Spec URL: https://jvcelak.fedorapeople.org/review/mpdecimal/2.4.2-1/mpdecimal.spec SRPM URL: https://jvcelak.fedorapeople.org/review/mpdecimal/mpdecimal-2.4.2-1.fc26.src.rpm Description: The package contains a library limpdec implementing General Decimal Arithmetic Specification. The specification, written by Mike Cowlishaw from IBM, defines a general purpose arbitrary precision data type together with rigorously specified functions and rounding behavior. Fedora Account System Username: jvcelak
Test builds: https://copr.fedorainfracloud.org/coprs/jvcelak/mpdecimal/
Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed Issues: ======= - List all deps in BuildRequires See: https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2 - It's library and ldconfig is not called in %post and %postun See: https://fedoraproject.org/wiki/Packaging/Guidelines#Shared_Libraries ===== MUST items ===== C/C++: [x]: Package does not contain kernel modules. [x]: Package contains no static executables. [x]: Header files in -devel subpackage, if present. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs. [x]: Development (unversioned) .so files in -devel subpackage, if present. Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [!]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "MIT/X11 (BSD like)", "BSD (2 clause)", "Unknown or generated". 20 files have unknown license. According to the comments it seems docs contains MIT, BSD, GPL, GPLv2 licensed content. I think the doc subpackage needs to have license tag "BSD and GPL", or simply GPL (by utilizing license compatibility). [!]: License file installed when any subpackage combination is installed. License file is not installed if only doc subpackage is installed. [x]: %build honors applicable compiler flags or justifies otherwise. [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [x]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Useful -debuginfo package or justification otherwise. [-]: Package is not known to require an ExcludeArch tag. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 0 bytes in 0 files. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [!]: Fully versioned dependency in subpackages if applicable. Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in mpdecimal-doc , mpdecimal-debuginfo I think the doc subpackage should require the base package, this will also resolve the problem with the license file installation. [?]: Package functions as described. I am just relying on the make check. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [-]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: Package should compile and build into binary rpms on all supported architectures. [x]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Uses parallel make %{?_smp_mflags} macro. [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on debuginfo package(s). Note: No rpmlint messages. [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: mpdecimal-2.4.2-1.fc22.x86_64.rpm mpdecimal-devel-2.4.2-1.fc22.x86_64.rpm mpdecimal-doc-2.4.2-1.fc22.noarch.rpm mpdecimal-debuginfo-2.4.2-1.fc22.x86_64.rpm mpdecimal-2.4.2-1.fc22.src.rpm mpdecimal.x86_64: W: spelling-error %description -l en_US limpdec -> limpid mpdecimal.x86_64: W: no-documentation mpdecimal.x86_64: E: library-without-ldconfig-postin /usr/lib64/libmpdec.so.2.4.2 mpdecimal.x86_64: E: library-without-ldconfig-postun /usr/lib64/libmpdec.so.2.4.2 mpdecimal-devel.x86_64: W: only-non-binary-in-usr-lib mpdecimal-devel.x86_64: W: no-documentation mpdecimal.src: W: spelling-error %description -l en_US limpdec -> limpid 5 packages and 0 specfiles checked; 2 errors, 5 warnings. Rpmlint (debuginfo) ------------------- Checking: mpdecimal-debuginfo-2.4.2-1.fc22.x86_64.rpm 1 packages and 0 specfiles checked; 0 errors, 0 warnings. Rpmlint (installed packages) ---------------------------- mpdecimal.x86_64: W: spelling-error %description -l en_US limpdec -> limpid mpdecimal.x86_64: W: no-documentation mpdecimal.x86_64: E: library-without-ldconfig-postin /usr/lib64/libmpdec.so.2.4.2 mpdecimal.x86_64: E: library-without-ldconfig-postun /usr/lib64/libmpdec.so.2.4.2 mpdecimal-devel.x86_64: W: only-non-binary-in-usr-lib mpdecimal-devel.x86_64: W: no-documentation 4 packages and 0 specfiles checked; 2 errors, 4 warnings. Requires -------- mpdecimal-doc (rpmlib, GLIBC filtered): mpdecimal (rpmlib, GLIBC filtered): libc.so.6()(64bit) libm.so.6()(64bit) rtld(GNU_HASH) mpdecimal-devel (rpmlib, GLIBC filtered): libmpdec.so.2()(64bit) mpdecimal(x86-64) mpdecimal-debuginfo (rpmlib, GLIBC filtered): Provides -------- mpdecimal-doc: mpdecimal-doc mpdecimal: libmpdec.so.2()(64bit) mpdecimal mpdecimal(x86-64) mpdecimal-devel: mpdecimal-devel mpdecimal-devel(x86-64) mpdecimal-debuginfo: mpdecimal-debuginfo mpdecimal-debuginfo(x86-64) Source checksums ---------------- http://www.bytereef.org/software/mpdecimal/releases/mpdecimal-2.4.2.tar.gz : CHECKSUM(SHA256) this package : 83c628b90f009470981cf084c5418329c88b19835d8af3691b930afccb7d79c7 CHECKSUM(SHA256) upstream package : 83c628b90f009470981cf084c5418329c88b19835d8af3691b930afccb7d79c7 http://speleotrove.com/decimal/dectest.zip : CHECKSUM(SHA256) this package : b70a224cd52e82b7a8150aedac5efa2d0cb3941696fd829bdbe674f9f65c3926 CHECKSUM(SHA256) upstream package : b70a224cd52e82b7a8150aedac5efa2d0cb3941696fd829bdbe674f9f65c3926 Generated by fedora-review 0.6.1 (f03e4e7) last change: 2016-05-02 Command line :/usr/bin/fedora-review -b 1366784 Buildroot used: fedora-22-x86_64 Active plugins: Generic, Shell-api, C/C++ Disabled plugins: Java, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP Disabled flags: EXARCH, DISTTAG, EPEL5, BATCH, EPEL6
Thanks, Jaroslav. > Issues: > ======= > - List all deps in BuildRequires > See: https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2 What exactly is missing? The package doesn't depend on any library. > - It's library and ldconfig is not called in %post and %postun > See: https://fedoraproject.org/wiki/Packaging/Guidelines#Shared_Libraries Fixed. > [!]: License field in the package spec file matches the actual license. > Note: Checking patched sources after %prep for licenses. Licenses > found: "MIT/X11 (BSD like)", "BSD (2 clause)", "Unknown or generated". > 20 files have unknown license. > > According to the comments it seems docs contains MIT, BSD, GPL, GPLv2 > licensed content. I think the doc subpackage needs to have license tag "BSD > and GPL", or simply GPL (by utilizing license compatibility). Nice catch. I found out that the documentation has a separate LICENSE file is FBSDDL. In updated spec, the main package is BSD and the doc subpackage is FBSDDL and BSD and GPL. > [!]: License file installed when any subpackage combination is installed. > > License file is not installed if only doc subpackage is installed. Fixed by adding the FBSDDL license file. > [!]: Fully versioned dependency in subpackages if applicable. > Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in > mpdecimal-doc , mpdecimal-debuginfo > > I think the doc subpackage should require the base package, this will also > resolve the problem with the license file installation. I would like to keep the packages independent. It's just documentation. You don't need the library or headers to read it. > Rpmlint > ------- > mpdecimal.x86_64: E: library-without-ldconfig-postin > /usr/lib64/libmpdec.so.2.4.2 > mpdecimal.x86_64: E: library-without-ldconfig-postun Resolved. I've also added the bundled(js-*) provides for the doc subpackage. Unversioned though, hope that's OK. I think it would be needless effort to make sure the versions didn't change during the update. % rpmlint ./*.spec ./mpdecimal.spec:36: W: unversioned-explicit-provides bundled(js-jquery) ./mpdecimal.spec:37: W: unversioned-explicit-provides bundled(js-underscore) ./mpdecimal.spec:38: W: unversioned-explicit-provides bundled(js-sizzle) 0 packages and 1 specfiles checked; 0 errors, 3 warnings. (I also want to make it for EPEL 7. It won't build yet. But I think I can fix that on-the-fly.) Update SPEC: https://jvcelak.fedorapeople.org/review/mpdecimal/2.4.2-3/mpdecimal.spec Updated SRPM: https://jvcelak.fedorapeople.org/review/mpdecimal/mpdecimal-2.4.2-3.fc26.src.rpm Fresh build: https://copr.fedorainfracloud.org/coprs/jvcelak/mpdecimal/build/443478/
