> License:        BSD

I checked the main website and it mentions that the original sources were under a "C News-like" license. fedora-review mentions a modified GPLv2 license (obviously not true). Running licensecheck by hand shows UNKNOWN all over the board (including the license file):
editline-1.17.1/.travis.yml: *No copyright* GENERATED FILE
editline-1.17.1/ChangeLog.md: *No copyright* GENERATED FILE
editline-1.17.1/INSTALL.md: *No copyright* UNKNOWN
editline-1.17.1/LICENSE: UNKNOWN
editline-1.17.1/Make.os9: *No copyright* UNKNOWN
editline-1.17.1/Makefile.am: *No copyright* UNKNOWN
editline-1.17.1/README.md: *No copyright* UNKNOWN
[...]

The text of the license looks like a rewrite of the BSD license, so I would put a comment above the "License" field that it's a "BSD-like license called C-News" or something similar.

> Requires:       %{name} = %{version}-%{release}

If possible, I would use the following the -devel subpackage instead:
Requires: %{name}%{?_isa} = %{version}-%{release}

> %files
> %license LICENSE
> %{_libdir}/libeditline.so.1
> %{_libdir}/libeditline.so.1.0.2

Would it make sense to add the doc to the main package as well?

> %files devel
> %doc ChangeLog.md README.md
> %{_includedir}/editline.h
> %{_libdir}/libeditline.so
> %{_libdir}/pkgconfig/libeditline.pc
> # conflicts with libedit-devel
> #%%{_mandir}/man3/editline.3.gz

Same here for the license file? Worth adding?

> %changelog
> * Thu Aug 06 2020 Jens Petersen <petersen>
> - initial packaging

Missing package version and dist tag at the end of the changelog entry.

The full review matrix:

Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed



===== MUST items =====

C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[x]: If your application is a C or C++ application you must list a
     BuildRequires against gcc, gcc-c++ or clang.
[x]: Header files in -devel subpackage, if present.
[x]: ldconfig not called in %post and %postun for Fedora 28 and later.
[x]: Package does not contain any libtool archives (.la)
[x]: Rpath absent or only used for internal libs.
[x]: Development (unversioned) .so files in -devel subpackage, if present.

Generic:
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
     Note: Using prebuilt packages
     Review: Koji build provided by submitter.
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses
     found: "Unknown or generated", "Expat License", "FSF Unlimited License
     (with Retention) GNU General Public License (v2)", "FSF Unlimited
     License (with Retention)". 36 files have unknown license. Detailed
     output of licensecheck in
     /home/amender/rpmbuild/SPECS/editline/editline/licensecheck.txt
     Review: covered in earlier comments. It's not GPLv2, of course!
[x]: License file installed when any subpackage combination is installed.
     Review: Yes, since the -devel package requires the main package.
[x]: %build honors applicable compiler flags or justifies otherwise.
[x]: Package contains no bundled libraries without FPC exception.
[!]: Changelog in prescribed format.
     Review: mentioned in an earlier comment.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[x]: Development files must be in a -devel package
[?]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
     names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[?]: Useful -debuginfo package or justification otherwise.
[x]: Package is not known to require an ExcludeArch tag.
[-]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 30720 bytes in 2 files.
[x]: Package complies to the Packaging Guidelines
     Review: see comment about the changelog entry.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %license.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package must not depend on deprecated() packages.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

===== SHOULD items =====

Generic:
[x]: Reviewer should test that the package builds in mock.
[-]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[!]: Fully versioned dependency in subpackages if applicable.
     Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in
     editline-devel
     Review: see earlier comment.
[x]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Sources are verified with gpgverify first in %prep if upstream
     publishes signatures.
     Note: gpgverify is not used.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
     architectures.
     Review: Koji build 
[-]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
     files.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: The placement of pkgconfig(.pc) files are correct.
[x]: Sources can be downloaded from URI in Source: tag
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

Generic:
[x]: Rpmlint is run on debuginfo package(s).
     Note: There are rpmlint messages (see attachment).
[x]: Rpmlint is run on all installed packages.
     Note: No rpmlint messages.
[x]: Large data in /usr/share should live in a noarch subpackage if package
     is arched.


