Spec URL: https://jjames.fedorapeople.org/pari-nflistdata/pari-nflistdata.spec SRPM URL: https://jjames.fedorapeople.org/pari-nflistdata/pari-nflistdata-20210527-1.fc35.src.rpm Fedora Account System Username: jjames Description: This package is needed by nflist to list fields of small discriminant (currently needed by the single Galois group A5) or to list most regular extensions of Q(T) in degree larger than 7.
Looks like an exact duplicate to me. You linked both issues in your email to fedora-devel. Am I missing something? *** This bug has been marked as a duplicate of bug 1992880 ***
Uh oh. I pasted the wrong URLs into the other bug. They actually are different. This one is pari-nflistdata, and that one is (supposed to be) pari-nftables. That means you reviewed this package in the other bug. I'm not sure what to do now. How's this for a plan? I swap the names of the bugs, and paste the URLs for pari-nftables in here?
Proceeding with the plan outlined above. May my middle-aged male brain never do that again. Spec URL: https://jjames.fedorapeople.org/pari-nftables/pari-nftables.spec SRPM URL: https://jjames.fedorapeople.org/pari-nftables/pari-nftables-20080929-1.fc35.src.rpm
Sounds reasonable. I’ll plan to review this one too. It might be tomorrow before I get to it.
Thank you, Ben. Let me know if there is something I can do for you.
I can’t find anything in the README or at the URL to support the GPLv2+ license field, or to indicate any particular license at all. Is there somewhere that the authors have indicated the desired license? (It’s possible that the actual tables, being mere compilations of mathematical facts, may not be subject to copyright. I don’t know if that argument has been used in Fedora before.)
The text at the top of http://pari.math.u-bordeaux.fr/packages.html says that all packages on that page are covered by GPLv2+. The other packages say so somewhere in the tarball, so I guess this is an oversight. I will ask upstream to add a note to the package about the license. In the meantime, I have added a comment above the license field. The URLs above point to the modified spec and srpm.
> The text at the top of http://pari.math.u-bordeaux.fr/packages.html says that all packages on that page are covered by GPLv2+. Aha! I missed that. That seems adequate, although a statement in the source is always clearer. Thanks for adding the comment. ----- I’ve never used Pari-GP before, but it seems like you can run the included test to validate the tables something like this: > BuildRequires: pari-gp > %check > cp -p check do-check > cat >> do-check <<'EOF' > all() > quit > EOF > gp --default parisizemax=400M do-check However, it took me about two hours to run that on an ARM-based laptop, so it’s probably not worth it in the end, especially as there isn’t any processing done on the sources during the build. ----- I’m happy to go ahead and finish up the review, but it seems like the spec and SRPM links are now 404.
(In reply to Ben Beasley from comment #8) > I’ve never used Pari-GP before, but it seems like you can run the included > test to validate the tables something like this: > > > BuildRequires: pari-gp > > > %check > > cp -p check do-check > > cat >> do-check <<'EOF' > > all() > > quit > > EOF > > gp --default parisizemax=400M do-check > > However, it took me about two hours to run that on an ARM-based laptop, so > it’s probably not worth it in the end, especially as there isn’t any > processing done on the sources during the build. Yeah, I think I'd prefer to not do that. :-) > I’m happy to go ahead and finish up the review, but it seems like the spec > and SRPM links are now 404. Are you looking at the URLs in comment 3, or the ones at the top of the bug?
> Are you looking at the URLs in comment 3, or the ones at the top of the bug? Yeah, that would do it. Review to follow.