(In reply to Jan Včelák from comment #3) Sorry for delay, I was sick. > What exactly is missing? The package doesn't depend on any library. You should probably list gcc and all other build deps, according to the: https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2 You can only rely that there is a functional RPM and the shell in the build root. This was changed in the guidelines and there is now no "safe defaults in the buildroot", but I am a bit relaxed about this requirement. > > [!]: Fully versioned dependency in subpackages if applicable. > > Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in > > mpdecimal-doc , mpdecimal-debuginfo > > > > I think the doc subpackage should require the base package, this will also > > resolve the problem with the license file installation. > > I would like to keep the packages independent. It's just documentation. You > don't need the library or headers to read it. > I think it's a bit useless to install documentation without the library, but I have no problem with it. > I've also added the bundled(js-*) provides for the doc subpackage. > Unversioned though, hope that's OK. I think it would be needless effort to > make sure the versions didn't change during the update. I think the main reason of the bundled keyword is to track the security related problems with the bundled libs. Without version it's impossible to track it. However, I think that local documentation may pose little or none risk, so probably the bundled keywords are not needed in this case. IIRC in the past each bundled keyword required FESCO exception, but currently I cannot find anything about it in the guidelines, so probably this requirement has been dropped. > Update SPEC: > https://jvcelak.fedorapeople.org/review/mpdecimal/2.4.2-3/mpdecimal.spec > I would probably enforce unversioned docdir on > RHEL-7 and Fedora if there is no _pkgdocdir macro, e.g.: %if 0%{?rhel} <= 7 && 0%{!?fedora:1} {!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} %else {!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}} %endif or similarly.
(In reply to Jaroslav Škarvada from comment #4) > Sorry for delay, I was sick. Don't worry. :-) > You should probably list gcc and all other build deps, according to the: > https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2 > You can only rely that there is a functional RPM and the shell in the build > root. This was changed in the guidelines and there is now no "safe defaults > in the buildroot", but I am a bit relaxed about this requirement. Done. The only added dependency is gcc. I haven't noticed any other deps. > > I would like to keep the packages independent. It's just documentation. You > > don't need the library or headers to read it. > > > I think it's a bit useless to install documentation without the library, but > I have no problem with it. Let's keep it that way then, please. > I think the main reason of the bundled keyword is to track the security > related problems with the bundled libs. Without version it's impossible to > track it. However, I think that local documentation may pose little or none > risk, so probably the bundled keywords are not needed in this case. IIRC in > the past each bundled keyword required FESCO exception, but currently I > cannot find anything about it in the guidelines, so probably this > requirement has been dropped. I think the exceptions is not needed anymore. Anyway, I've added versions for js-jquery and js-underscore. And I've dropped js-sizzle because it's part of this particular version of jquery and I'm unable to determine exact version (I know the commit number but it's not tagged so it makes any comparison useless). > I would probably enforce unversioned docdir on > RHEL-7 and Fedora if there > is no _pkgdocdir macro, e.g.: > > %if 0%{?rhel} <= 7 && 0%{!?fedora:1} > {!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} > %else > {!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}} > %endif I've remove all defines to support EPEL for now because it needs more tuning and it failed to build. I would like to get the package included in current Fedora for now and maybe I'l fix it for EPEL 7 later. The above will probably make the trick and I'll also have to treat %license somehow. Updated SPEC: https://jvcelak.fedorapeople.org/review/mpdecimal/2.4.2-4/mpdecimal.spec Update SRPM: https://jvcelak.fedorapeople.org/review/mpdecimal/mpdecimal-2.4.2-4.fc24.src.rpm Binary build: https://copr.fedorainfracloud.org/coprs/jvcelak/mpdecimal/build/447839/ Thanks! I think all remarks have been addressed.
It seems OK, approving.
Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/rpms/mpdecimal
Thanks, everyone!