Rpmlint
-------
Checking: editline-1.17.1-1.fc33.x86_64.rpm
          editline-devel-1.17.1-1.fc33.x86_64.rpm
          editline-debuginfo-1.17.1-1.fc33.x86_64.rpm
          editline-debugsource-1.17.1-1.fc33.x86_64.rpm
          editline-1.17.1-1.fc33.src.rpm
editline.x86_64: W: spelling-error Summary(en_US) readline -> breadline, deadline, headline
editline.x86_64: W: spelling-error %description -l en_US readline -> breadline, deadline, headline
editline.x86_64: W: no-version-in-last-changelog
editline.x86_64: W: no-documentation
editline-devel.x86_64: W: no-version-in-last-changelog
editline-debuginfo.x86_64: W: no-version-in-last-changelog
editline-debugsource.x86_64: W: no-version-in-last-changelog
editline.src: W: spelling-error Summary(en_US) readline -> breadline, deadline, headline
editline.src: W: spelling-error %description -l en_US readline -> breadline, deadline, headline
editline.src: W: no-version-in-last-changelog
5 packages and 0 specfiles checked; 0 errors, 10 warnings.




Rpmlint (debuginfo)
-------------------
Checking: editline-debuginfo-1.17.1-1.fc33.x86_64.rpm
editline-debuginfo.x86_64: W: no-version-in-last-changelog
1 packages and 0 specfiles checked; 0 errors, 1 warnings.





Rpmlint (installed packages)
----------------------------
(none): E: no installed packages by name editline
(none): E: no installed packages by name editline-debuginfo
(none): E: no installed packages by name editline-debugsource
(none): E: no installed packages by name editline-devel
0 packages and 0 specfiles checked; 0 errors, 0 warnings.



Source checksums
----------------
https://github.com/troglobit/editline/releases/download/1.17.1/editline-1.17.1.tar.xz :
  CHECKSUM(SHA256) this package     : df223b3333a545fddbc67b49ded3d242c66fadf7a04beb3ada20957fcd1ffc0e
  CHECKSUM(SHA256) upstream package : df223b3333a545fddbc67b49ded3d242c66fadf7a04beb3ada20957fcd1ffc0e


Requires
--------
editline (rpmlib, GLIBC filtered):
    libc.so.6()(64bit)
    rtld(GNU_HASH)

editline-devel (rpmlib, GLIBC filtered):
    /usr/bin/pkg-config
    editline
    libeditline.so.1()(64bit)

editline-debuginfo (rpmlib, GLIBC filtered):

editline-debugsource (rpmlib, GLIBC filtered):



Provides
--------
editline:
    editline
    editline(x86-64)
    libeditline.so.1()(64bit)

editline-devel:
    editline-devel
    editline-devel(x86-64)
    pkgconfig(libeditline)

editline-debuginfo:
    debuginfo(build-id)
    editline-debuginfo
    editline-debuginfo(x86-64)

editline-debugsource:
    editline-debugsource
    editline-debugsource(x86-64)

Thanks, Andy, for picking up this review.
Yeah I was worrying a bit about the license too, since it is unusual.
PLD marked it BSD so I went with that in the first instance.

It is indeed the same license as used by the once famous c-news (usenet newserver) software.

The license is also listed here: https://www.openhub.net/licenses/cnews

I also don't see any serious problem with it,
but probably it is most correct that I post it to
the Fedora Legal list to get their awareness of it.

It might need a separate license tag, I dunno,
since it does seem differ enough from BSD texts.

> I also don't see any serious problem with it,
> but probably it is most correct that I post it to
> the Fedora Legal list to get their awareness of it.
> 
> It might need a separate license tag, I dunno,
> since it does seem differ enough from BSD texts.

I agree contacting Fedora Legal would be the right thing to do. The critical way the C-News license differs from the BSD license is attribution - the BSD license prohibits it. It might indeed require a new tag or Legal might be able to suggest a more compatible tag than "BSD".

Any further news on this review request?

