Bug 2257921 - Review Request: python-medimages4tests - Generates dummy medical image for image handling tests
Summary: Review Request: python-medimages4tests - Generates dummy medical image for im...
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Ben Beasley
QA Contact: Fedora Extras Quality Assurance
URL: https://github.com/Australian-Imaging...
Whiteboard:
Depends On: 2257916
Blocks: fedora-neuro, NeuroFedora 2257923
TreeView+ depends on / blocked
 
Reported: 2024-01-11 14:40 UTC by Sandro
Modified: 2025-04-22 06:54 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2025-04-22 06:54:10 UTC
Type: ---
Embargoed:
code: fedora-review+


Attachments (Terms of Use)
The .spec file difference from Copr build 8920209 to 8945248 (3.16 KB, patch)
2025-04-20 12:31 UTC, Fedora Review Service
no flags Details | Diff

Comment 1 Sandro 2024-01-11 14:41:39 UTC
Package depends on `python-sgqlc` (see bug 2257916). For building / testing locally run `dnf copr enable gui1ty/xnat4tests` in order to get the missing dependencies.

Comment 2 Fedora Review Service 2024-01-11 14:43:25 UTC
Copr build:
https://copr.fedorainfracloud.org/coprs/build/6885522
(failed)

Build log:
https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2257921-python-medimages4tests/fedora-rawhide-x86_64/06885522-python-medimages4tests/builder-live.log.gz

Please make sure the package builds successfully at least for Fedora Rawhide.

- If the build failed for unrelated reasons (e.g. temporary network
  unavailability), please ignore it.
- If the build failed because of missing BuildRequires, please make sure they
  are listed in the "Depends On" field


---
This comment was created by the fedora-review-service
https://github.com/FrostyX/fedora-review-service

If you want to trigger a new Copr build, add a comment containing new
Spec and SRPM URLs or [fedora-review-service-build] string.

Comment 3 Sandro 2024-01-11 14:49:29 UTC
Sigh. CopyPasta gone wrong.

Package depends on `openneuro-py` (see bug 2257916). For building / testing locally run `dnf copr enable gui1ty/xnat4tests` in order to get the missing dependencies.

Comment 4 Ben Beasley 2024-01-16 13:43:13 UTC
As a Python library (and furthermore, as an image *generator* rather than a collection of images that happens to be installed as a Python library), this package clearly contains *code* under the CC0-1.0 license, which is not-allowed for code in Fedora.

(The trove classifier "License :: OSI Approved :: Apache Software License" conflicts with the LICENSE file, which is certainly CC0-1.0.)

I think you will need to ask upstream to consider relicensing, or give up on running the tests that require this.

Comment 5 Sandro 2024-01-16 15:26:02 UTC
(In reply to Ben Beasley from comment #4)
> (The trove classifier "License :: OSI Approved :: Apache Software License"
> conflicts with the LICENSE file, which is certainly CC0-1.0.)
> 
> I think you will need to ask upstream to consider relicensing, or give up on
> running the tests that require this.

My bad. I remember having a hunch when I filled in the license in the spec file. But I failed to look into this further.

I'll set this to DEFERRED for now, since I plan on asking upstream to consider relicensing under one of the allowed licenses.

Comment 6 Sandro 2025-04-18 16:51:15 UTC
Upstream has relicensed the package under Apache-2.0. I'm reopening the review request.

Spec URL: https://fedorapeople.org/~gui1ty/review/python-medimages4tests.spec
SRPM URL: https://fedorapeople.org/~gui1ty/review/python-medimages4tests-0.5.7-1.fc43.src.rpm

Comment 7 Fedora Review Service 2025-04-18 16:57:46 UTC
Copr build:
https://copr.fedorainfracloud.org/coprs/build/8920209
(succeeded)

Review template:
https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2257921-python-medimages4tests/fedora-rawhide-x86_64/08920209-python-medimages4tests/fedora-review/review.txt

Please take a look if any issues were found.


---
This comment was created by the fedora-review-service
https://github.com/FrostyX/fedora-review-service

If you want to trigger a new Copr build, add a comment containing new
Spec and SRPM URLs or [fedora-review-service-build] string.

Comment 8 Ben Beasley 2025-04-19 14:15:31 UTC
This looks good overall, with a couple of nitpicks that still need to be handled.

Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated

The license-change patch is acceptable since upstream has merged the change,

  https://github.com/Australian-Imaging-Service/medimages4tests/commit/c0a06fac3a6ec66c5f6bd14509979996f681d275

and this is the only commit since the tag you are packaging, so it’s clear that
the exact source archive you are using may be used under Apache-2.0.

You might find that it’s simpler to package a post-release snapshot of that
commit, rather than patching the license, but the status quo is OK.

Issues:
=======
- Dist tag is present.

  OK: fedora-review does not understand rpmautospec

- The versioneer.py included in the source distribution is version 2.21, which
  was CC0-1.0:

  https://github.com/python-versioneer/python-versioneer/tree/0.21?tab=readme-ov-file#license

  This should be OK under the exception:

    Existing uses of CC0-1.0 on code files in Fedora packages prior to
    2022-08-01, and subsequent upstream versions of those files in those
    packages, continue to be allowed. We encourage Fedora package maintainers
    to ask upstreams to relicense such files.

    https://gitlab.com/fedora/legal/fedora-license-data/-/issues/91#note_1151947383

  It looks like you’re using the system versioneeer, which is version 0.29 and
  is Unlicense, but looking at the _version.py file in the binary RPMs, it was
  still generated by Versioneer 0.21, so it is still CC0-1.0.

  You’ll therefore need to account for this in the License field, something like:

    # The entire source is Apache-2.0, except that versioneer.py and the
    # _version.py it generates are CC0-1.0, not generally allowed for code
    # in Fedora, but OK under the exception for existing uses in Fedora prior
    # to 2022-08-01.
    License:        Apache-2.0 AND CC0-1.0
 
  If you can figure out how to remove the bundled versioneer.py in %prep and
  re-generate _version.py with the system versioneer package, then you can do:

    # The entire source is Apache-2.0, except that versioneer.py and the
    # _version.py it generates are CC0-1.0, not generally allowed for code in
    # Fedora, but OK under the exception for existing uses in Fedora prior to
    # 2022-08-01. While these are included in the source RPM, we re-generate
    # _version.py using the system python-versioneer, which is a later version
    # under Unlicense so the resulting _version.py is also Unlicense.
    License:        Apache-2.0 AND Unlicense

  I tried to demonstrate this, but I could not seem to get it working. Given
  that _version.py was unchanged from upstream, I also tried to avoid the
  song-and-dance with git in %prep and just export
  SETUPTOOLS_SCM_PRETEND_VERSION, but (unusually) I could not get that to work
  either. I wonder what is different here from most other packages that use
  Versioneer…

  If you can help upstream upgrade their Versioneer to a recent version that is
  Unlicense rather than CC0-1.0, so much the better.

- I don’t think this is correct:

    # Remove empty file (rpmlint reports as error)
    [ -s medimages4tests/mri/neuro/base.py ] || rm medimages4tests/mri/neuro/base.py

  A zero-byte file is still importable as an empty Python module:

    python3 -c 'import medimages4tests.mri.neuro.basex'

  …and by removing the source, you have broken the import. The empty module
  seems pointless, but it might still be used somewhere, and there is no good
  reason to diverge from upstream here.

===== MUST items =====

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[!]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses
     found: "Unknown or generated", "*No copyright* Creative Commons CC0
     1.0", "*No copyright* Apache License", "*No copyright* Public domain".
     58 files have unknown license. Detailed output of licensecheck in
     /home/ben/fedora/review/2257921-python-
     medimages4tests/licensecheck.txt

     See Issues; _version.py is CC0-1.0

[x]: Package must own all directories that it creates.
     Note: Directories without known owners: /usr/lib/python3.13/site-
     packages, /usr/lib/python3.13

     Spurious; these directories are owned by python3-libs.

[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
     names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Package is not known to require an ExcludeArch tag.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).

     Some Python sources with trivial contents are incidental duplicates. They
     are small in size, few in number, and not worth manually hardlinking.

