Bug 233423 - Review Request: python-mecab - Python binding for MeCab
Review Request: python-mecab - Python binding for MeCab
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Hans de Goede
Fedora Package Reviews List
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-03-22 09:03 EDT by Mamoru TASAKA
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-04 07:30:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
wtogami: fedora‑review+
wtogami: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Comment 1 Hans de Goede 2007-03-30 14:43:01 EDT
MUST:
=====
* rpmlint output is: <empty>
* Package and spec file named appropriately
* Packaged according to packaging guidelines
* License ok
* spec file is legible and in Am. English.
* Source matches upstream
* Compiles and builds on devel x86_64
* BR: ok
* No locales
* No shared libraries
* Not relocatable
* Package owns / or requires all dirs
* No duplicate files & Permissions
* %clean & macro usage OK
* Contains code only
* %doc does not affect runtime, and isn't large enough to warrent a sub package
* no -devel package needed
* no .desktop file required

Approved!
Comment 2 Hans de Goede 2007-03-30 15:03:28 EDT
One remark though, why meccab-python, but for ruby ruby-mecab, wouldn't it be
better to also call this python-mecab?

Thinking about this some more, according to:
http://fedoraproject.org/wiki/Packaging/NamingGuidelines#head-8756a3bce652c376d7ba3908461b638784b6952d

This must be named python-mecab, unapproving.

Must-fix:
=========
* Change name to python-mecab
Comment 3 Mamoru TASAKA 2007-03-31 08:37:11 EDT
Well,

* This is a Python binding for MeCab, so the main package is
  mecab, not python. i.e. This is rather a subpackage of mecab
  and very similar with paragui-python.

  And... actually for ruby-mecab:
--------------------------------------------------------
These naming guidelines only apply to ruby packages whose main purpose is
providing a Ruby library; packages that mainly provide user-level tools that
happen to be written in Ruby do not need to follow these naming guidelines,
and should follow the general  NamingGuidelines instead.
---------------------------------------------------------
  so.. IMO I have to rename from ruby-mecab to mecab-ruby...

* If mecab-python should be renamed to python-mecab, so are
  mecab-perl, mecab-java? I think it is quite questionable.
Comment 4 Hans de Goede 2007-03-31 12:33:51 EDT
(In reply to comment #3)
> Well,
> 
> * This is a Python binding for MeCab, so the main package is
>   mecab, not python. i.e. This is rather a subpackage of mecab
>   and very similar with paragui-python.
> 
>   And... actually for ruby-mecab:
> --------------------------------------------------------
> These naming guidelines only apply to ruby packages whose main purpose is
> providing a Ruby library; packages that mainly provide user-level tools that
> happen to be written in Ruby do not need to follow these naming guidelines,
> and should follow the general  NamingGuidelines instead.
> ---------------------------------------------------------
>   so.. IMO I have to rename from ruby-mecab to mecab-ruby...
>

No,

The part quoted from the ruby guidelines, is identical for python. In both cases
the exception is for applications, since an application shouldn't be called
python-fee just because its written in python. In this case we are talking about
bindings, iow they make mecabs functionality available to applications written
in python/ruby. Thus they should be called python-mecab and ruby-mecab, this is
so that people looking for python "libs" can find them easily by doing "yum list
'py*'" .

About paragui, things are different there as the binding is in the main lib
package, and the correct name for the main package obviously is paragui, thus a
python subpackage automatically becomes paragui-python, this is an exception I
think. But maybe even there it should get called python-paragui by using
"%package -n python-paragui" instead of "%package python"

In this however these are seperate packages from the main package and thus must
be called python-mecab and ruby-mecab according to my reading of the guidelines,
if you disagree, please discuss this on the list.

> * If mecab-python should be renamed to python-mecab, so are
>   mecab-perl, mecab-java? I think it is quite questionable.

Yes, the same goes for perl modules according to:
http://fedoraproject.org/wiki/Packaging/NamingGuidelines#head-8756a3bce652c376d7ba3908461b638784b6952d

And I cannot find anything for java, so choose what you like I guess.
Comment 5 Mamoru TASAKA 2007-03-31 13:05:51 EDT
Then would you check these?

http://www.ioa.s.u-tokyo.ac.jp/~mtasaka/dist/extras/development/SPECS/python-mecab.spec
http://www.ioa.s.u-tokyo.ac.jp/~mtasaka/dist/extras/development/SRPMS/python-mecab-0.95-2.fc7.src.rpm

* Sat Mar 31 2007 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 0.95-2
- A bit clean up
- change the name to python-mecab
Comment 6 Hans de Goede 2007-03-31 16:59:42 EDT
Looks fine now, approved!
Comment 7 Mamoru TASAKA 2007-04-01 01:03:22 EDT
Thank you!!

