Spec URL: https://dcavalca.fedorapeople.org/review/python-pyasn/python-pyasn.spec SRPM URL: https://dcavalca.fedorapeople.org/review/python-pyasn/python-pyasn-1.6.1-1.fc38.src.rpm Description: pyasn is a Python extension module that enables very fast IP address to Autonomous System Number lookups. Current state and Historical lookups can be done, based on the MRT/RIB BGP archive used as input. pyasn is different from other ASN lookup tools in that it provides offline and historical lookups. It provides utility scripts for users to build their own lookup databases based on any MRT/RIB archive. This makes pyasn much faster than online dig/whois/json lookups. Fedora Account System Username: dcavalca
This package built on koji: https://koji.fedoraproject.org/koji/taskinfo?taskID=101300131
Copr build: https://copr.fedorainfracloud.org/coprs/build/5933215 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2208398-python-pyasn/fedora-rawhide-x86_64/05933215-python-pyasn/fedora-review/review.txt Please take a look if any issues were found. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string.
Blocking issue found is the package does not contain License file at all. Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed ===== Issues ===== - Radix module seems to contain different licenses, not included in License tag. It seems to be used by the build. pyasn/pyasn_radix.c: ISC pyasn/_radix/radix.c: BSD-4-Clause and/or ISC pyasn/_radix/radix.h: BSD-4-Clause and/or ISC - License file is *NOT* included at all, but source archive contains it. ===== MUST items ===== C/C++: [x]: Provides: bundled(gnulib) in place as required. Note: Sources not installed [x]: Package does not contain kernel modules. [x]: Development (unversioned) .so files in -devel subpackage, if present. Note: Unversioned so-files in private %_libdir subdirectory (see attachment). Verify they are not in ld path. [x]: If your application is a C or C++ application you must list a BuildRequires against gcc, gcc-c++ or clang. [x]: Header files in -devel subpackage, if present. [x]: Package does not contain any libtool archives (.la) [x]: Package contains no static executables. [x]: Rpath absent or only used for internal libs. Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [!]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated", "MIT License ISC License", "*No copyright* MIT License", "MIT License", "ISC License", "ISC License BSD 4-Clause License". 19 files have unknown license. Detailed output of licensecheck in /home/pemensik/fedora/rawhide/2208398-python- pyasn/licensecheck.txt [!]: License file installed when any subpackage combination is installed. [!]: Package requires other packages for directories it uses. Note: No known owner of /usr/lib64/python3.12, /usr/lib64/python3.12/site-packages Note: Indirect dependency only [x]: %build honors applicable compiler flags or justifies otherwise. [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [-]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Useful -debuginfo package or justification otherwise. [x]: Package is not known to require an ExcludeArch tag. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: The License field must be a valid SPDX expression. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 7078 bytes in 1 files. [x]: Packages must not store files under /srv, /opt or /usr/local Python: [-]: Binary eggs must be removed in %prep Note: Cannot find any build in BUILD directory (--prebuilt option?) [x]: Python eggs must not download any dependencies during the build process. [x]: A package which is used by another package via an egg interface should provide egg info. [x]: Package meets the Packaging Guidelines::Python [x]: Package contains BR: python2-devel or python3-devel [x]: Packages MUST NOT have dependencies (either build-time or runtime) on packages named with the unversioned python- prefix unless no properly versioned package exists. Dependencies on Python packages instead MUST use names beginning with python2- or python3- as appropriate. [x]: Python packages must not contain %{pythonX_site(lib|arch)}/* in %files ===== SHOULD items ===== Generic: [x]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [ ]: Final provides and requires are sane (see attachments). [x]: Fully versioned dependency in subpackages if applicable. Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in python3-pyasn [?]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. [x]: Package should compile and build into binary rpms on all supported architectures. [x]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: python3-pyasn-1.6.1-1.fc40.x86_64.rpm python-pyasn-debugsource-1.6.1-1.fc40.x86_64.rpm python-pyasn-1.6.1-1.fc40.src.rpm =============================================== rpmlint session starts =============================================== rpmlint: 2.4.0 configuration: /usr/lib/python3.11/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml rpmlintrc: [PosixPath('/tmp/tmp9oydrkki')] checks: 31, packages: 3 python3-pyasn.x86_64: W: no-manual-page-for-binary pyasn_util_asnames.py python3-pyasn.x86_64: W: no-manual-page-for-binary pyasn_util_convert.py python3-pyasn.x86_64: W: no-manual-page-for-binary pyasn_util_download.py ================ 3 packages and 0 specfiles checked; 0 errors, 3 warnings, 0 badness; has taken 0.9 s ================ Rpmlint (installed packages) ---------------------------- ============================ rpmlint session starts ============================ rpmlint: 2.5.0 configuration: /usr/lib/python3.12/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 32, packages: 2 python3-pyasn.x86_64: E: spelling-error ('lookups', '%description -l en_US lookups -> lookup, lockups, hookups') python3-pyasn.x86_64: E: spelling-error ('whois', "%description -l en_US whois -> whops, who's, who is") python3-pyasn.x86_64: E: spelling-error ('json', '%description -l en_US json -> son, j son, soon') python3-pyasn.x86_64: W: no-manual-page-for-binary pyasn_util_asnames.py python3-pyasn.x86_64: W: no-manual-page-for-binary pyasn_util_convert.py python3-pyasn.x86_64: W: no-manual-page-for-binary pyasn_util_download.py 2 packages and 0 specfiles checked; 3 errors, 3 warnings, 7 filtered, 3 badness; has taken 0.3 s Unversioned so-files -------------------- python3-pyasn: /usr/lib64/python3.12/site-packages/pyasn/pyasn_radix.cpython-312-x86_64-linux-gnu.so Source checksums ---------------- https://github.com/hadiasghari/pyasn/archive/1.6.1/pyasn-1.6.1.tar.gz : CHECKSUM(SHA256) this package : 4ee4fef63f85d5de5766e436518e18cfc19ebdbda5b5f7023a33da6b8fd821e0 CHECKSUM(SHA256) upstream package : 4ee4fef63f85d5de5766e436518e18cfc19ebdbda5b5f7023a33da6b8fd821e0 Requires -------- python3-pyasn (rpmlib, GLIBC filtered): /usr/bin/python3 libc.so.6()(64bit) python(abi) rtld(GNU_HASH) python-pyasn-debugsource (rpmlib, GLIBC filtered): Provides -------- python3-pyasn: python-pyasn python3-pyasn python3-pyasn(x86-64) python3.12-pyasn python3.12dist(pyasn) python3dist(pyasn) python-pyasn-debugsource: python-pyasn-debugsource python-pyasn-debugsource(x86-64) Generated by fedora-review 0.10.0 (e79b66b) last change: 2023-07-24 Command line :/usr/bin/fedora-review -b 2208398 Buildroot used: fedora-rawhide-x86_64 Active plugins: C/C++, Python, Shell-api, Generic Disabled plugins: Ocaml, SugarActivity, PHP, fonts, Haskell, R, Perl, Java Disabled flags: EXARCH, EPEL6, EPEL7, DISTTAG, BATCH
Not sure whether using suffix .py for commands present in path is a good idea. Usually I would expect it not present, but it might be some tools depend on those names or upstream wants them this way. rpms-unpacked/python3-pyasn-1.6.1-1.fc40.x86_64.rpm/usr/bin ├── pyasn_util_asnames.py ├── pyasn_util_convert.py └── pyasn_util_download.py I would expect the suffix is an implementation detail only and not wanted on commands.
Spec URL: https://dcavalca.fedorapeople.org/review/python-pyasn/python-pyasn.spec SRPM URL: https://dcavalca.fedorapeople.org/review/python-pyasn/python-pyasn-1.6.1-1.fc40.src.rpm Changelog: - update license tag and document the breakdown - backport upstream fixup commit for 1.6.1
Thanks for the review! (In reply to Petr Menšík from comment #3) > Blocking issue found is the package does not contain License file at all. I've updated the license tag to the best of my understanding. The actual license file is included in /usr/lib64/python3.12/site-packages/pyasn-1.6.1.dist-info/LICENSE (In reply to Petr Menšík from comment #4) > Not sure whether using suffix .py for commands present in path is a good idea. Usually I would expect it not present, but it might be some tools depend on those names or upstream wants them this way. I thought about it but I didn't want to deviate from upstream. Looking at `/usr/bin` on my Fedora box there's quite a few things there with various suffixes (including .py) so I think this is probably fine in practice.
The primary problem is there is no %license in %files section. %ľicense LICENSE is missing. No file is installed into /usr/share/licenses/ and that is not optional. That have not changed after comment #5 update. That is required by the first paragraph in https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/#_license_text It seems BSD-4-Clause is okay to use, just needs to be mentioned.
Created attachment 2016549 [details] The .spec file difference from Copr build 5933215 to 7010717
Copr build: https://copr.fedorainfracloud.org/coprs/build/7010717 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2208398-python-pyasn/fedora-rawhide-x86_64/07010717-python-pyasn/fedora-review/review.txt Please take a look if any issues were found. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string.
(In reply to Petr Menšík from comment #7) > The primary problem is there is no %license in %files section. %ľicense > LICENSE is missing. No file is installed into /usr/share/licenses/ and that > is not optional. That have not changed after comment #5 update. This is already taken care of by the %pyproject_save_files macro (see the README at https://src.fedoraproject.org/rpms/pyproject-rpm-macros for details). You can confirm that the license file is being included and correctly marked as %license with: $ rpm -qLp python3-pyasn-1.6.1-1.fc40.x86_64.rpm /usr/lib64/python3.12/site-packages/pyasn-1.6.1.dist-info/LICENSE This is common in packages using the pyproject macros. > That is required by the first paragraph in https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/#_license_text The policy reads: "Note also that it is acceptable for license files to be so flagged in a list which is generated programmatically and included using %files -f. This tagging is often done automatically by macros and not directly visible to the packager. What is important is not the visible presence of the %license directive but instead that all relevant license files included in a package appear when using rpm -q --licensefiles." which to me implies this package is in compliance.
