Bug 227041 - Review Request: bea-stax-1.2.0-0.rc1.2jpp - Streaming API for XML
Review Request: bea-stax-1.2.0-0.rc1.2jpp - Streaming API for XML
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Vivek Lakshmanan
Fedora Package Reviews List
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-02-02 12:30 EST by Rafael H. Schloming
Modified: 2014-12-01 18:13 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-03-06 18:04:52 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
mwringe: fedora‑review+
kevin: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Description Rafael H. Schloming 2007-02-02 12:30:49 EST
Spec URL: http://people.redhat.com/rafaels/specs/bea-stax-1.2.0-0.rc1.2jpp.spec
SRPM URL: ftp://jpackage.hmdc.harvard.edu/JPackage/1.7/generic/SRPMS.free/bea-stax-1.2.0-0.rc1.2jpp.src.rpm
Description: The Streaming API for XML (StAX) is a groundbreaking
new Java API for parsing and writing XML easily and
efficiently.

The StAX API.

Javadoc for bea-stax
Comment 1 Matt Wringe 2007-02-12 12:38:01 EST
rpmlint bea-stax-1.2.0-0.rc1.2jpp.src.rpm:
W: bea-stax non-standard-group Development/Libraries/Java
W: bea-stax invalid-license Apache Software License 2
W: bea-stax mixed-use-of-spaces-and-tabs (spaces: line 9, tab: line 51)

rpmlint rpms:
W: bea-stax non-standard-group Development/Libraries/Java
W: bea-stax invalid-license Apache Software License 2
W: bea-stax no-documentation
W: bea-stax-api summary-ended-with-dot The StAX API.
W: bea-stax-api non-standard-group Development/Documentation
W: bea-stax-api invalid-license Apache Software License 2
W: bea-stax-api no-documentation
W: bea-stax-javadoc non-standard-group Development/Documentation
W: bea-stax-javadoc invalid-license Apache Software License 2
W: bea-stax-javadoc dangerous-command-in-%post rm
W: bea-stax-javadoc dangerous-command-in-%postun rm


MUST:
* package is named appropriately
 - match upstream tarball or project name
 - try to match previous incarnations in other distributions/packagers for
consistency
 - specfile should be %{name}.spec
 - non-numeric characters should only be used in Release (ie. cvs or
   something)
 for non-numerics (pre-release, CVS snapshots, etc.), see
   http://fedoraproject.org/wiki/Packaging/NamingGuidelines#PackageRelease
X    - release tag does not follow guidelines
X    - all jpp packages need to have %{?dist} added at the end
 - if case sensitivity is requested by upstream or you feel it should be
   not just lowercase, do so; otherwise, use all lower case for the name
* is it legal for Fedora to distribute this?
 - OSI-approved
 - not a kernel module
 - not shareware
 - is it covered by patents?
 - it *probably* shouldn't be an emulator
 - no binary firmware

* license field matches the actual license.
* license is open source-compatible.
 - use acronyms for licences where common
X not a proper license tag, remove the '2'

* specfile name matches %{name}
* verify source and patches (md5sum matches upstream, know what the patches do)

 X source md5sums match, but project is no longer on project website
   should probably change source link to the following, where the package still
 exists
   http://dist.codehaus.org/stax/distributions/stax-src-1.2.0_rc1-dev.zip  
 
 - if upstream doesn't release source drops, put *clear* instructions on
   how to generate the the source drop; ie. 
  # svn export blah/tag blah
  # tar cjf blah-version-src.tar.bz2 blah
* skim the summary and description for typos, etc.
* correct buildroot
 X buildroot does not follow fedora guidelines
 - should be:
   %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
* if %{?dist} is used, it should be in that form (note the ? and %
locations)
X dist not used, but needs to be added since jpp package

* license text included in package and marked with %doc
X license test not included in package

* keep old changelog entries; use judgement when removing (too old?
useless?)
* packages meets FHS (http://www.pathname.com/fhs/)
* rpmlint on <this package>.srpm gives no output
X rplint gives many warnings, see above
 - justify warnings if you think they shouldn't be there
* changelog should be in one of these formats:

  * Fri Jun 23 2006 Jesse Keating <jkeating@redhat.com> - 0.6-4
  - And fix the link syntax.

  * Fri Jun 23 2006 Jesse Keating <jkeating@redhat.com> 0.6-4
  - And fix the link syntax.

  * Fri Jun 23 2006 Jesse Keating <jkeating@redhat.com>
  - 0.6-4
  - And fix the link syntax.