Request for CVS admin:

New Package CVS Request
=======================
Package Name:           python-mecab
Short Description:      Python binding for MeCab
Owners:                 mtasaka@ioa.s.u-tokyo.ac.jp
Branches:               devel FC-6 FC-5
InitialCC:              (nobody)

Comment 8 Ralf Corsepius 2007-04-01 01:40:52 EDT
(In reply to comment #6)
> Looks fine now, approved!
Hmm, I don't see any applicable license, copyright not even any mention of an
author.

IMO, it's illegal to ship this package.
Comment 9 Mamoru TASAKA 2007-04-01 01:52:07 EDT
For license:

The license is actually the same as the main part of mecab
(upstream declares), and this binding is simply gerenated
automatically by using swig. So there is no problem.

Anyway I asked upstream to include License document explicitly.
Comment 10 Mamoru TASAKA 2007-04-01 01:55:18 EDT
And.. please understand currently I am _very_ careful for
license...
Comment 11 Ralf Corsepius 2007-04-01 02:12:06 EDT
(In reply to comment #9)
> For license:
> 
> The license is actually the same as the main part of mecab
> (upstream declares), and this binding is simply gerenated
> automatically by using swig. So there is no problem.
There are SEVEREST probles:

You are packaging unlicensed, uncopyrighted sources.

To formulate it into a devil's advocate argument: You are shipping unowned
sources, you or upstream probably have stolen somewhere, very likely from
Microsoft or SCO - Now prove this claim wrong!
Comment 12 Mamoru TASAKA 2007-04-01 02:21:13 EDT
Please don't speek in so aggressive word...

You may use English as your first or second language,
however, I am not and I cannot understand what
you want to say by "devil's advocate argument"...
for me the word seems _very_ aggressive to me
and I hear it as if you are criticizing my personality.....
Comment 13 Hans de Goede 2007-04-01 02:31:23 EDT
Ralf,

I don't see the big problem here ?? I do see a small problem though: Mamoru, I
seem to have missed the fact (my bad) that you have included a modified tarbal
in the SRPM, with license files added. Don't do that! Please provide a new
version with the original tarbal and include a README.fedora pointing to the
license docs in /usr/share/doc/mecab-0.95, those should always be present since
python-mecab Requires mecab. 

Ralf Mamoru is very carefull about licenses AFAIK, for one of the mecab-XXXX
dictionaries I reviewed he explicitly asked Spot if the license was ok. Also the
main mecab is under the BSD/GPL/LGPL, and the main mecab docs refer to this
package as if its an integral part (for as far as I can read japanese) , add to
that the this is distributed from the same website as the main package, has the
same author (which is listed in the original tarbal) , and is indeed all
autogenerated with swig, and I don't see any real problem. We have more packages
where the website says this is GPL, but they forgot to add any license to the
tarbal, there we always request upstream to fix it and in the mean time ship it
as is. So I agree that the adding off licenses by Mamoru is bad, but that
doesn't amke this whole package bad.
Comment 14 Mamoru TASAKA 2007-04-01 02:38:34 EDT
Hans,

Well, I didn't modify tarball. So the tarball in srpm does
not contain License documents. Currently I copy the license
documents from the main part of mecab
---------------------------------------------
# LICENSE
for doc in COPYING BSD GPL LGPL ; do
	%{__install} -cpm 644 %{_datadir}/doc/mecab-%{version}/$doc .
done
---------------------------------------------

You prefer to simply add License.Fedora which says "license documents
are included in main mecab rpm"?
Comment 15 Mamoru TASAKA 2007-04-01 02:42:24 EDT
NOTE:

It seems that my account on my university seems to have expired today....
and sadly, today is Sunday. So while I can upload a modified
spec file as attached, I cannot upload the whole srpm until
I have my account again fixed....
Comment 16 Hans de Goede 2007-04-01 02:52:09 EDT
p.s.

(In reply to comment #8)
> (In reply to comment #6)
> > Looks fine now, approved!
> Hmm, I don't see any applicable license, copyright not even any mention of an
> author.
> 
You didn't look very good then the README clearly states the author.

(In reply to comment #14)
> Hans,
> 
> Well, I didn't modify tarball. So the tarball in srpm does
> not contain License documents. Currently I copy the license
> documents from the main part of mecab
> ---------------------------------------------
> # LICENSE
> for doc in COPYING BSD GPL LGPL ; do
> 	%{__install} -cpm 644 %{_datadir}/doc/mecab-%{version}/$doc .
> done
> ---------------------------------------------
> 

Ah that explains, when I reviewed this I didn't notice. Now I understand, I was
already puzzled how I could have missed a modified tarbal as I always check for
that. Yes please add a License.fedora instead, thats more acurate / honest.

