Bug 330991 - Review Request: flawfinder - Examines C/C++ source code for security flaws
Summary: Review Request: flawfinder - Examines C/C++ source code for security flaws
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Parag AN(पराग)
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-10-13 21:34 UTC by Jakub Hrozek
Modified: 2008-01-11 22:02 UTC (History)
2 users (show)

Fixed In Version: 1.27-3.fc7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-01-11 22:02:18 UTC
Type: ---
Embargoed:
panemade: fedora-review+
kevin: fedora-cvs+

Attachments (Terms of Use)

Description Jakub Hrozek 2007-10-13 21:34:11 UTC 
Spec URL: http://hrozkovi.cz/flawfinder.spec
SRPM URL: http://hrozkovi.cz/flawfinder-1.27-2.src.rpm

Description: 
Flawfinder scans through C/C++ source code,
identifying lines ("hits") with potential security flaws.
By default it reports hits sorted by severity, with the riskiest lines first.
Comment 1 Parag AN(पराग) 2007-10-14 03:16:38 UTC 
Do you want to use dist tag?
mock build went fine for i386.
but build.log showed
/usr/lib/rpm/pythondeps.sh: line 8: python: command not found
/usr/lib/rpm/pythondeps.sh: line 8: python: command not found
/usr/lib/rpm/pythondeps.sh: line 8: python: command not found
/usr/lib/rpm/pythondeps.sh: line 8: python: command not found

I think may be you need to add BR:python?
Comment 2 Jakub Hrozek 2007-10-14 10:40:19 UTC 
http://hrozkovi.cz/flawfinder.spec
http://hrozkovi.cz/flawfinder-1.27-3.fc7.src.rpm

* Sat Oct 13 2007 Jakub Hrozek <jhrozek> 1.27-3
- fix the dist tag
- fix build requires
- fix the Source URL to point to SF.net

Thanks for looking at my package, Parag! I fixed the problems you found and 
also the Source0 URL; it wasn't pointing nowhere before but the project is 
hosted on SF.net, so this is more aligned with the Guidelines..
Comment 3 Parag AN(पराग) 2007-10-14 11:02:22 UTC 
Review:
+ package builds in mock (development i386).
+ rpmlint is silent for SRPM and RPM.
+ source files match upstream.
50fff67dd439f42b785577ed8b3a3f7d  flawfinder-1.27.tar.gz
+ package meets naming and packaging guidelines.
+ specfile is properly named, is cleanly written
+ Spec file is written in American English.
+ Spec file is legible.
+ dist tag is present.
+ build root is correct.
+ license is open source-compatible.
+ License text is included in package.
+ %doc files present.
+ BuildRequires are proper.
+ %clean is present.
+ package installed properly.
+ Macro use appears rather consistent.
+ Package contains code.
+ no static libraries.
+ no .pc file present.
+ no -devel subpackage exists.
+ no .la files.
+ no translations are available.
+ Does owns the directories it creates.
+ no duplicates in %files.
+ file permissions are appropriate.
+ no scriptlets are used.
+ Not a GUI app.

APPROVED.
Comment 4 Jakub Hrozek 2007-10-14 11:52:57 UTC 
New Package CVS Request
=======================
Package Name: flawfinder
Short Description: Examines C/C++ source code for security flaws
Owners: jhrozek
Branches: F-7
InitialCC: n/a
Cvsextras Commits: yes
Comment 5 Kevin Fenzi 2007-10-14 19:42:01 UTC 
cvs done.
Comment 6 Jakub Hrozek 2007-10-15 09:13:16 UTC 
Built for devel:
http://koji.fedoraproject.org/koji/taskinfo?taskID=195102
Comment 7 Fedora Update System 2007-10-24 07:03:17 UTC 
flawfinder-1.27-3.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update flawfinder'
Comment 8 Fedora Update System 2008-01-11 22:02:16 UTC 
flawfinder-1.27-3.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.