Spec URL: https://jjames.fedorapeople.org/python-sphinx-design/python-sphinx-design.spec SRPM URL: https://jjames.fedorapeople.org/python-sphinx-design/python-sphinx-design-0.2.0-1.fc37.src.rpm Fedora Account System Username: jjames Description: This package contains a Sphinx extension for designing beautiful, view size responsive web components. I need this package so I can update python-pydata-sphinx-theme, which is needed to update python-networkx.
Elliott beat you by 23 hours by requesting a review yesterday. I am closing this just because there is an older review request. :-) *** This bug has been marked as a duplicate of bug 2099411 ***
Unofficial Review: Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed Issues: ======= - If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. Note: License file LICENSE is not marked as %license See: https://docs.fedoraproject.org/en-US/packaging- guidelines/LicensingGuidelines/#_license_text - Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 2088960 bytes in 61 files. See: https://docs.fedoraproject.org/en-US/packaging- guidelines/#_documentation ===== MUST items ===== Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [?]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated", "*No copyright* MIT License", "MIT License", "Apache License 2.0". 156 files have unknown license. Detailed output of licensecheck in /home/FedoraPackaging/python-sphinx- design/2099902-python-sphinx-design/licensecheck.txt [!]: License file installed when any subpackage combination is installed. [!]: If the package is under multiple licenses, the licensing breakdown must be documented in the spec. [!]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [?]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [-]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [?]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Package is not known to require an ExcludeArch tag. [?]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local Python: [-]: Python eggs must not download any dependencies during the build process. [-]: A package which is used by another package via an egg interface should provide egg info. [?]: Package meets the Packaging Guidelines::Python [x]: Package contains BR: python2-devel or python3-devel [x]: Packages MUST NOT have dependencies (either build-time or runtime) on packages named with the unversioned python- prefix unless no properly versioned package exists. Dependencies on Python packages instead MUST use names beginning with python2- or python3- as appropriate. [x]: Python packages must not contain %{pythonX_site(lib|arch)}/* in %files [x]: Binary eggs must be removed in %prep ===== SHOULD items ===== Generic: [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [?]: Fully versioned dependency in subpackages if applicable. Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in python3-sphinx-design , python-sphinx-design-docs [?]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. [?]: Package should compile and build into binary rpms on all supported architectures. [x]: %check is present and all tests pass. [?]: Packages should try to preserve timestamps of original installed files. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Cannot parse rpmlint output: Rpmlint (installed packages) ---------------------------- Cannot parse rpmlint output: Source checksums ---------------- https://github.com/executablebooks/sphinx-design/archive/v0.2.0/sphinx-design-0.2.0.tar.gz : CHECKSUM(SHA256) this package : 901f156d7a799ab39118d3daba5fbe606844bbc2b4dda852855b508ad72eb6ad CHECKSUM(SHA256) upstream package : 901f156d7a799ab39118d3daba5fbe606844bbc2b4dda852855b508ad72eb6ad Requires -------- python3-sphinx-design (rpmlib, GLIBC filtered): (python3.10dist(sphinx) < 6~~ with python3.10dist(sphinx) >= 4) python(abi) python-sphinx-design-docs (rpmlib, GLIBC filtered): Provides -------- python3-sphinx-design: python-sphinx-design python3-sphinx-design python3.10-sphinx-design python3.10dist(sphinx-design) python3dist(sphinx-design) python-sphinx-design-docs: python-sphinx-design-docs Generated by fedora-review 0.8.0 (e988316) last change: 2022-04-07 Command line :/usr/bin/fedora-review -b 2099902 Buildroot used: fedora-rawhide-x86_64 Active plugins: Shell-api, Generic, Python Disabled plugins: Ocaml, C/C++, SugarActivity, Haskell, Java, fonts, PHP, Perl, R Disabled flags: EPEL6, EPEL7, DISTTAG, BATCH, EXARCH Comments: 1) Material icons seem to be available as a package https://src.fedoraproject.org/rpms/material-icons-fonts but are bundled with this installation. Can the material-icons-fonts package be updated so that bundling is not needed? 2) Material icons are under Apache Software License 3) Documentation contains javascript files which may also have different licenses 4) License file seems not to be packaged 5) Can octicons https://github.com/primer/octicons be packaged separately instead of using a bundled library? 6) Timestamps are preserved for documentation, but not for the python files 7) Why not use tox to run the tests? https://docs.fedoraproject.org/en-US/packaging-guidelines/Python/#_tox