I'm still waiting to hear from Ralf on this though, if my arguments are not
enough to convince him that this package is OK license-wise, we will need to ask
someone with more "powers" to make a judgement on this, for example Spot.

(In reply to comment #15)
> NOTE:
> 
> It seems that my account on my university seems to have expired today....
> and sadly, today is Sunday. So while I can upload a modified
> spec file as attached, I cannot upload the whole srpm until
> I have my account again fixed....

Once the license issue is cleared, you can just attach the modified specfile 
and License.fedora .
Comment 17 Mamoru TASAKA 2007-04-01 03:59:03 EDT
Upstream replied to me that they will include license explicitly
from next version 10 minutes ago.
Comment 18 Hans de Goede 2007-04-01 04:03:51 EDT
Okay, thats good! Let me guess the reply is in japanese? If you can get upstream
to send you a mail in English stating that mecab-python / ruby / perl / java are
under the same license as mecab itself. Then that would end all doubts
surrounding the licensing and we can move forward.

Once you have that mail include that mail in a License.fedora, and refer the
reader to the main mecab License files in that same License.fedora document.
Comment 19 Hans de Goede 2007-04-02 01:26:17 EDT
Warren,

What does the setting of fedora-review to + by you mean, does that mean that you
are happy with the given license explanation and the package as reviewed
initially can be imported? or ?
Comment 20 Ralf Corsepius 2007-04-02 03:04:51 EDT
(In reply to comment #13)
> I don't see the big problem here ??
I do see a SHOWSTOPPER: This package IS NOT PROPERLY LICENSED - Period.

As such it CAN NOT be shipped as part of Fedora.

Comment 21 Warren Togami 2007-04-02 10:06:17 EDT
Hmm, I didnt intentionally set fedora-review+.  That was a mistake on my part.

It seems to me that Ralf is just being a hard ass like usual.  But it is
reasonable to wait until after upstream makes a new release that has explicit
licenses before building this package.
Comment 22 Ralf Corsepius 2007-04-03 03:01:04 EDT
(In reply to comment #21)
> Hmm, I didnt intentionally set fedora-review+.  That was a mistake on my part.
> 
> It seems to me that Ralf is just being a hard ass like usual.
Watch your language, Togami - There might be a language barrier hitting, but are
you really name-calling me as an "arse"?

>  But it is
> reasonable to wait until after upstream makes a new release that has explicit
> licenses before building this package.

There is no doubt that this package violates:
http://fedoraproject.org/wiki/Packaging/Guidelines#head-76294f12c6b481792eb001ba9763d95e2792e825
because it doesn't contain any licence/copyright notice nor any indication that
Fedora is legimitated to ship this package.

We have seen packages banned for far less.
Comment 23 Hans de Goede 2007-05-01 14:15:02 EDT
Any progress on the license issue? Perhaps we should ask Spot otherwise, he is
sorta the authority on license issues.
Comment 24 Mamoru TASAKA 2007-05-01 19:20:26 EDT
Not yet. Upstream said that they would add license text explicitly
in the next version, however it seems that they don't want to release
next version only for license text inclusion.
Comment 25 Hans de Goede 2007-05-02 01:29:58 EDT
You could try asking Spot if the mail from upstream that the license text will
be added is enough for now.
Comment 26 Ralf Corsepius 2007-05-02 02:34:03 EDT
(In reply to comment #25)
> You could try asking Spot if the mail from upstream that the license text will
> be added is enough for now.

Including a copy of this mail probably will be. 

The point behind all this is to shift responsibility and liability wrt.
licensing to "upstream" to prevent harm from users and packagers.
Comment 27 Mamoru TASAKA 2007-05-02 03:56:05 EDT
I sent a mail to spot about license issue of this package.
Comment 28 Mamoru TASAKA 2007-05-02 13:31:15 EDT
spot replied:

------------------------------------------------
If you have a copy of upstream saying that the files are under the same
license as the rest of MeCab, I would recommend that you included a copy
of that email as a text file in the package until they update with the
license texts included, but I think it is OK for Fedora as is.

~spot
-------------------------------------------------
Comment 29 Hans de Goede 2007-05-02 14:08:22 EDT
Well, thats means we can go ahead then, both fedora-review and fedora-cvs flags
are set to +, so you should be able to import it right now.
Comment 30 Mamoru TASAKA 2007-05-03 13:00:16 EDT
Well, I must re-read the build procedure because currently
I have not caught up with what is actually changed during
plague -> koji buildsys change...
Comment 31 Mamoru TASAKA 2007-05-04 07:30:34 EDT
Rebuilt on all branches, closing.

Thank you for the review!!

Note You need to log in before you can comment on or make changes to this bug.