Spec URL: https://ppisar.fedorapeople.org/bzip3/bzip3.spec SRPM URL: https://ppisar.fedorapeople.org/bzip3/bzip3-1.1.8-1.fc38.src.rpm Description: These are tools for compressing, decompressing, printing, and searching bzip3 files. bzip3 features higher compression ratios and better performance than bzip2 thanks to an order-0 context mixing entropy coder, a fast Burrows-Wheeler transform code making use of suffix arrays and a run-length encoding with Lempel-Ziv prediction pass based on LZ77-style string matching and PPM-style context modeling. Fedora Account System Username: ppisar
Taking this review.
Upstream has released 1.2.0. I'm going to rebase this package.
An updates package is available now: Spec URL: https://ppisar.fedorapeople.org/bzip3/bzip3.spec SRPM URL: https://ppisar.fedorapeople.org/bzip3/bzip3-1.2.0-1.fc38.src.rpm
Initial spec review notes: > autoreconf -fi Please add -v to this so we have output logged. > %{make_build} > [...] > %{make_install} What's with the braces here? It's a bit odd... > # Deduplicate identical files > if cmp %{buildroot}%{_mandir}/man1/{bz3cat,bunzip3}.1; then > rm %{buildroot}%{_mandir}/man1/bunzip3.1 > ln -s bz3cat.1 %{buildroot}%{_mandir}/man1/bunzip3.1 > fi This are already solink man pages, this is unnecessarily extra work. > %{_bindir}/* > %{_mandir}/man1/*.1* This is too promiscuous and needs to be made more restrictive. Cf. https://docs.fedoraproject.org/en-US/packaging-guidelines/#_explicit_lists > %{_libdir}/libbzip3.so.0 > %{_libdir}/libbzip3.so.0.* This can be simplified to: "%{_libdir}/libbzip3.so.0{,.*}" > %{_libdir}/pkgconfig This is too promiscuous and needs to be made more restrictive. Cf. https://docs.fedoraproject.org/en-US/packaging-guidelines/#_explicit_lists
(In reply to Neal Gompa from comment #4) > Initial spec review notes: > > > autoreconf -fi > > Please add -v to this so we have output logged. > Nonverbose mode already logs which files it touches: $ autoreconf -fi libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, 'build-aux'. libtoolize: copying file 'build-aux/ltmain.sh' libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'build-aux'. libtoolize: copying file 'build-aux/libtool.m4' libtoolize: copying file 'build-aux/ltoptions.m4' libtoolize: copying file 'build-aux/ltsugar.m4' libtoolize: copying file 'build-aux/ltversion.m4' libtoolize: copying file 'build-aux/lt~obsolete.m4' configure.ac:12: installing 'build-aux/compile' configure.ac:14: installing 'build-aux/config.guess' configure.ac:14: installing 'build-aux/config.sub' configure.ac:4: installing 'build-aux/install-sh' configure.ac:4: installing 'build-aux/missing' Makefile.am: installing 'build-aux/depcomp' Enabling a verbose mode, in my opinion, only adds a clutter: --- old 2022-11-02 09:17:51.763826937 +0100 +++ new 2022-11-02 09:18:35.188951224 +0100 @@ -1,4 +1,10 @@ -$ autoreconf -fi +$ autoreconf -vfi +autoreconf: export WARNINGS= +autoreconf: Entering directory '.' +autoreconf: configure.ac: not using Gettext +autoreconf: running: aclocal --force -I build-aux +autoreconf: configure.ac: tracing +autoreconf: running: libtoolize --copy --force libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, 'build-aux'. libtoolize: copying file 'build-aux/ltmain.sh' libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'build-aux'. @@ -7,9 +13,16 @@ libtoolize: copying file 'build-aux/ltsugar.m4' libtoolize: copying file 'build-aux/ltversion.m4' libtoolize: copying file 'build-aux/lt~obsolete.m4' +autoreconf: configure.ac: not using Intltool +autoreconf: configure.ac: not using Gtkdoc +autoreconf: running: aclocal --force -I build-aux +autoreconf: running: /usr/bin/autoconf --force +autoreconf: configure.ac: not using Autoheader +autoreconf: running: automake --add-missing --copy --force-missing configure.ac:12: installing 'build-aux/compile' configure.ac:14: installing 'build-aux/config.guess' configure.ac:14: installing 'build-aux/config.sub' configure.ac:4: installing 'build-aux/install-sh' configure.ac:4: installing 'build-aux/missing' Makefile.am: installing 'build-aux/depcomp' +autoreconf: Leaving directory '.' Is that really helpful? > > %{make_build} > > [...] > > %{make_install} > > What's with the braces here? It's a bit odd... > Without the braces any positional argument becomes arguments of the spec macro. Not arguments of the expanded shell command. An explicit termination of the macro makes the line proof of future changes, either