(In reply to Davide Cavalca from comment #10) > (In reply to Petr Menšík from comment #7) > > The primary problem is there is no %license in %files section. %ľicense > > LICENSE is missing. No file is installed into /usr/share/licenses/ and that > > is not optional. That have not changed after comment #5 update. > > This is already taken care of by the %pyproject_save_files macro (see the > README at https://src.fedoraproject.org/rpms/pyproject-rpm-macros for > details). You can confirm that the license file is being included and > correctly marked as %license with: > This is what I got after fedpkg --release rawhide local done on comment #5 spec file: $ rpm -qpl x86_64/python3-pyasn-1.6.1-2.fc41.x86_64.rpm /usr/bin/pyasn_util_asnames.py /usr/bin/pyasn_util_convert.py /usr/bin/pyasn_util_download.py /usr/lib/.build-id /usr/lib/.build-id/c3 /usr/lib/.build-id/c3/afbbb4e40c81f2a8e6a284fbebe091f13b5ddf /usr/lib64/python3.11/site-packages/pyasn /usr/lib64/python3.11/site-packages/pyasn-1.6.1.dist-info /usr/lib64/python3.11/site-packages/pyasn-1.6.1.dist-info/INSTALLER /usr/lib64/python3.11/site-packages/pyasn-1.6.1.dist-info/LICENSE /usr/lib64/python3.11/site-packages/pyasn-1.6.1.dist-info/METADATA /usr/lib64/python3.11/site-packages/pyasn-1.6.1.dist-info/WHEEL /usr/lib64/python3.11/site-packages/pyasn-1.6.1.dist-info/top_level.txt /usr/lib64/python3.11/site-packages/pyasn/__init__.py /usr/lib64/python3.11/site-packages/pyasn/__pycache__ /usr/lib64/python3.11/site-packages/pyasn/__pycache__/__init__.cpython-311.opt-1.pyc /usr/lib64/python3.11/site-packages/pyasn/__pycache__/__init__.cpython-311.pyc /usr/lib64/python3.11/site-packages/pyasn/__pycache__/_version.cpython-311.opt-1.pyc /usr/lib64/python3.11/site-packages/pyasn/__pycache__/_version.cpython-311.pyc /usr/lib64/python3.11/site-packages/pyasn/__pycache__/mrtx.cpython-311.opt-1.pyc /usr/lib64/python3.11/site-packages/pyasn/__pycache__/mrtx.cpython-311.pyc /usr/lib64/python3.11/site-packages/pyasn/_version.py /usr/lib64/python3.11/site-packages/pyasn/mrtx.py /usr/lib64/python3.11/site-packages/pyasn/pyasn_radix.cpython-311-x86_64-linux-gnu.so /usr/share/doc/python3-pyasn /usr/share/doc/python3-pyasn/BACKLOG.txt /usr/share/doc/python3-pyasn/README.md $ rpm -qp x86_64/python3-pyasn-1.6.1-2.fc41.x86_64.rpm -L /usr/lib64/python3.11/site-packages/pyasn-1.6.1.dist-info/LICENSE Okay, this is quite unexpected to me. I have expected license files would land always into /usr/share/licenses/python3-pyasn, like for other packages. But since the license file is correctly marked as a license file and is optional, then everything needed for successful review is present. I think I would fill a request to put at least symlink into /usr/share/licenses, so it is easier to find the actual license text. I have never had to use rpm -q --licensefiles until now, I expect I would not be the only one surprised. Anyway, review passed. Please continue with importing the package!
Filled bug #2264519 for pyproject licenses RFE.
The Pagure repository was created at https://src.fedoraproject.org/rpms/python-pyasn
FEDORA-2024-39e3ee9a6f (python-pyasn-1.6.1-1.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2024-39e3ee9a6f
FEDORA-2024-39e3ee9a6f (python-pyasn-1.6.1-1.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2024-e1ca0e707d (python-pyasn-1.6.1-1.fc40) has been submitted as an update to Fedora 40. https://bodhi.fedoraproject.org/updates/FEDORA-2024-e1ca0e707d
FEDORA-2024-e1ca0e707d (python-pyasn-1.6.1-1.fc40) has been pushed to the Fedora 40 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2024-64495b8834 (python-pyasn-1.6.1-1.fc39) has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2024-64495b8834
FEDORA-2024-17252a49e7 (python-pyasn-1.6.1-1.fc38) has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2024-17252a49e7
FEDORA-2024-17252a49e7 has been pushed to the Fedora 38 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-17252a49e7 \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-17252a49e7 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2024-64495b8834 has been pushed to the Fedora 39 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-64495b8834 \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-64495b8834 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2024-64495b8834 (python-pyasn-1.6.1-1.fc39) has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2024-17252a49e7 (python-pyasn-1.6.1-1.fc38) has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report.