koji/taskinfo?taskID=12566115
Comment 15 Jared Smith 2016-01-18 09:56:31 EST
Package is approved.

Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed



===== MUST items =====

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: License field in the package spec file matches the actual license.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[x]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
     names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[-]: Package is not known to require an ExcludeArch tag.
[-]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 10240 bytes in 1 files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %license.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: All build dependencies are listed in BuildRequires, except for any
     that are listed in the exceptions section of Packaging Guidelines.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

===== SHOULD items =====

Generic:
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[-]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
     files.
[x]: Sources can be downloaded from URI in Source: tag
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: SourceX is a working URL.
[x]: Package should compile and build into binary rpms on all supported
     architectures.
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

Generic:
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).
[x]: Spec file according to URL is the same as in SRPM.


Rpmlint
-------
Checking: nodejs-read-package-tree-5.1.2-4.fc24.noarch.rpm
          nodejs-read-package-tree-5.1.2-4.fc24.src.rpm
nodejs-read-package-tree.noarch: W: spelling-error Summary(en_US) NPM's -> PM's, NPR's, N PM's
nodejs-read-package-tree.noarch: W: only-non-binary-in-usr-lib
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/dezalgo /usr/lib/node_modules/dezalgo
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/debuglog /usr/lib/node_modules/debuglog
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/once /usr/lib/node_modules/once
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/readdir-scoped-modules /usr/lib/node_modules/readdir-scoped-modules
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/read-package-json /usr/lib/node_modules/read-package-json
nodejs-read-package-tree.src: W: spelling-error Summary(en_US) NPM's -> PM's, NPR's, N PM's
2 packages and 0 specfiles checked; 0 errors, 8 warnings.




Rpmlint (installed packages)
----------------------------
sh: /usr/bin/python: No such file or directory
nodejs-read-package-tree.noarch: W: spelling-error Summary(en_US) NPM's -> PM's, NPR's, N PM's
nodejs-read-package-tree.noarch: W: invalid-url URL: https://github.com/npm/read-package-tree <urlopen error [Errno -3] Temporary failure in name resolution>
nodejs-read-package-tree.noarch: W: only-non-binary-in-usr-lib
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/debuglog /usr/lib/node_modules/debuglog
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/read-package-json /usr/lib/node_modules/read-package-json
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/once /usr/lib/node_modules/once
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/dezalgo /usr/lib/node_modules/dezalgo
nodejs-read-package-tree.noarch: W: dangling-symlink /usr/lib/node_modules/read-package-tree/node_modules/readdir-scoped-modules /usr/lib/node_modules/readdir-scoped-modules
1 packages and 0 specfiles checked; 0 errors, 8 warnings.



Requires
--------
nodejs-read-package-tree (rpmlib, GLIBC filtered):
    nodejs(engine)
    npm(debuglog)
    npm(dezalgo)
    npm(once)
    npm(read-package-json)
    npm(readdir-scoped-modules)



Provides
--------
nodejs-read-package-tree:
    nodejs-read-package-tree
    npm(read-package-tree)



Source checksums
----------------
http://registry.npmjs.org/read-package-tree/-/read-package-tree-5.1.2.tgz :
  CHECKSUM(SHA256) this package     : baa89c17fae6a99c2310ed5d4d35adfc875714f20d07f7c0b7c8bf75f757a73b
  CHECKSUM(SHA256) upstream package : baa89c17fae6a99c2310ed5d4d35adfc875714f20d07f7c0b7c8bf75f757a73b


Generated by fedora-review 0.6.0 (3c5c9d7) last change: 2015-05-20
Command line :/usr/bin/fedora-review -b 1298978 -m nodejs
Buildroot used: f24
Active plugins: Generic, Shell-api
Disabled plugins: Java, C/C++, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP, Ruby
Disabled flags: EXARCH, DISTTAG, EPEL5, BATCH, EPEL6
Comment 16 Patrick Uiterwijk 2016-01-18 11:24:26 EST
Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/nodejs-read-package-tree

Note You need to log in before you can comment on or make changes to this bug.