Spec URL: https://zsun.fedorapeople.org/pub/pkgs/cvechecker/cvechecker.spec SRPM URL: https://zsun.fedorapeople.org/pub/pkgs/cvechecker/cvechecker-3.7-1.fc25.src.rpm Description: Tool for compare packages installed in your system with CVE database Fedora Account System Username: zsun
*** Bug 1062808 has been marked as a duplicate of this bug. ***
> %global debug_package %{nil} Are you sure that's needed? If yes, it deserves a comment in the spec file. > make Is parallel build not supported? If it is, use %make_build, otherwise, add a comment. > %{__install} You can just say 'install' — that's both less typing *and* clearer. > %defattr(-,root,root) Not needed. Checking: cvechecker-3.7-1.fc27.x86_64.rpm cvechecker-3.7-1.fc27.src.rpm cvechecker.x86_64: W: unstripped-binary-or-object /usr/bin/cvechecker Hm. That's the first time I encounter this. Maybe this will go away if you create a debug package? cvechecker.x86_64: W: only-non-binary-in-usr-lib cvechecker.x86_64: W: hidden-file-or-dir /usr/lib/.build-id cvechecker.x86_64: W: hidden-file-or-dir /usr/lib/.build-id OK. cvechecker.src:13: W: macro-in-comment %{url} cvechecker.src:13: W: macro-in-comment %{_commit} cvechecker.src:13: W: macro-in-comment %{_commit} Please use %%. cvechecker.src:14: W: mixed-use-of-spaces-and-tabs (spaces: line 6, tab: line 14) Please fix. 2 packages and 0 specfiles checked; 0 errors, 8 warnings. Looks all good. (It seems that cvechecker likes to run as root. It'd be much better to create a dedicated user for it, since downloading stuff as root from the web is also a concern, but that's an upstream issue.)
Thanks for the quick response. SPEC updated in place: https://zsun.fedorapeople.org/pub/pkgs/cvechecker/cvechecker.spec New SRPM: https://zsun.fedorapeople.org/pub/pkgs/cvechecker/cvechecker-3.7-2.fc25.src.rpm
(In reply to Zbigniew Jędrzejewski-Szmek from comment #2) > (It seems that cvechecker likes to run as root. It'd be much better to > create a dedicated user for it, since downloading stuff as root from the web > is also a concern, but that's an upstream issue.) I am not familiar with packaging with dedicated user, so currently I'm not adding this way. Will work on this later once I figured out how to do it.
+ package name is OK + license is acceptable for Fedora (GPLv3) + license is specified correctly + builds and installs OK + fedora-review finds no issues + %check is present and passes + no scriptlets necessary + rpmlint has only false positives > Group: Applications/System Not needed [https://fedoraproject.org/wiki/Packaging:Guidelines#Tags_and_Sections]. > %attr(0644,root,root) You probably don't need those either, unless the build system sets some strange permissions on those files. Package is APPROVED.
Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/rpms/cvechecker
(In reply to Zbigniew Jędrzejewski-Szmek from comment #5) > > Group: Applications/System > Not needed > [https://fedoraproject.org/wiki/Packaging:Guidelines#Tags_and_Sections]. Thanks. Will remove this section in -3.
cvechecker-3.8-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-146693c8dc
cvechecker-3.8-1.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b44ef74c4
cvechecker-3.8-1.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.