Red Hat Bugzilla – Bug 403801
Review Request: jpoker - A jQuery user interface to play on poker-network based servers
Last modified: 2013-01-09 21:42:44 EST
Spec URL: http://jkeating.fedorapeople.org/review/jpoker.spec
SRPM URL: http://jkeating.fedorapeople.org/review/jpoker-1.0.6-1.fc8.src.rpm
jPoker is a jQuery user interface to play on poker-network based server.
For now jPoker allows you to list running tables and upcoming tournaments,
There's not really all that much to this. In fact, I'm not really clear on what
it's supposed to do; I guess the expectation is that you're running the web
server on the same machines as the poker-network server, because this offers no
choice of server or even any way to configure the server it connects to
(proxy.php seems to hardcode http://127.0.0.1:19382).
Is it safe to have this enabled and exposed to the world by default?
The upstream web site indicates this is some sort of jquery plugin, but the
package bundles jquery itself. I guess it would be super-pointless to cook up
relish the thought of a security issue cropping up in a little library that's
embedded in a bunch of places. I guess you could do it with symlinks.
I'm a bit confused about the License: tag. I see parts which are GPLv2+:
and parts which are dual-licensed MIT and an unknown GPL version:
but I don't see what's licensed as BSD.
So to me it looks more like "License: GPLv2+ and (MIT or GPL+)" is closer to the
truth, but maybe I'm missing something. It's funny how COPYING and
GPL-LICENSE.txt both contain the GPL, but one is re-intended and is missing a
single comma at the end of the copyright line and the entire "How to Apply" section.
The only thing that really troubles me is the License: tag, which should be
trivial to double-check and fix if necessary before you check in.
* source files match upstream:
* package meets naming and versioning guidelines.
* specfile is properly named, is cleanly written and uses macros consistently.
* summary is OK.
* description is OK.
* dist tag is present.
* build root is OK.
? license field matches the actual license.
* license is open source-compatible.
* license text included in package.
* latest version is being packaged.
* BuildRequires are proper (none)
* %clean is present.
* package builds in mock (rawhide, x86_64).
* package installs properly
* rpmlint is silent.
* final provides and requires are sane:
jpoker = 1.0.6-1.fc9
* %check is not present; no test suite upstream. Seems to work as far as I can
figure it out.
* owns the directories it creates.
* doesn't own any directories it shouldn't.
* no duplicates in %files.
* file permissions are appropriate.
* no scriptlets present.
* code, not content.
* documentation is small, so no -docs subpackage is necessary.
* %docs are not necessary for the proper functioning of the package.
APPROVED; please just double check License: before you check in.
Huh, previous versions of this software had a BSD licensed file. That seems to
have gone away. I'll fix up the license.
I'm not entirely sure what all this is expected to do, it's apparently early in
the development. The producers just wanted to get it into Fedora for easier
updating over time.
New Package CVS Request
Package Name: jpoker
Short Description: A jQuery user interface to play on poker-network based servers
Oh, and the GPL license file referenced by the MIT or GPL licensed files is
marked as version 2 at the top, hence the MIT or GPLv2+.
Note that the version of the GPL license file is completely immaterial.
A GPL or LGPL licensed package that lacks any statement of what version that
it's licensed under in the source code/program output/accompanying docs is
technically licensed under *any* version of the GPL or LGPL, not just the
version in whatever COPYING file they include.
Ah, moved to GPL+. Built for rawhide.