Spec URL: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-40-x86_64/07911107-python-dandischema/python-dandischema.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-40-x86_64/07911107-python-dandischema/python-dandischema-0.10.2-1.fc40.src.rpm Description: Python library for maintaining and managing DANDI metadata schemata Fedora Account System Username: mithunveluri Pagure issue: https://pagure.io/neuro-sig/NeuroFedora/issue/471 Fedora-review: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-40-x86_64/07911107-python-dandischema/fedora-review/review.txt
Thanks Mithun! Continuing the journey into (Python) packaging here. > # Running tox tests is time consuming and some need network. Allow skipping tests. > %bcond tests 0 The comment is not entirely true. While there are many tests, they do not take long to run. Yes, some require network. That's something we see frequently and we have to deal with that. Allowing tests to be skipped is fine. But, by default, they should be run. In the zarr-checksum review I already talked about `%tox` vs. `%pytest`. This is a good example where running tests using `%pytest` may be preferred, because using `tox` and the associated `test` extra will pull in linters (in this case `mypy` and `pytest-cov`), which we do not want [1]. Since `pytest` also reads `tox.ini` for configuration, you will need to modify the `addopts` there [2]. You will also need to specify additional test modules manually or modify the test extra in `setup.cfg` removing linters and then us that for pulling them in (see the `-x` option of `%pyproject_buildrequires` [3]). Regarding tests requiring network, they are not hard to avoid in this particular case. There's a hint [4] in `tox.ini`, but it's easily missed. It's also helpful looking at how upstream runs tests by exploring their GitHub workflows. There's another hint [5]. ;) I leave it to you to figure out what to do. I'm intentionally more general in my answers this time around, since I want you to explore the documents and different options yourself, which will help you understand them better. But do not hesitate to ask if you get lost or need clarification. Happy packaging! [1] https://docs.fedoraproject.org/en-US/packaging-guidelines/Python/#_linters [2] https://github.com/dandi/dandi-schema/blob/6fc16b8c0305d175873bcb9b5862ef5c6ec896c7/tox.ini#L33 [3] https://docs.fedoraproject.org/en-US/packaging-guidelines/Python/#pyproject_buildrequires [4] https://github.com/dandi/dandi-schema/blob/6fc16b8c0305d175873bcb9b5862ef5c6ec896c7/tox.ini#L8 [5] https://github.com/dandi/dandi-schema/blob/master/.github/workflows/test-nonetwork.yml
Thank you for comments Sandro! I understand that by default tests should be run. I'll make a note of it. Removed `%tox` and used `%pytest`. Used `sed` to remove test coverage checkers from tox.ini test env. Also, apart from `pytest` we aren't building any extra modules. Used environment variable to exclude network tests and some other tests which use `flake`. Spec URL: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-rawhide-x86_64/07914878-python-dandischema/python-dandischema.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-rawhide-x86_64/07914878-python-dandischema/python-dandischema-0.10.2-1.fc42.src.rpm Fedora-review: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-rawhide-x86_64/07914878-python-dandischema/fedora-review/review.txt
Alright! We are getting closer to the finish line. A couple of remarks (no action required): > # ref was mistakenly set to v0.10.2 by forge causing download to fail > # so manually set it > %global ref %{version} Setting the `v` prefix is the default. It seems the majority of projects use that when setting the version. Some don't and some use a different prefix. I usually use `%global tag %{version}` if upstream does not use a prefix as per [1]. But if `ref` works, feel free... > # Exclude tests which need network > export DANDI_TESTS_NONETWORK=1 Excellent! That was made easy by upstream. However, that's not always the case. Sometimes upstream uses a different approach and other times you will have to exclude tests specifically. You'll learn about that when you get there. Two points that need attention: > git tag %{version} Since you dit not commit your changes before tagging, `git status` would tell you: Changes not staged for commit: (use "git add <file>..." to update what will be committed) (use "git restore <file>..." to discard changes in working directory) modified: tox.ini and that results in something like `Version: 0.10.2+0.g7e9edc1.dirty` in the packages metadata (in `%{python3_sitelib}/dandischema-0.10.2+0.g7e9edc1.dirty.dist-info/METADATA) as well as `__version__ = "0.10.2+0.g7e9edc1.dirty"` in `%{python3_sitelib}/dandischema/_version.py`. Make sure you commit all changes before tagging to avoid those pitfalls. See the example I pointed to on Matrix [2]. > # Exclude tests which use flake > %pytest -v --ignore=dandischema/tests/{test_datacite.py,test_models.py} I suppose you misinterpreted the error message thrown by the excluded tests (going by your comment): > E pytest.PytestUnknownMarkWarning: Unknown pytest.mark.flaky - is this a typo? You can register custom marks to avoid this warning - for details, see https://docs.pytest.org/en/stable/how-to/mark.html That has nothing to do with the linters called `flake*` (e.g. flake8). The error is thrown, because you are missing a pytest plugin. The plugin in question is mentioned in the `test` extra in `setup.cfg` [3]. Simply add the missing plugin as a BR and those tests will succeed. [1] https://docs.fedoraproject.org/en-US/packaging-guidelines/SourceURL/#_tag_example [2] https://src.fedoraproject.org/rpms/python-superqt/blob/rawhide/f/python-superqt.spec [3] https://github.com/dandi/dandi-schema/blob/6fc16b8c0305d175873bcb9b5862ef5c6ec896c7/setup.cfg#L55