Thanks, Andy, sorry for the long pause - the license was identified and cleared by Fedora Legal in August as:

https://fedoraproject.org/wiki/Licensing/Henry_Spencer_Reg-Ex_Library_License

https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org/thread/6P6LWUEGQYWPOVM5MA5D3VZLKIEWZURJ/#6P6LWUEGQYWPOVM5MA5D3VZLKIEWZURJ

though I got a couple of discouraging comments along the lines of "Why another libedit"...
which while I tend to agree with, I still think this package is useful for people trying to build nix [1].
Apparently nix can be configured (via envvars) to build with readline, but with reduced functionality
(this was added because the version of editline in Debian/Ubuntu is very old based on the original one).
I guess it is a question for nix upstream why they chose this lesser known library for its repl:
well there is some upstream discussion on it, see for example https://github.com/NixOS/nix/issues/1356

[1] particularly since it is unlikely we can ever ship nix properly in Fedora,
unless we do what Debian does and ship the binary without setting up the system /nix directories.

(In reply to Andy Mender from comment #1)
> > Requires:       %{name} = %{version}-%{release}
> 
> If possible, I would use the following the -devel subpackage instead:
> Requires: %{name}%{?_isa} = %{version}-%{release}

Yes

> > %files
> > %license LICENSE

> Would it make sense to add the doc to the main package as well?

My usual thinking on this is that most end-user consumers would not be interested.
So for a library I usually only put them in the devel subpackage.

> > %files devel
> > %doc ChangeLog.md README.md

> Same here for the license file? Worth adding?

The devel package requires the base package so it should be superfluous.

> > %changelog
> > * Thu Aug 06 2020 Jens Petersen <petersen>
> > - initial packaging
> 
> Missing package version and dist tag at the end of the changelog entry.

Thanks, fixing

> [?]: Useful -debuginfo package or justification otherwise.

(rpmbuild automatically generates the debuginfo subpackages.
 See eg https://koji.fedoraproject.org/koji/taskinfo?taskID=48908672)

Spec URL: https://petersen.fedorapeople.org/reviews/editline/editline.spec
SRPM URL: https://petersen.fedorapeople.org/reviews/editline/editline-1.17.1-2.fc33.src.rpm

- correct license is revised HSRL (#1867290)
- use isa for devel base requires (#1867290)

Koji scratch build: https://koji.fedoraproject.org/koji/taskinfo?taskID=53639315

> Thanks, Andy, sorry for the long pause - the license was identified and cleared by Fedora Legal in August as:
> 
> https://fedoraproject.org/wiki/Licensing/Henry_Spencer_Reg-Ex_Library_License
> 
> https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org/thread/6P6LWUEGQYWPOVM5MA5D3VZLKIEWZURJ/#6P6LWUEGQYWPOVM5MA5D3VZLKIEWZURJ

I had a look at the links, compared the license texts and indeed it's 1:1 the Henry Spencer license. I'm glad we have a license tag for this, but it's a shame the MIT or BSD license was not used instead.

> [1] particularly since it is unlikely we can ever ship nix properly in Fedora,
> unless we do what Debian does and ship the binary without setting up the system /nix directories.

Yes, I don't think this would work and/or be useful. "editline" definitely will be, though!

The rest looks good now. Package approved!

Thank you for the review

https://pagure.io/releng/fedora-scm-requests/issue/29847

(fedscm-admin):  The Pagure repository was created at https://src.fedoraproject.org/rpms/editline

FEDORA-2020-786ec740e4 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2020-786ec740e4

FEDORA-2020-bce6bf5d10 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-bce6bf5d10

FEDORA-EPEL-2020-c508531951 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-c508531951

FEDORA-EPEL-2020-10f5ee1341 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-10f5ee1341

FEDORA-2020-bce6bf5d10 has been pushed to the Fedora 32 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2020-bce6bf5d10 \*`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-bce6bf5d10

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

FEDORA-EPEL-2020-10f5ee1341 has been pushed to the Fedora EPEL 7 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-10f5ee1341

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

FEDORA-EPEL-2020-c508531951 has been pushed to the Fedora EPEL 8 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-c508531951

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

FEDORA-2020-786ec740e4 has been pushed to the Fedora 33 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2020-786ec740e4 \*`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-786ec740e4

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

FEDORA-2020-bce6bf5d10 has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.

FEDORA-2020-786ec740e4 has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.

FEDORA-EPEL-2020-10f5ee1341 has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.

FEDORA-EPEL-2020-c508531951 has been pushed to the Fedora EPEL 8 stable repository.
If problem still persists, please make note of it in this bug report.