[x]: If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %license.
[x]: The License field must be a valid SPDX expression.
[x]: Package requires other packages for directories it uses.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package must not depend on deprecated() packages.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 2532 bytes in 2 files.
[x]: Packages must not store files under /srv, /opt or /usr/local

Python:
[x]: Python eggs must not download any dependencies during the build
     process.
[x]: A package which is used by another package via an egg interface should
     provide egg info.
[x]: Package meets the Packaging Guidelines::Python
[x]: Package contains BR: python2-devel or python3-devel
[x]: Packages MUST NOT have dependencies (either build-time or runtime) on
     packages named with the unversioned python- prefix unless no properly
     versioned package exists. Dependencies on Python packages instead MUST
     use names beginning with python2- or python3- as appropriate.
[x]: Python packages must not contain %{pythonX_site(lib|arch)}/* in %files
[x]: Binary eggs must be removed in %prep

===== SHOULD items =====

Generic:
[-]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Package functions as described.

     (tests pass)

[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[x]: Patches link to upstream bugs/comments/lists or are otherwise
     justified.

     Particularly, upstream has accepted the license change.

[-]: Sources are verified with gpgverify first in %prep if upstream
     publishes signatures.
     Note: gpgverify is not used.
[ ]: Package should compile and build into binary rpms on all supported
     architectures.
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
     files.
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

Generic:
[!]: Spec file according to URL is the same as in SRPM.
     Note: Spec file as given by url is not the same as in SRPM (see
     attached diff).
     See: (this test has no URL)
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).


Rpmlint
-------
Checking: python3-medimages4tests-0.5.7-1.fc43.noarch.rpm
          python-medimages4tests-0.5.7-1.fc43.src.rpm
============================ rpmlint session starts ============================
rpmlint: 2.7.0
configuration:
    /usr/lib/python3.13/site-packages/rpmlint/configdefaults.toml
    /etc/xdg/rpmlint/fedora-legacy-licenses.toml
    /etc/xdg/rpmlint/fedora-spdx-licenses.toml
    /etc/xdg/rpmlint/fedora.toml
    /etc/xdg/rpmlint/scoring.toml
    /etc/xdg/rpmlint/users-groups.toml
    /etc/xdg/rpmlint/warn-on-functions.toml
rpmlintrc: [PosixPath('/tmp/tmphwv7xk4w')]
checks: 32, packages: 2

python-medimages4tests.spec: W: patch-not-applied Patch0: license_change.patch
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/petct_spl/__init__.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_calibration/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_countrate/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_dynamics_sino/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_em_sino/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_listmode/__init__.py:(and 1 more)
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_replay_param/data.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_calibration/data.py
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_em_sino/data.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_countrate/data.py
 2 packages and 0 specfiles checked; 0 errors, 4 warnings, 7 filtered, 0 badness; has taken 0.6 s 




Rpmlint (installed packages)
----------------------------
============================ rpmlint session starts ============================
rpmlint: 2.7.0
configuration:
    /usr/lib/python3.13/site-packages/rpmlint/configdefaults.toml
    /etc/xdg/rpmlint/fedora-spdx-licenses.toml
    /etc/xdg/rpmlint/fedora.toml
    /etc/xdg/rpmlint/scoring.toml
    /etc/xdg/rpmlint/users-groups.toml
    /etc/xdg/rpmlint/warn-on-functions.toml
checks: 32, packages: 1

python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/petct_spl/__init__.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_calibration/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_countrate/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_dynamics_sino/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_em_sino/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_listmode/__init__.py:(and 1 more)
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_replay_param/data.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_calibration/data.py
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_em_sino/data.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_countrate/data.py
 1 packages and 0 specfiles checked; 0 errors, 3 warnings, 3 filtered, 0 badness; has taken 0.1 s 



Source checksums
----------------
https://github.com/australian-imaging-service/medimages4tests/archive/v0.5.7/medimages4tests-0.5.7.tar.gz :
  CHECKSUM(SHA256) this package     : 9eea5545e9f9da49cb3f7b5812ae6fd2e31e0475cdfabe4a42349a4e6f7d988a
  CHECKSUM(SHA256) upstream package : 9eea5545e9f9da49cb3f7b5812ae6fd2e31e0475cdfabe4a42349a4e6f7d988a


Requires
--------
python3-medimages4tests (rpmlib, GLIBC filtered):
    python(abi)
    python3.13dist(attrs)
    python3.13dist(nibabel)
    python3.13dist(openneuro-py)
    python3.13dist(pydicom)