Thank you for the unofficial review, Benson. Here are my (not completely satisfactory) answers to your questions. (In reply to Benson Muite from comment #2) > - If (and only if) the source package includes the text of the license(s) > in its own file, then that file, containing the text of the license(s) > for the package is included in %license. > Note: License file LICENSE is not marked as %license > See: https://docs.fedoraproject.org/en-US/packaging- > guidelines/LicensingGuidelines/#_license_text When the python dist-info is assembled, it includes the LICENSE file. You can see it in the binary RPM under this path: /usr/lib/python3.10/site-packages/sphinx_design-0.2.0.dist-info/LICENSE Miro has been telling people that adding the license file under %license as well is redundant, so I left it out of this package. However, it should be included in the docs subpackage. I will fix that. > - Large documentation must go in a -doc subpackage. Large could be size > (~1MB) or number of files. > Note: Documentation size is 2088960 bytes in 61 files. > See: https://docs.fedoraproject.org/en-US/packaging- > guidelines/#_documentation ??? There is a python-sphinx-design-docs package, exactly the one that contains 61 files, in fact. > [!]: License file installed when any subpackage combination is installed. This will be fixed in the next version. > [!]: If the package is under multiple licenses, the licensing breakdown > must be documented in the spec. It is documented, in the comment just above the License field. > [!]: Package contains no bundled libraries without FPC exception. I am unaware of any bundled libraries. Which ones did you find? > 1) Material icons seem to be available as a package > https://src.fedoraproject.org/rpms/material-icons-fonts but are bundled with > this > installation. Can the material-icons-fonts package be updated so that > bundling is not needed? Yes, and I'm even the maintainer of that package. :-) Here's the thing: the JSON versions of the icons are not in the source package. There are SVG icons in the source package that appear to be the source of the data in the JSON icons in this package. I assume that there is some SVG-to-JSON converter, but I know very little about fonts and certainly do not know anything about such a tool. The font guidelines (https://docs.fedoraproject.org/en-US/packaging-guidelines/FontsPolicy/) say that the SVG icons are not to be installed, but do give latitude for installing JSON files. If anybody reading this knows what to do, we can modify the material-icons-fonts package to include the JSON files and unbundle them from this package. In that case, I would also be willing to package octicons and do the same unbundling. Even better would be if somebody who knows what they are doing submits octicons for review. :-) > 2) Material icons are under Apache Software License Yes, the comment above the License field says so. > 3) Documentation contains javascript files which may also have different > licenses Good point. I will add a comment above the License field in the docs subpackage. > 4) License file seems not to be packaged See explanation above. > 5) Can octicons https://github.com/primer/octicons be packaged separately > instead of using a bundled library? If the SVG-to-JSON hurdle can be overcome, then yes. > 6) Timestamps are preserved for documentation, but not for the python files The spec file uses the approved python macro, %pyproject_install, to do the installation. If it doesn't preserve timestamps when it should, that is out of my hands. > 7) Why not use tox to run the tests? > https://docs.fedoraproject.org/en-US/packaging-guidelines/Python/#_tox Because it doesn't seem to do anything. This runs with no noticeable delay: ``` + /usr/bin/python3 -m tox --current-env -q --recreate -e py311 ___________________________________ summary ____________________________________ py311: commands succeeded congratulations :) ``` as opposed to using %pytest, which takes several seconds and prints meaningful output. New URLs (although that doesn't matter, since this bug is closed): Spec URL: https://jjames.fedorapeople.org/python-sphinx-design/python-sphinx-design.spec SRPM URL: https://jjames.fedorapeople.org/python-sphinx-design/python-sphinx-design-0.2.0-2.fc37.src.rpm
> Because it doesn't seem to do anything. From tox configuration: -------------------------------------- [testenv] usedevelop = true [testenv:py{37,38,39,310}] description = Run unit tests with this Python version extras = testing deps = black flake8~=3.8 flake8-bugbear~=21.3 commands = pytest {posargs} -------------------------------------- In other words, the py311 environment runs no commands. I consider this way of hardcoding some Python versions a bit unfortunate. However, I don't understand what was the idea here, or why the default testenv has no commands :/
> Miro has been telling people that adding the license file under %license as well is redundant, so I left it out of this package. Note that this depends on the build backend. I've been telling people that when the build backend marks it as License-File, %{pyproject_files} will include it marked as %license, and adding it again is redundant. This package apparently uses flit-core build backend and flit-core does not do that.