in the macro definition or in adding new arguments. > > # Deduplicate identical files > > if cmp %{buildroot}%{_mandir}/man1/{bz3cat,bunzip3}.1; then > > rm %{buildroot}%{_mandir}/man1/bunzip3.1 > > ln -s bz3cat.1 %{buildroot}%{_mandir}/man1/bunzip3.1 > > fi > > This are already solink man pages, this is unnecessarily extra work. > rpmlint complains on duplicate files. > > %{_bindir}/* > > %{_mandir}/man1/*.1* > > This is too promiscuous and needs to be made more restrictive. > > Cf. > https://docs.fedoraproject.org/en-US/packaging-guidelines/#_explicit_lists > Thanks for highlighting this new rule. I did not know about it. I will adapt the spec file. > > %{_libdir}/libbzip3.so.0 > > %{_libdir}/libbzip3.so.0.* > > This can be simplified to: "%{_libdir}/libbzip3.so.0{,.*}" > Indeed. I will do it. I thought that rpmbuild support shell globs, but not shell brace expansion.
An updates package is available at: Spec URL: https://ppisar.fedorapeople.org/bzip3/bzip3.spec SRPM URL: https://ppisar.fedorapeople.org/bzip3/bzip3-1.2.0-2.fc38.src.rpm
(In reply to Petr Pisar from comment #5) > (In reply to Neal Gompa from comment #4) > > Initial spec review notes: > > > > > autoreconf -fi > > > > Please add -v to this so we have output logged. > > > Nonverbose mode already logs which files it touches: > > $ autoreconf -fi > libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, 'build-aux'. > libtoolize: copying file 'build-aux/ltmain.sh' > libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'build-aux'. > libtoolize: copying file 'build-aux/libtool.m4' > libtoolize: copying file 'build-aux/ltoptions.m4' > libtoolize: copying file 'build-aux/ltsugar.m4' > libtoolize: copying file 'build-aux/ltversion.m4' > libtoolize: copying file 'build-aux/lt~obsolete.m4' > configure.ac:12: installing 'build-aux/compile' > configure.ac:14: installing 'build-aux/config.guess' > configure.ac:14: installing 'build-aux/config.sub' > configure.ac:4: installing 'build-aux/install-sh' > configure.ac:4: installing 'build-aux/missing' > Makefile.am: installing 'build-aux/depcomp' > > Enabling a verbose mode, in my opinion, only adds a clutter: > > --- old 2022-11-02 09:17:51.763826937 +0100 > +++ new 2022-11-02 09:18:35.188951224 +0100 > @@ -1,4 +1,10 @@ > -$ autoreconf -fi > +$ autoreconf -vfi > +autoreconf: export WARNINGS= > +autoreconf: Entering directory '.' > +autoreconf: configure.ac: not using Gettext > +autoreconf: running: aclocal --force -I build-aux > +autoreconf: configure.ac: tracing > +autoreconf: running: libtoolize --copy --force > libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, 'build-aux'. > libtoolize: copying file 'build-aux/ltmain.sh' > libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'build-aux'. > @@ -7,9 +13,16 @@ > libtoolize: copying file 'build-aux/ltsugar.m4' > libtoolize: copying file 'build-aux/ltversion.m4' > libtoolize: copying file 'build-aux/lt~obsolete.m4' > +autoreconf: configure.ac: not using Intltool > +autoreconf: configure.ac: not using Gtkdoc > +autoreconf: running: aclocal --force -I build-aux > +autoreconf: running: /usr/bin/autoconf --force > +autoreconf: configure.ac: not using Autoheader > +autoreconf: running: automake --add-missing --copy --force-missing > configure.ac:12: installing 'build-aux/compile' > configure.ac:14: installing 'build-aux/config.guess' > configure.ac:14: installing 'build-aux/config.sub' > configure.ac:4: installing 'build-aux/install-sh' > configure.ac:4: installing 'build-aux/missing' > Makefile.am: installing 'build-aux/depcomp' > +autoreconf: Leaving directory '.' > > Is that really helpful? > Knowing what autoreconf does or doesn't decide on can be useful if the build *changes* somehow when GNU build system components are upgraded. Up until recently, I would have agreed that it probably doesn't matter much, but then we got an autoconf and automake release... > > > %{make_build} > > > [...] > > > %{make_install} > > > > What's with the braces here? It's a bit odd... > > > Without the braces any positional argument becomes arguments of the spec > macro. Not arguments of the expanded shell command. An explicit termination > of the macro makes the line proof of future changes, either in the macro > definition or in adding new arguments. > > > > # Deduplicate identical files > > > if cmp %{buildroot}%{_mandir}/man1/{bz3cat,bunzip3}.1; then > > > rm %{buildroot}%{_mandir}/man1/bunzip3.1 > > > ln -s bz3cat.1 %{buildroot}%{_mandir}/man1/bunzip3.1 > > > fi > > > > This are already solink man pages, this is unnecessarily extra work. > > > rpmlint complains on duplicate files. > > > > %{_bindir}/* > > > %{_mandir}/man1/*.1* > > > > This is too promiscuous and needs to be made more restrictive. > > > > Cf. > > https://docs.fedoraproject.org/en-US/packaging-guidelines/#_explicit_lists > > > Thanks for highlighting this new rule. I did not know about it. I will adapt > the spec file. > > > > %{_libdir}/libbzip3.so.0 > > > %{_libdir}/libbzip3.so.0.