Provides
--------
python3-medimages4tests:
    python-medimages4tests
    python3-medimages4tests
    python3.13-medimages4tests
    python3.13dist(medimages4tests)
    python3dist(medimages4tests)



Diff spec file in url and in SRPM
---------------------------------
--- /home/ben/fedora/review/2257921-python-medimages4tests/srpm/python-medimages4tests.spec	2025-04-19 08:49:43.336365174 -0400
+++ /home/ben/fedora/review/2257921-python-medimages4tests/srpm-unpacked/python-medimages4tests.spec	2025-04-17 20:00:00.000000000 -0400
@@ -1,2 +1,12 @@
+## START: Set by rpmautospec
+## (rpmautospec version 0.7.3)
+## RPMAUTOSPEC: autorelease, autochangelog
+%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
+    release_number = 1;
+    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
+    print(release_number + base_release_number - 1);
+}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
+## END: Set by rpmautospec
+
 %global pypi_name medimages4tests
 %global forgeurl https://github.com/australian-imaging-service/medimages4tests
@@ -74,3 +84,15 @@
 
 %changelog
-%autochangelog
+## START: Generated by rpmautospec
+* Fri Apr 18 2025 Sandro <devel> - 0.5.7-1
+- Update to 0.5.7
+
+* Wed Jan 10 2024 Sandro <devel> - 0.3.3-3
+- Remove empty file (rpmlint error)
+
+* Wed Jan 10 2024 Sandro <devel> - 0.3.3-2
+- Exclude scripts/ and tests/ from wheel
+
+* Wed Jan 10 2024 Sandro <devel> - 0.3.3-1
+- Initial package
+## END: Generated by rpmautospec


Generated by fedora-review 0.10.0 (e79b66b) last change: 2023-07-24
Command line :/usr/bin/fedora-review -b 2257921
Buildroot used: fedora-rawhide-x86_64
Active plugins: Shell-api, Generic, Python
Disabled plugins: Ocaml, Java, Perl, fonts, Haskell, R, SugarActivity, PHP, C/C++
Disabled flags: EXARCH, EPEL6, EPEL7, DISTTAG, BATCH

Comment 9 Ben Beasley 2025-04-19 14:36:03 UTC
Oops, missed one:


[x]: Package should compile and build into binary rpms on all supported
     architectures.

     https://koji.fedoraproject.org/koji/taskinfo?taskID=131715275

Comment 10 Sandro 2025-04-20 10:15:07 UTC
Thanks for the detailed review.

> You might find that it’s simpler to package a post-release snapshot of that
> commit, rather than patching the license, but the status quo is OK.

I actually like that idea. Though, trying to get there with forge macros _and_ Versioneer makes this more difficult than it should be. I might still do it anyway.


> I tried to demonstrate this, but I could not seem to get it working. Given
> that _version.py was unchanged from upstream, I also tried to avoid the
> song-and-dance with git in %prep and just export
> SETUPTOOLS_SCM_PRETEND_VERSION, but (unusually) I could not get that to work
> either. I wonder what is different here from most other packages that use
> Versioneer…

That statement confused me. Does Versioneer honor SETUPTOOLS_SCM_PRETEND_VERSION? I searched through the code and didn't find any mention of it. There is an open issue requesting support for an override by environment variable:

https://github.com/python-versioneer/python-versioneer/issues/199

For the rest of the discussion regarding Versioneer, I believe we had a similar debate before. Somehow, I thought using the packaged Versioneer would allow me to omit expanding on the license.

But it seems I remembered wrong and I will have to add something either way. I will try to get it working using the system installed Versioneer replacing whatever upstream ships. I wish we could get a global exception not having to bother with Versioneer's license...


> A zero-byte file is still importable as an empty Python module:
>
>   python3 -c 'import medimages4tests.mri.neuro.basex'
>
> …and by removing the source, you have broken the import. The empty module
> seems pointless, but it might still be used somewhere, and there is no good
> reason to diverge from upstream here.

By "broken the import" are you referring to the import statement above? Because for me `%pyproject_check_import` works either way.

Your point is valid, though, and I removed that bit. I will add an `.rpmlintrc` silencing the error.

