Bug 330991 - Review Request: flawfinder - Examines C/C++ source code for security flaws
Review Request: flawfinder - Examines C/C++ source code for security flaws
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Parag AN(पराग)
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-10-13 17:34 EDT by Jakub Hrozek
Modified: 2008-01-11 17:02 EST (History)
2 users (show)

See Also:
Fixed In Version: 1.27-3.fc7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-11 17:02:18 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
panemade: fedora‑review+
kevin: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Description Jakub Hrozek 2007-10-13 17:34:11 EDT
Spec URL: http://hrozkovi.cz/flawfinder.spec
SRPM URL: http://hrozkovi.cz/flawfinder-1.27-2.src.rpm

Description: 
Flawfinder scans through C/C++ source code,
identifying lines ("hits") with potential security flaws.
By default it reports hits sorted by severity, with the riskiest lines first.
Comment 1 Parag AN(पराग) 2007-10-13 23:16:38 EDT
Do you want to use dist tag?
mock build went fine for i386.
but build.log showed
/usr/lib/rpm/pythondeps.sh: line 8: python: command not found
/usr/lib/rpm/pythondeps.sh: line 8: python: command not found
/usr/lib/rpm/pythondeps.sh: line 8: python: command not found
/usr/lib/rpm/pythondeps.sh: line 8: python: command not found

I think may be you need to add BR:python?
Comment 2 Jakub Hrozek 2007-10-14 06:40:19 EDT
http://hrozkovi.cz/flawfinder.spec
http://hrozkovi.cz/flawfinder-1.27-3.fc7.src.rpm

* Sat Oct 13 2007 Jakub Hrozek <jhrozek@redhat.com> 1.27-3
- fix the dist tag
- fix build requires
- fix the Source URL to point to SF.net

Thanks for looking at my package, Parag! I fixed the problems you found and 
also the Source0 URL; it wasn't pointing nowhere before but the project is 
hosted on SF.net, so this is more aligned with the Guidelines..
Comment 3 Parag AN(पराग) 2007-10-14 07:02:22 EDT
Review:
+ package builds in mock (development i386).
+ rpmlint is silent for SRPM and RPM.
+ source files match upstream.
50fff67dd439f42b785577ed8b3a3f7d  flawfinder-1.27.tar.gz
+ package meets naming and packaging guidelines.
+ specfile is properly named, is cleanly written
+ Spec file is written in American English.
+ Spec file is legible.
+ dist tag is present.
+ build root is correct.
+ license is open source-compatible.
+ License text is included in package.
+ %doc files present.
+ BuildRequires are proper.
+ %clean is present.
+ package installed properly.
+ Macro use appears rather consistent.
+ Package contains code.
+ no static libraries.
+ no .pc file present.
+ no -devel subpackage exists.
+ no .la files.
+ no translations are available.
+ Does owns the directories it creates.
+ no duplicates in %files.
+ file permissions are appropriate.
+ no scriptlets are used.
+ Not a GUI app.

APPROVED.
Comment 4 Jakub Hrozek 2007-10-14 07:52:57 EDT
New Package CVS Request
=======================
Package Name: flawfinder
Short Description: Examines C/C++ source code for security flaws
Owners: jhrozek
Branches: F-7
InitialCC: n/a
Cvsextras Commits: yes
Comment 5 Kevin Fenzi 2007-10-14 15:42:01 EDT
cvs done.
Comment 6 Jakub Hrozek 2007-10-15 05:13:16 EDT
Built for devel:
http://koji.fedoraproject.org/koji/taskinfo?taskID=195102
Comment 7 Fedora Update System 2007-10-24 03:03:17 EDT
flawfinder-1.27-3.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update flawfinder'
Comment 8 Fedora Update System 2008-01-11 17:02:16 EST
flawfinder-1.27-3.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.