Spec URL: https://dcavalca.fedorapeople.org/review/rust-cargo-edit/rust-cargo-edit.spec SRPM URL: https://dcavalca.fedorapeople.org/review/rust-cargo-edit/rust-cargo-edit-0.7.0-1.fc35.src.rpm Description: This extends Cargo to allow you to add and remove dependencies by modifying your `Cargo.toml` file from the command line. It contains `cargo add`, `cargo rm`, and `cargo upgrade`. Fedora Account System Username: dcavalca
+ package name is OK (rust-cargo-edit, cargo-edit) + %description and Summary are legible + rust2rpm was used, so I'm only checking the license and if the package builds + license is acceptable for Fedora (ASL 2.0 or MIT) + builds and installs OK + fedora-review finds no issues + rpmlint false positives mostly One interesting warning: cargo-edit.x86_64: W: crypto-policy-non-compliance-openssl /usr/bin/cargo-add SSL_CTX_set_cipher_list I don't know what to make of this. The string does not appear in the unpackaged crate, so I don't know how rpmlint figures that it is called. Package is APPROVED.
> The string does not appear in the unpackaged crate, so I don't know how rpmlint figures that it is called. Well ... Rust is a statically linked language, so this could come from any of the dependencies. In fact, cross-referencing the string SSL_CTX_set_cipher_list against "cargo tree" of cargo-edit, this function could be coming from either git2, libgit2-sys, openssl, or openssl-sys crate code somewhere. Not sure if rpmlint checks whether the function is *present* or if it's actually called.
Thanks! $ fedpkg request-repo rust-cargo-edit 1987153 https://pagure.io/releng/fedora-scm-requests/issue/38877
(fedscm-admin): The Pagure repository was created at https://src.fedoraproject.org/rpms/rust-cargo-edit
Package is now in repositories, closing review.