Comment 11 Sandro 2025-04-20 12:25:48 UTC
It turned out upstream's Versioneer config is broken. Looks like medimages4tests may have started out as a partial copy of xnat4tests with versioneer.py copied, but not the stuff it generates when installed.

I sent a PR upstream. If that gets merged I can make another post-release including that commit as well.

Spec URL: https://fedorapeople.org/~gui1ty/review/python-medimages4tests.spec
SRPM URL: https://fedorapeople.org/~gui1ty/review/python-medimages4tests-0.5.7%5e20250417gitc0a06fa-1.fc43.src.rpm

Comment 12 Fedora Review Service 2025-04-20 12:31:50 UTC
Created attachment 2085976 [details]
The .spec file difference from Copr build 8920209 to 8945248

Comment 13 Fedora Review Service 2025-04-20 12:31:53 UTC
Copr build:
https://copr.fedorainfracloud.org/coprs/build/8945248
(succeeded)

Review template:
https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2257921-python-medimages4tests/fedora-rawhide-x86_64/08945248-python-medimages4tests/fedora-review/review.txt

Please take a look if any issues were found.


---
This comment was created by the fedora-review-service
https://github.com/FrostyX/fedora-review-service

If you want to trigger a new Copr build, add a comment containing new
Spec and SRPM URLs or [fedora-review-service-build] string.

Comment 14 Ben Beasley 2025-04-20 12:51:26 UTC
(In reply to Sandro from comment #10)
> That statement confused me. Does Versioneer honor
> SETUPTOOLS_SCM_PRETEND_VERSION? I searched through the code and didn't find
> any mention of it. There is an open issue requesting support for an override
> by environment variable:

No, the problem was that my brain was temporarily broken. You’re correct about Versioneer.

> For the rest of the discussion regarding Versioneer, I believe we had a
> similar debate before. Somehow, I thought using the packaged Versioneer
> would allow me to omit expanding on the license.

I mean, it *is* a minor quibble, as license issues go, and there is probably an argument that some kinds of _version.py (the ones without substantial code) are potentially too simple and mechanical to be copyrightable in most jurisdictions, but the "License" section of the README does say:

  To make Versioneer easier to embed, all its code is dedicated to the public domain.
  The _version.py that it creates is also in the public domain. Specifically, both
  are released under the "Unlicense", as described in https://unlicense.org/.

Older versions have the same text, but specify CC0-1.0.

Now, one could probably make some arguments about interpretation and intent, as
this text somewhat wrongly conflates these ultra-permissive licenses with a pure
public domain dedication, but it seems safest and simplest to just take the
statement at face value: the generated _version.py is under the same license as
Versioneer, which is Unlicense or CC0-1.0 depending on version. (If I remember
correctly, even older versions of Versioneer were LicenseRef-Fedora-Public-Domain.)

> I wish we could get a global exception not having
> to bother with Versioneer's license...

I wish upstreams would just stop using it. It was clever in its day, but tools like
setuptools_scm and hatch-vcs are less messy and invasive.

> By "broken the import" are you referring to the import statement above?
> Because for me `%pyproject_check_import` works either way.

Right, I just mean that something, somewhere *could* want to import that module.

(In reply to Sandro from comment #11)
> It turned out upstream's Versioneer config is broken. Looks like
> medimages4tests may have started out as a partial copy of xnat4tests with
> versioneer.py copied, but not the stuff it generates when installed.
> 
> I sent a PR upstream. If that gets merged I can make another post-release
> including that commit as well.
> 
> Spec URL: https://fedorapeople.org/~gui1ty/review/python-medimages4tests.spec
> SRPM URL:
> https://fedorapeople.org/~gui1ty/review/python-medimages4tests-0.5.
> 7%5e20250417gitc0a06fa-1.fc43.src.rpm

The spec-file changes here look great at a glance. I’ll take a closer look at
the details.

Comment 15 Ben Beasley 2025-04-20 13:09:03 UTC
The submission addresses all the previous feedback; it is simpler than before, which is great; and your efforts to work with upstream may further improve the situation in the future. I found no *new* issues, so the package is APPROVED.

Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated



===== MUST items =====

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses
     found: "Unknown or generated", "*No copyright* Apache License 2.0",
     "*No copyright* Apache License", "*No copyright* Public domain". 58
     files have unknown license. Detailed output of licensecheck in
     /home/ben/fedora/review/2257921-python-
     medimages4tests/20250420/2257921-python-
     medimages4tests/licensecheck.txt
[x]: If the package is under multiple licenses, the licensing breakdown
     must be documented in the spec.
[x]: Package must own all directories that it creates.
     Note: Directories without known owners: /usr/lib/python3.13/site-
     packages, /usr/lib/python3.13

     (spurious, owned by python3-libs)

[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
     names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Package is not known to require an ExcludeArch tag.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %license.
[x]: The License field must be a valid SPDX expression.
[x]: Package requires other packages for directories it uses.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package must not depend on deprecated() packages.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 2532 bytes in 2 files.
[x]: Packages must not store files under /srv, /opt or /usr/local

Python:
[x]: Python eggs must not download any dependencies during the build
     process.
[x]: A package which is used by another package via an egg interface should
     provide egg info.
[x]: Package meets the Packaging Guidelines::Python
[x]: Package contains BR: python2-devel or python3-devel
[x]: Packages MUST NOT have dependencies (either build-time or runtime) on
     packages named with the unversioned python- prefix unless no properly
     versioned package exists. Dependencies on Python packages instead MUST
     use names beginning with python2- or python3- as appropriate.
[x]: Python packages must not contain %{pythonX_site(lib|arch)}/* in %files
[x]: Binary eggs must be removed in %prep

===== SHOULD items =====

Generic:
[-]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Package functions as described.

     (tests pass)

[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[x]: Patches link to upstream bugs/comments/lists or are otherwise
     justified.
[-]: Sources are verified with gpgverify first in %prep if upstream
     publishes signatures.
     Note: gpgverify is not used.
[x]: Package should compile and build into binary rpms on all supported
     architectures.

     (checked on the previous submission, unlikely to have broken)

[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
     files.
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

Generic:
[!]: Spec file according to URL is the same as in SRPM.
     Note: Spec file as given by url is not the same as in SRPM (see
     attached diff).
     See: (this test has no URL)
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).


Rpmlint
-------
Checking: python3-medimages4tests-0.5.7^20250417gitc0a06fa-1.fc43.noarch.rpm
          python-medimages4tests-0.5.7^20250417gitc0a06fa-1.fc43.src.rpm
============================ rpmlint session starts ============================
rpmlint: 2.7.0
configuration:
    /usr/lib/python3.13/site-packages/rpmlint/configdefaults.toml
    /etc/xdg/rpmlint/fedora-legacy-licenses.toml
    /etc/xdg/rpmlint/fedora-spdx-licenses.toml
    /etc/xdg/rpmlint/fedora.toml
    /etc/xdg/rpmlint/scoring.toml
    /etc/xdg/rpmlint/users-groups.toml
    /etc/xdg/rpmlint/warn-on-functions.toml
rpmlintrc: [PosixPath('/tmp/tmp7_t6s8ym')]
checks: 32, packages: 2

python3-medimages4tests.noarch: E: zero-length /usr/lib/python3.13/site-packages/medimages4tests/mri/neuro/base.py
python-medimages4tests.spec: W: patch-not-applied Patch0: 0001-Update-Versioneer-and-fix-config.patch
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/petct_spl/__init__.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_calibration/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_countrate/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_dynamics_sino/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_em_sino/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_listmode/__init__.py:(and 1 more)
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_replay_param/data.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_calibration/data.py
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_em_sino/data.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_countrate/data.py
 2 packages and 0 specfiles checked; 1 errors, 4 warnings, 7 filtered, 1 badness; has taken 0.6 s 