* > > > > This can be simplified to: "%{_libdir}/libbzip3.so.0{,.*}" > > > Indeed. I will do it. I thought that rpmbuild support shell globs, but not > shell brace expansion. This has been supported since RPM 4.12, I think?
> %dir %{_libdir}/pkgconfig This is already owned by pkgconf-pkg-config, which is the provider of /usr/bin/pkg-config, which is a runtime dependency of this package already. This can be dropped.
(In reply to Neal Gompa from comment #8) > > %dir %{_libdir}/pkgconfig > > This is already owned by pkgconf-pkg-config, which is the provider of > /usr/bin/pkg-config, which is a runtime dependency of this package already. > This can be dropped. The generated dependency on /usr/bin/pkg-config is a very recent change in RPM dependency generators and it's nowhere documented. It can silently disappear as it appeared. I wouldn't rely on it. And I wouldn't rely on transitive dependencies at all. Packages installing pkg-config files, if they should depend on something, they should depend on a package is which owns that directory. Unfortunately there are more pkg-config implementations than this one. Hence consider owning the directory the best approach.
I checked a history of the pkg-config generator and it seems it's been in rpmbuild at least 16 years. Maybe I ignored it because of the fact that in Perl we have a pkg-config interpreter which does not need /usr/bin/pkg-config executable. Hence I remember the dependency is wrong. You are right that with the current set of packages in Fedora the explicit ownership is not needed. Thus I changed my mind and I removed it: Spec URL: https://ppisar.fedorapeople.org/bzip3/bzip3.spec SRPM URL: https://ppisar.fedorapeople.org/bzip3/bzip3-1.2.0-3.fc38.src.rpm
Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated ===== MUST items ===== C/C++: [x]: Package does not contain kernel modules. [x]: Package contains no static executables. [x]: If your application is a C or C++ application you must list a BuildRequires against gcc, gcc-c++ or clang. [x]: Header files in -devel subpackage, if present. [x]: ldconfig not called in %post and %postun for Fedora 28 and later. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs. [x]: Development (unversioned) .so files in -devel subpackage, if present. Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated", "GNU Lesser General Public License, Version 3", "BSD 2-Clause License", "*No copyright* Apache License 2.0", "GNU Lesser General Public License v3.0 or later", "Apache License 2.0". 21 files have unknown license. Detailed output of licensecheck in /home/ngompa/2137932-bzip3/licensecheck.txt [x]: License file installed when any subpackage combination is installed. [x]: If the package is under multiple licenses, the licensing breakdown must be documented in the spec. [x]: %build honors applicable compiler flags or justifies otherwise. [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [x]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Useful -debuginfo package or justification otherwise. [x]: Package is not known to require an ExcludeArch tag. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 10240 bytes in 2 files. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [x]: Fully versioned dependency in subpackages if applicable. [x]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [x]: Patches link to upstream bugs/comments/lists or are otherwise justified. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. [x]: Package should compile and build into binary rpms on all supported architectures. [x]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Spec use %global instead of %define unless justified. Note: %define requiring justification: %define programs \{bunzip3,bz3cat,bz3grep,bz3less,bz3more,bzip3\} [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: The placement of pkgconfig(.pc) files are correct. [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on debuginfo package(s). Note: There are rpmlint messages (see attachment). [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Package should not use obsolete m4 macros [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Cannot parse rpmlint output: Rpmlint (debuginfo) ------------------- Cannot parse rpmlint output: Rpmlint (installed packages) ---------------------------- ============================ rpmlint session starts ============================ rpmlint: 2.4.0 configuration: /usr/lib/python3.11/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 31, packages: 6 bzip3-devel.x86_64: W: no-documentation bzip3.x86_64: W: name-repeated-in-summary bzip3 6 packages and 0 specfiles checked; 0 errors, 2 warnings, 0 badness; has taken 0.5 s Source checksums ---------------- https://github.com/kspalaiologos/bzip3/releases/download/1.2.0/bzip3-1.2.0.tar.xz : CHECKSUM(SHA256) this package : f0441519321070e03708638b37bdeb9105aff8f0a5c838e45aff1b0cbe752572 CHECKSUM(SHA256) upstream package : f0441519321070e03708638b37bdeb9105aff8f0a5c838e45aff1b0cbe752572 Requires -------- bzip3 (rpmlib, GLIBC filtered): /usr/bin/sh bzip3-libs(x86-64) grep less libbzip3.so.0()(64bit) libc.so.6()(64bit) rtld(GNU_HASH) util-linux-core bzip3-libs (rpmlib, GLIBC filtered): libc.so.6()(64bit) rtld(GNU_HASH) bzip3-devel (rpmlib, GLIBC filtered): /usr/bin/pkg-config bzip3-libs(x86-64) libbzip3.so.0()(64bit) bzip3-debuginfo (rpmlib, GLIBC filtered): bzip3-debugsource (rpmlib, GLIBC filtered): Provides -------- bzip3: bzip3 bzip3(x86-64) bzip3-libs: bundled(libsais) bzip3-libs bzip3-libs(x86-64) libbzip3.so.0()(64bit) bzip3-devel: bzip3-devel bzip3-devel(x86-64) pkgconfig(bzip3) bzip3-debuginfo: bzip3-debuginfo bzip3-debuginfo(x86-64) debuginfo(build-id) bzip3-debugsource: bzip3-debugsource bzip3-debugsource(x86-64) Generated by fedora-review 0.9.0 (6761b6c) last change: 2022-08-23 Command line :/usr/bin/fedora-review -b 2137932 -m fedora-rawhide-x86_64 Buildroot used: fedora-rawhide-x86_64 Active plugins: C/C++, Shell-api, Generic Disabled plugins: Python, Java, Perl, fonts, PHP, SugarActivity, Ocaml, R, Haskell Disabled flags: EPEL6, EPEL7, DISTTAG, BATCH, EXARCH
This looks good to me now, so... PACKAGE APPROVED.
https://pagure.io/releng/fedora-scm-requests/issue/48779
(fedscm-admin): The Pagure repository was created at https://src.fedoraproject.org/rpms/bzip3
Thanks for the review and the repository.
FEDORA-2022-bf11e7d5ad has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2022-bf11e7d5ad
FEDORA-2022-72dd6f1f59 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-72dd6f1f59
FEDORA-2022-52af963932 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2022-52af963932
FEDORA-2022-52af963932 has been pushed to the Fedora 35 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-52af963932 \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-52af963932 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2022-72dd6f1f59 has been pushed to the Fedora 36 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-72dd6f1f59 \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-72dd6f1f59 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2022-bf11e7d5ad has been pushed to the Fedora 37 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-bf11e7d5ad \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-bf11e7d5ad See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2022-0dae267af7 has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-0dae267af7
FEDORA-EPEL-2022-edea668b35 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-edea668b35
FEDORA-EPEL-2022-0dae267af7 has been pushed to the Fedora EPEL 9 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-0dae267af7 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2022-edea668b35 has been pushed to the Fedora EPEL 8 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-edea668b35 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2022-bf11e7d5ad has been pushed to the Fedora 37 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2022-72dd6f1f59 has been pushed to the Fedora 36 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2022-52af963932 has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2022-0dae267af7 has been pushed to the Fedora EPEL 9 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2022-edea668b35 has been pushed to the Fedora EPEL 8 stable repository. If problem still persists, please make note of it in this bug report.