Package approved. Can you double-check the BR on procps, and maybe add an explanatory comment if it is actually needed? Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated ===== Issues ===== - What is the BR on procps for? ===== MUST items ===== Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [-]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated". 20 files have unknown license. Detailed output of licensecheck in /home/reviewer/1992879-pari- nftables/licensecheck.txt [-]: Package does not own files or directories owned by other packages. Note: Dirs in package are owned also by: /usr/share/pari(pari-galpol, pari-gp, pari-elldata, pari-seadata, pari-galdata) You could add a dependency on pari instead of co-owning these directories if you thought this package only made sense to install with pari. However, I don’t see any reason another package couldn’t use the data files without invoking pari, so I agree that the current approach of co-owning these directories is appropriate. [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [-]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Package is not known to require an ExcludeArch tag. [-]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 10240 bytes in 1 files. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [x]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [x]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [-]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: Package should compile and build into binary rpms on all supported architectures. [-]: %check is present and all tests pass. Tests are omitted as the source is not processed during the build and the tests take a lot of CPU time. [x]: Packages should try to preserve timestamps of original installed files. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: pari-nftables-20080929-1.fc35.noarch.rpm pari-nftables-20080929-1.fc35.src.rpm pari-nftables.noarch: W: spelling-error %description -l en_US megrez -> regret pari-nftables.noarch: W: spelling-error %description -l en_US readvec -> reader pari-nftables.src: W: spelling-error %description -l en_US megrez -> regret pari-nftables.src: W: spelling-error %description -l en_US readvec -> reader 2 packages and 0 specfiles checked; 0 errors, 4 warnings. Rpmlint (installed packages) ---------------------------- Cannot parse rpmlint output: Source checksums ---------------- https://pari.math.u-bordeaux.fr/pub/pari/packages/nftables.tgz.asc : CHECKSUM(SHA256) this package : ae7969f3bd2f05375289c2f3aec068f062ae64e9b7e3308f0e8e63722f466f04 CHECKSUM(SHA256) upstream package : ae7969f3bd2f05375289c2f3aec068f062ae64e9b7e3308f0e8e63722f466f04 https://pari.math.u-bordeaux.fr/pub/pari/packages/nftables.tgz : CHECKSUM(SHA256) this package : 8dd3393ce6b3cfcf599f094f7b22bdffe17c3ba25deb912513d54676bd7cfe92 CHECKSUM(SHA256) upstream package : 8dd3393ce6b3cfcf599f094f7b22bdffe17c3ba25deb912513d54676bd7cfe92 Requires -------- pari-nftables (rpmlib, GLIBC filtered): Provides -------- pari-nftables: pari-nftables Generated by fedora-review 0.7.6 (b083f91) last change: 2020-11-10 Command line :/usr/bin/fedora-review -b 1992879 Buildroot used: fedora-rawhide-aarch64 Active plugins: Shell-api, Generic Disabled plugins: R, PHP, fonts, Haskell, C/C++, Perl, SugarActivity, Java, Python, Ocaml Disabled flags: EPEL6, EPEL7, DISTTAG, BATCH, EXARCH
> Thank you, Ben. Let me know if there is something I can do for you. If you have time and inclination to pick off any of these reviews at some point, it will be much appreciated! But don’t feel you have to reciprocate review-for-review, or at all. - https://bugzilla.redhat.com/show_bug.cgi?id=1981138 c4project - Useful CMake scripts (CMake only, in the dependency chain for rapidyaml) - https://bugzilla.redhat.com/show_bug.cgi?id=1987298 stb - Single-file public domain libraries for C/C++ (header-only C, a dependency for sfizz, and also ought to be unbundled from some existing packages) - https://bugzilla.redhat.com/show_bug.cgi?id=1988151 atomic-queue - C++ lockless queue (header-only C++, a dependency for sfizz) - https://bugzilla.redhat.com/show_bug.cgi?id=1988517 dr_libs - Single-file audio decoding libraries for C/C++ (header-only C, a dependency for sfizz, similar in style to stb) - https://bugzilla.redhat.com/show_bug.cgi?id=1988722 gulrak-filesystem - Implementation of C++17 std::filesystem for C++11/14/17/20 (C++ library, a dependency for sfizz) - https://bugzilla.redhat.com/show_bug.cgi?id=1989592 fmidi - A library to read and play back MIDI files (C library, a dependency for sfizz) - https://bugzilla.redhat.com/show_bug.cgi?id=1990917 python-pytest-grpc - Allow testing gRPC with pytest
(In reply to Ben Beasley from comment #11) > Package approved. Thank you! > Can you double-check the BR on procps, and maybe add an explanatory comment > if it is actually needed? Way back in the mists of time, parallel used to invoke one of the procps tools, I don't remember which one, but didn't have a Requires on procps. There was a bug on that, which I can't seem to find at the moment, but it was ignored. I became accustomed to adding BR: procps in every spec file that had BR: parallel. Only that doesn't appear to be the case anymore. Great, I can hunt down all of my packages that do that and remove the BR: procps.
> Way back in the mists of time, parallel used to invoke one of the procps tools, I don't remember which one, but didn't have a Requires on procps. There was a bug on that, which I can't seem to find at the moment, but it was ignored. I became accustomed to adding BR: procps in every spec file that had BR: parallel. That makes sense. I suspected it was something along those lines.
(fedscm-admin): The Pagure repository was created at https://src.fedoraproject.org/rpms/pari-nftables
Built in Rawhide and F35.
Please feel free to CC me in any additional review requests you might have coming up and I’ll consider taking them. I have seen https://bugzilla.redhat.com/show_bug.cgi?id=1989300, but I’m not willing to take it due to the domain knowledge required to review font packages properly, and due to the conflict with https://docs.fedoraproject.org/en-US/packaging-guidelines/FontsPolicy/#_web_fonts. I suspect it will require some very unpleasant workarounds to patch out the web fonts, or an exception from FPC to allow them. I chose the unpleasant workarounds for https://src.fedoraproject.org/rpms/gi-docgen, but this might be less workable for your packages.
Thanks, Ben. Nobody seems to want that review. :-) I think I'm going to drop the -web subpackage for now, as I don't need it. If somebody comes along with a valid use case, we can talk about adding it then. In any case, thank you again for the reviews you did for me. I appreciate the effort.