I believe the included in the build RPM files should be also marked as %license: /usr/lib/python3.11/site-packages/sphinx_design/compiled/octicon_LICENSE /usr/lib/python3.11/site-packages/sphinx_design/compiled/material-icons_LICENSE Out of sheer curiosity, why is html/.doctrees folder kept while .buildinfo removed? I mostly see both of them removed as a result of docs build. Semantic nit-pick: Could the documentation build take place in %build instead of %prep?
(In reply to Miro Hrončok from comment #5) > Note that this depends on the build backend. I've been telling people that > when the build backend marks it as License-File, %{pyproject_files} will > include it marked as %license, and adding it again is redundant. This > package apparently uses flit-core build backend and flit-core does not do > that. Got it. I've added the file marked as %license. (In reply to Karolina Surma from comment #6) > I believe the included in the build RPM files should be also marked as > %license: Done. > Out of sheer curiosity, why is html/.doctrees folder kept while .buildinfo > removed? I mostly see both of them removed as a result of docs build. That was an oversight, corrected. > Semantic nit-pick: Could the documentation build take place in %build > instead of %prep? How on earth did that get into %prep? It was supposed to be in %build in the first place. Perhaps senility is setting in. New URLs: Spec URL: https://jjames.fedorapeople.org/python-sphinx-design/python-sphinx-design.spec SRPM URL: https://jjames.fedorapeople.org/python-sphinx-design/python-sphinx-design-0.2.0-3.fc37.src.rpm
> > - Large documentation must go in a -doc subpackage. Large could be size > > (~1MB) or number of files. > > Note: Documentation size is 2088960 bytes in 61 files. > > See: https://docs.fedoraproject.org/en-US/packaging- > > guidelines/#_documentation > > ??? There is a python-sphinx-design-docs package, exactly the one that contains 61 files, in fact. I ran the fedora-review on the newest version and I've got the same notice, it seems to have come from the subpackage being "-docs" rather than "-doc" which automation looks for. I think it should be renamed for consistency with the rest of Fedora's packages and the Guidelines: https://docs.fedoraproject.org/en-US/packaging-guidelines/#_separate_documentation_packages
Except for the doc issue, the package meets the Packaging Guidelines, it installs, it is possible to use (I tested it with Sphinx 5 & python-myst-parser 0.18 on Rawhide), its metadata look correctly, requires and provides are sane. We've discussed license files and the breakdown of licenses in specfile, which was addressed. The material and octicon glyphs issue has been discussed and no better solution rather than include the json files with annotation in the specfile has appeared so far. I'm in favor of approving the package even though it's the duplicate review ticket, so if the both interested packagers agree, let's reopen this ticket, set the appropriate flags and move forward.
In bug 2099411 comment 3 Elliot writes: "I actually think Jerry did a more thorough job than I did." So I think we can take this as an agreement to do the swap and continue with this one.
*** Bug 2099411 has been marked as a duplicate of this bug. ***
Huh, I didn't realize that "doc" versus "docs" matters. I've made that change, and also converted all of the license info over to SPDX. Any instances of "MIT" now refer to the SPDX identifier of that name. New URLs: Spec URL: https://jjames.fedorapeople.org/python-sphinx-design/python-sphinx-design.spec SRPM URL: https://jjames.fedorapeople.org/python-sphinx-design/python-sphinx-design-0.2.0-4.fc37.src.rpm
The SPDX syntax uses uppercase AND: https://docs.fedoraproject.org/en-US/legal/license-field/#_conjunctive_and_licensing
The correct conjunction is now used in SPDX expressions. New URLs: Spec URL: https://jjames.fedorapeople.org/python-sphinx-design/python-sphinx-design.spec SRPM URL: https://jjames.fedorapeople.org/python-sphinx-design/python-sphinx-design-0.2.0-5.fc37.src.rpm
I ran fedora-review on the latest package version, verified the previous comments were addressed. Package APPROVED.
Thank you very much, Karolina. I appreciate you sticking with this review.
(fedscm-admin): The Pagure repository was created at https://src.fedoraproject.org/rpms/python-sphinx-design
The package has been built in Rawhide.
Thanks for following up on this; I planned to get to it again this weekend, but you had already progressed pretty far.
No problem. To punish you for your sins, I've made you comaintainer. :-)