Rpmlint (installed packages)
----------------------------
============================ rpmlint session starts ============================
rpmlint: 2.7.0
configuration:
    /usr/lib/python3.13/site-packages/rpmlint/configdefaults.toml
    /etc/xdg/rpmlint/fedora-spdx-licenses.toml
    /etc/xdg/rpmlint/fedora.toml
    /etc/xdg/rpmlint/scoring.toml
    /etc/xdg/rpmlint/users-groups.toml
    /etc/xdg/rpmlint/warn-on-functions.toml
checks: 32, packages: 1

python3-medimages4tests.noarch: E: zero-length /usr/lib/python3.13/site-packages/medimages4tests/mri/neuro/base.py
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/petct_spl/__init__.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_calibration/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_countrate/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_dynamics_sino/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_em_sino/__init__.py:/usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_listmode/__init__.py:(and 1 more)
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_replay_param/data.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_calibration/data.py
python3-medimages4tests.noarch: W: files-duplicate /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_em_sino/data.py /usr/lib/python3.13/site-packages/medimages4tests/dummy/raw/pet/siemens/biograph_vision/vr20b/pet_countrate/data.py
 1 packages and 0 specfiles checked; 1 errors, 3 warnings, 3 filtered, 1 badness; has taken 0.1 s 



Source checksums
----------------
https://github.com/australian-imaging-service/medimages4tests/archive/c0a06fac3a6ec66c5f6bd14509979996f681d275/medimages4tests-c0a06fac3a6ec66c5f6bd14509979996f681d275.tar.gz :
  CHECKSUM(SHA256) this package     : 5b6cf31ef9bdd5707999a292a557b7c9dc47aefc12835efe7e5dca254fa79ff3
  CHECKSUM(SHA256) upstream package : 5b6cf31ef9bdd5707999a292a557b7c9dc47aefc12835efe7e5dca254fa79ff3


Requires
--------
python3-medimages4tests (rpmlib, GLIBC filtered):
    python(abi)
    python3.13dist(attrs)
    python3.13dist(nibabel)
    python3.13dist(openneuro-py)
    python3.13dist(pydicom)



Provides
--------
python3-medimages4tests:
    python-medimages4tests
    python3-medimages4tests
    python3.13-medimages4tests
    python3.13dist(medimages4tests)
    python3dist(medimages4tests)



Diff spec file in url and in SRPM
---------------------------------
--- /home/ben/fedora/review/2257921-python-medimages4tests/20250420/2257921-python-medimages4tests/srpm/python-medimages4tests.spec	2025-04-20 08:52:01.573879457 -0400
+++ /home/ben/fedora/review/2257921-python-medimages4tests/20250420/2257921-python-medimages4tests/srpm-unpacked/python-medimages4tests.spec	2025-04-19 20:00:00.000000000 -0400
@@ -1,2 +1,12 @@
+## START: Set by rpmautospec
+## (rpmautospec version 0.7.3)
+## RPMAUTOSPEC: autorelease, autochangelog
+%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
+    release_number = 1;
+    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
+    print(release_number + base_release_number - 1);
+}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
+## END: Set by rpmautospec
+
 %global pypi_name medimages4tests
 
@@ -84,3 +94,23 @@
 
 %changelog
-%autochangelog
+## START: Generated by rpmautospec
+* Sun Apr 20 2025 Sandro <devel> - 0.5.7^20250417gitc0a06fa-1
+- Address issues mentioned in review
+- Package a post-release (for license change)
+- Fix Versioneer as well as its config
+- Include Versioneer's license (for _version.py)
+- Include zero-byte file
+- Make rpmlint not complain about zero-byte file
+
+* Fri Apr 18 2025 Sandro <devel> - 0.5.7-1
+- Update to 0.5.7
+
+* Wed Jan 10 2024 Sandro <devel> - 0.3.3-3
+- Remove empty file (rpmlint error)
+
+* Wed Jan 10 2024 Sandro <devel> - 0.3.3-2
+- Exclude scripts/ and tests/ from wheel
+
+* Wed Jan 10 2024 Sandro <devel> - 0.3.3-1
+- Initial package
+## END: Generated by rpmautospec


Generated by fedora-review 0.10.0 (e79b66b) last change: 2023-07-24
Command line :/usr/bin/fedora-review -b 2257921
Buildroot used: fedora-rawhide-x86_64
Active plugins: Python, Shell-api, Generic
Disabled plugins: Java, Ocaml, PHP, Perl, Haskell, R, C/C++, fonts, SugarActivity
Disabled flags: EXARCH, EPEL6, EPEL7, DISTTAG, BATCH

Comment 16 Fedora Admin user for bugzilla script actions 2025-04-20 15:03:59 UTC
The Pagure repository was created at https://src.fedoraproject.org/rpms/python-medimages4tests


Note You need to log in before you can comment on or make changes to this bug.