* Packager tag should not be used
X this should be removed

* Vendor tag should not be used
X this should be removed

* use License and not Copyright 
* Summary tag should not end in a period
* if possible, replace PreReq with Requires(pre) and/or Requires(post)
* specfile is legible
X too many commented lines

* package successfully compiles and builds on at least x86
* BuildRequires are proper
 X missing build requires. This package is at very least missing ant

* summary should be a short and concise description of the package
* description expands upon summary (don't include installation
instructions)
* make sure lines are <= 80 characters
* specfile written in American English
* make a -doc sub-package if necessary
 - see
  
http://fedoraproject.org/wiki/Packaging/Guidelines#head-9bbfa57478f0460c6160947a6bf795249488182b
* packages including libraries should exclude static libraries if possible
* don't use rpath
* config files should usually be marked with %config(noreplace)
* GUI apps should contain .desktop files
* should the package contain a -devel sub-package?
* use macros appropriately and consistently
 - ie. %{buildroot} and %{optflags} vs. $RPM_BUILD_ROOT and $RPM_OPT_FLAGS
* don't use %makeinstall
* locale data handling correct (find_lang)
 - if translations included, add BR: gettext and use %find_lang %{name} at the
   end of %install
* consider using cp -p to preserve timestamps
* split Requires(pre,post) into two separate lines
* package should probably not be relocatable
* package contains code
 - see http://fedoraproject.org/wiki/Packaging/Guidelines#CodeVsContent
 - in general, there should be no offensive content
* package should own all directories and files
* there should be no %files duplicates
* file permissions should be okay; %defattrs should be present
* %clean should be present
* %doc files should not affect runtime
* if it is a web apps, it should be in /usr/share/%{name} and *not* /var/www
* verify the final provides and requires of the binary RPMs
* run rpmlint on the binary RPMs
  - see above errors

SHOULD:
* package should include license text in the package and mark it with %doc
  X license doc is not installed
* package should build on i386
  - build on jpp so should still be buildable
* package should build in mock
  - can't be built in mock, missing buildrequires.
Comment 2 Vivek Lakshmanan 2007-02-13 23:34:13 EST
(In reply to comment #1)
> rpmlint bea-stax-1.2.0-0.rc1.2jpp.src.rpm:
> W: bea-stax non-standard-group Development/Libraries/Java
Group warnings ignored
Ignore

> W: bea-stax invalid-license Apache Software License 2
Fixed

> W: bea-stax mixed-use-of-spaces-and-tabs (spaces: line 9, tab: line 51)
Fixed

> 
> rpmlint rpms:
> W: bea-stax non-standard-group Development/Libraries/Java
Group warnings ignored
> W: bea-stax invalid-license Apache Software License 2
fixed reverted to ASL
> W: bea-stax no-documentation
> W: bea-stax-api summary-ended-with-dot The StAX API.
> W: bea-stax-api non-standard-group Development/Documentation
> W: bea-stax-api no-documentation

> W: bea-stax-javadoc dangerous-command-in-%post rm
> W: bea-stax-javadoc dangerous-command-in-%postun rm
Fixed by removing post postun magic for javadoc handling and adding a proper
owned unversioned directory

>    http://fedoraproject.org/wiki/Packaging/NamingGuidelines#PackageRelease
> X    - release tag does not follow guidelines
> X    - all jpp packages need to have %{?dist} added at the end
Fixed - 0:1.2.0-0.1.rc1.2jpp.1%{?dist} now
> X not a proper license tag, remove the '2'
Done

> 
> * specfile name matches %{name}
> * verify source and patches (md5sum matches upstream, know what the patches do)
> 
>  X source md5sums match, but project is no longer on project website
>    should probably change source link to the following, where the package still
>  exists
>    http://dist.codehaus.org/stax/distributions/stax-src-1.2.0_rc1-dev.zip  
Done, thanks for the URL

>  X buildroot does not follow fedora guidelines
>  - should be:
>    %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Done

> X dist not used, but needs to be added since jpp package
> 
> * license text included in package and marked with %doc
> X license test not included in package
Fixed, added ASF2.0.txt from the source tar ball

> * Packager tag should not be used
> X this should be removed
> 
> * Vendor tag should not be used
> X this should be removed
Fixed
> X too many commented lines
Fixed.
> 
> * package successfully compiles and builds on at least x86
> * BuildRequires are proper
>  X missing build requires. This package is at very least missing ant
Package builds on mock so I assume this is fixed :)

Package available at:
http://tequila-sunrise.ath.cx/rpmreviews/F7/bea-stax/bea-stax-1.2.0-0.1.rc1.2jpp.1.fc7.src.rpm

Spec:
http://tequila-sunrise.ath.cx/rpmreviews/F7/bea-stax/bea-stax.spec
Comment 3 Matt Wringe 2007-02-14 18:19:02 EST
Approved
Comment 4 Vivek Lakshmanan 2007-03-02 18:48:56 EST
New Package CVS Request
=======================
Package Name: bea-stax
Short Description: Streaming API for XML
Owners: vivekl@redhat.com
Branches: devel
InitialCC: vivekl@redhat.com,dbhole@redhat.com

Comment 5 Lubomir Rintel 2008-07-22 13:51:45 EDT
Package Change Request
======================
Package Name:
New Branches: EL-4 EL-5
Updated EPEL CC: add lkundrak

Fedora maintainer agreed to maintain this.
Comment 6 Kevin Fenzi 2008-07-22 14:00:22 EDT
cvs done.

Note You need to log in before you can comment on or make changes to this bug.