Thanks for your comments Sandro, For now, I'd go by setting 'ref'. Moving further will explore 'tag'. And yes, I missed to verify list (rpm -qpl) of files which will be installed via result rpm. Also, even if had verified the files of rpm, I wouldn't have figured out that staged changes can caused hash to come in version string. Thanks for pointing that! Regarding the tests, my bad, I did misunderstood it as flake, in real there is an pytest plugin "flaky" which has to be added in BR. Below are the fresh URLs. Spec URL: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-rawhide-x86_64/07915943-python-dandischema/python-dandischema.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-rawhide-x86_64/07915943-python-dandischema/python-dandischema-0.10.2-1.fc42.src.rpm Fedora-review: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-rawhide-x86_64/07915943-python-dandischema/fedora-review/review.txt
(In reply to Mithun Veluri from comment #4)further will explore 'tag'. > And yes, I missed to verify list (rpm -qpl) of files which will be installed > via result rpm. Also, even if had verified the files of rpm, I wouldn't have > figured out that staged changes can caused hash to come in version string. > Thanks for pointing that! If you look in /usr/lib/python3.12/site-packages/ you will not see many `*dist-info` directories with a git hash in there. But it's something that's easily missed. Also if upstream is not using any fancy versioning based on VCS, this wouldn't be an issue. > Regarding the tests, my bad, I did misunderstood it as flake, in real there > is an pytest plugin "flaky" which has to be added in BR. Well, almost. It seems you are guessing a bit. Yes the error message mentions `flaky`. But it's not what upstream is using. Upstream uses `pytest-rerunfailures`. It's listed in `setup.cfg` as a dependency for the `test` extra. While the tests succeed with `flaky`, they might break if upstream decides to use a specific feature of `pytest-rerunfailures` that `flaky` does not support. Also we should stay as close to upstream as possible. I encourage you to take another look at `setup.cfg` and try to understand what it does, how it defines dependencies. Last but not least, upstream released a new version a few days ago. I only noticed today when preparing a patch for excluding the tests from the wheel [1]. I think it's useful to apply that patch. If upstream accepts it, it will be in the next release. If not we can keep it as a downstream only patch in order to avoid installing the tests and test data (JSON files). Please also update to the latest release, 0.10.3. [1] https://github.com/dandi/dandi-schema/pull/249
[X] Used pytest-rerunfailures. [X] Applied your patch (0001-Exclude-tests-from-wheel.patch) [X] Bumped release version to 0.10.3 Spec URL: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-rawhide-x86_64/07918746-python-dandischema/python-dandischema.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/mithunveluri/reviews/fedora-rawhide-x86_64/07918746-python-dandischema/python-dandischema-0.10.3-1.fc42.src.rpm
Thank you! The package is APPROVED. Please see my remarks below. Remarks ======= ### Patches [ ]: Patches link to upstream bugs/comments/lists or are otherwise justified. > # Patch for source tarball to exlude tests from wheel > Patch1: 0001-Exclude-tests-from-wheel.patch => You should add a link to the upstream issue. You can also use a URL for getting the patch from upstream: Patch: https://github.com/dandi/dandi-schema/pull/249.patch Or even shorten that to %{forgeurl}/pull/249.patch. Also, numbering patches is no longer required especially when using autosetup with `-p1`. Using the URL for the patch has two advantages: 1. It makes clear the patch is from upstream or has been sent upstream. 2. It allows fetching it with `spectool -g`, which would download it as `249.patch`. ### License files The license file is included twice. This package is using setuptools as a build backend, which allows for specifying license file(s), which the pyproject macros use for marking those files as %license: rpm -q --licensefiles -p results_python-dandischema/0.10.3/1.fc42/python3-dandischema-0.10.3-1.fc41.noarch.rpm /usr/lib/python3.13/site-packages/dandischema-0.10.3.dist-info/LICENSE /usr/share/licenses/python3-dandischema/LICENSE Instead of using `%pyproject_save_files -L %{pypi_name}`, use `%pyproject_save_files -l %{pypi_name}` (lower case letter L). That checks that a license file is indeed included and allows you to omit `%license LICENSE`, thus avoiding duplication. ### Documentation You could include upstream's `CHANGELOG.md` as a %doc as a service to users, allowing them to easily check what has changed when the package is updated. Those are hints for improvement. You can decide what to do with them on import. Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed Issues: ======= - Dist tag is present. => Due to use of %{autorelease}. Not a problem. - Package must not depend on deprecated() packages. Note: python3-pytest7 is deprecated, you must not depend on it. See: https://docs.fedoraproject.org/en-US/packaging- guidelines/deprecating-packages/ => False positive. Not exactly sure about the reson. But package BRs `python3dist(pytest)` which should bring in the correct version. ===== MUST items ===== Generic: [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: License field in the package spec file matches the actual license. [x]: Package must own all directories that it creates. Note: Directories without known owners: /usr/lib/python3.13, /usr/lib/python3.13/site-packages => False positive. [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [-]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Package is not known to require an ExcludeArch tag. [x]: Package complies to the Packaging Guidelines [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: The License field must be a valid SPDX expression. [x]: Package requires other packages for directories it uses. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 2101 bytes in 1 files. [x]: Packages must not store files under /srv, /opt or /usr/local Python: [-]: Python eggs must not download any dependencies during the build process. [-]: A package which is used by another package via an egg interface should provide egg info. [x]: Package meets the Packaging Guidelines::Python [x]: Package contains BR: python2-devel or python3-devel [x]: Packages MUST NOT have dependencies (either build-time or runtime) on packages named with the unversioned python- prefix unless no properly versioned package exists. Dependencies on Python packages instead MUST use names beginning with python2- or python3- as appropriate. [x]: Python packages must not contain %{pythonX_site(lib|arch)}/* in %files [x]: Binary eggs must be removed in %prep ===== SHOULD items ===== Generic: [x]: Reviewer should test that the package builds in mock. [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [?]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [x]: Patches link to upstream bugs/comments/lists or are otherwise justified. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. [?]: Package should compile and build into binary rpms on all supported architectures. [x]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Spec use %global instead of %define unless justified. Note: %define requiring justification: %define autorelease(e:s:pb:n) %{?-p:0.}%{lua: [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: No rpmlint messages. Rpmlint ------- Checking: python3-dandischema-0.10.3-1.fc42.noarch.rpm python-dandischema-0.10.3-1.fc42.src.rpm ============================ rpmlint session starts ============================ rpmlint: 2.5.0 configuration: /usr/lib/python3.12/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml rpmlintrc: [PosixPath('/tmp/tmp5if7rv1a')] checks: 32, packages: 2 python-dandischema.spec: W: patch-not-applied Patch1: 0001-Exclude-tests-from-wheel.patch 2 packages and 0 specfiles checked; 0 errors, 1 warnings, 11 filtered, 0 badness; has taken 0.3 s Rpmlint (installed packages) ---------------------------- (none): E: there is no installed rpm "python3-dandischema". There are no files to process nor additional arguments. Nothing to do, aborting. ============================ rpmlint session starts ============================ rpmlint: 2.5.0 configuration: /usr/lib/python3.13/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 32, packages: 1 0 packages and 0 specfiles checked; 0 errors, 0 warnings, 0 filtered, 0 badness; has taken 0.0 s Source checksums ---------------- https://github.com/dandi/dandi-schema/archive/0.10.3/dandi-schema-0.10.3.tar.gz : CHECKSUM(SHA256) this package : c12c4b70571ec18d85806723cdb90a142bb7ad813486c44f0fe36d3925e3f8b0 CHECKSUM(SHA256) upstream package : c12c4b70571ec18d85806723cdb90a142bb7ad813486c44f0fe36d3925e3f8b0 Requires -------- python3-dandischema (rpmlib, GLIBC filtered): (python3.13dist(pydantic) >= 2.4 with python3.13dist(pydantic) < 3) (python3.13dist(pydantic[email]) >= 2.4 with python3.13dist(pydantic[email]) < 3) python(abi) python3.13dist(jsonschema) python3.13dist(jsonschema[format]) python3.13dist(requests) python3.13dist(zarr-checksum) Provides -------- python3-dandischema: python-dandischema python3-dandischema python3.13-dandischema python3.13dist(dandischema) python3dist(dandischema) Generated by fedora-review 0.10.0 (e79b66b) last change: 2023-07-24 Command line :/bin/fedora-review --no-colors --prebuilt --rpm-spec --name python-dandischema --mock-config /var/lib/copr-rpmbuild/results/configs/child.cfg Buildroot used: fedora-rawhide-x86_64 Active plugins: Shell-api, Python, Generic Disabled plugins: Perl, Haskell, SugarActivity, Java, C/C++, PHP, R, Ocaml, fonts Disabled flags: EXARCH, EPEL6, EPEL7, DISTTAG, BATCH
The Pagure repository was created at https://src.fedoraproject.org/rpms/python-dandischema
[X] Used URL for patch [X] Remove duplicate license file Publishing the package now. Thank you for your review Sandro!
FEDORA-2024-421e595212 (python-dandischema-0.10.3-2.fc42) has been submitted as an update to Fedora 42. https://bodhi.fedoraproject.org/updates/FEDORA-2024-421e595212
FEDORA-2024-421e595212 (python-dandischema-0.10.3-2.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report.