Bug 432905 - (blueproximity) Review Request: blueproximity - A tool that locks/unlocks your screen when your bluetooth devices gets away/near from your computer
Review Request: blueproximity - A tool that locks/unlocks your screen when yo...
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Benoît Marcelin
Fedora Extras Quality Assurance
:
: 450226 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-02-14 20:29 EST by Nicolas A. Corrarello
Modified: 2009-05-22 12:56 EDT (History)
12 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-05-14 01:13:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Nicolas A. Corrarello 2008-02-14 20:29:51 EST
Spec URL: http://repo.awardspace.com/contrib/blueproximity.spec
SRPM URL: http://repo.awardspace.com/contrib/blueproximity-1.2.4-1.fc8.src.rpm
Description: 
This software helps you add a little more security to your desktop. It does so by detecting one of your bluetooth devices, most likely your mobile phone, and keeping track of its distance. If you move away from your computer and the distance is above a certain level (no measurement in meters is possible) for a given time, it automatically locks your desktop (or starts any other shell command you want).
Comment 1 Benoît Marcelin 2008-02-15 07:57:35 EST
Ok, it builds under Mock and it does run. Rpmlint have many error and warning :s
Some issues that should be fixed:
- The licence field isn't correct
- the upstream isn't used
- gettext is only a BuildRequire
- use local corectly
- /usr/share/blueproximity/proximity.glade is executable
- name of the icon on the .desktop isn't correct
- the package own /usr/share/locale/*/LC_MESSAGES/ and many other files


MUST Items:
- MUST: rpmlint must be run on every package :
-- src.rpm
blueproximity.src:22: W: setup-not-quiet
blueproximity.src: W: no-%build-section
blueproximity.src: W: mixed-use-of-spaces-and-tabs (spaces: line 1, tab: line 5)
blueproximity.src: E: description-line-too-long This software helps you add a
little more security to your desktop. It does so by detecting one of your
bluetooth devices, most likely your mobile phone, and keeping track of its
distance. If you move away from your computer and the distance is above a
certain level (no measurement in meters is possible) for a given time, it
automatically locks your desktop (or starts any other shell command you want).
blueproximity.src: W: invalid-license GPL
-- noarch.rpm
blueproximity.noarch: E: script-without-shebang
/usr/share/blueproximity/proximity.glade
blueproximity.noarch: E: description-line-too-long This software helps you add a
little more security to your desktop. It does so by detecting one of your
bluetooth devices, most likely your mobile phone, and keeping track of its
distance. If you move away from your computer and the distance is above a
certain level (no measurement in meters is possible) for a given time, it
automatically locks your desktop (or starts any other shell command you want).
blueproximity.noarch: W: invalid-license GPL
blueproximity.noarch: W: file-not-in-%lang
/usr/share/locale/de/LC_MESSAGES/blueproximity.mo
blueproximity.noarch: W: file-not-in-%lang
/usr/share/locale/en/LC_MESSAGES/blueproximity.mo
blueproximity.noarch: W: file-not-in-%lang
/usr/share/locale/es/LC_MESSAGES/blueproximity.mo
blueproximity.noarch: W: file-not-in-%lang
/usr/share/locale/fa/LC_MESSAGES/blueproximity.mo
blueproximity.noarch: W: file-not-in-%lang
/usr/share/locale/it/LC_MESSAGES/blueproximity.mo
blueproximity.noarch: W: file-not-in-%lang
/usr/share/locale/nl/LC_MESSAGES/blueproximity.mo
blueproximity.noarch: W: file-not-in-%lang
/usr/share/locale/ru/LC_MESSAGES/blueproximity.mo
blueproximity.noarch: W: file-not-in-%lang
/usr/share/locale/sv/LC_MESSAGES/blueproximity.mo
blueproximity.noarch: W: file-not-in-%lang
/usr/share/locale/th/LC_MESSAGES/blueproximity.mo
+ MUST: The package must be named according to the Package Naming Guidelines.
+ MUST: The spec file name must match the base package %{name}, in the format
%{name}.spec unless your package has an exemption on Package Naming Guidelines.
- MUST: The package must meet the  Packaging Guidelines.
- MUST: The package must be licensed with a Fedora approved license and meet the
 Licensing Guidelines.
+ MUST: The License field in the package spec file must match the actual license.
+ MUST: If (and only if) the source package includes the text of the license(s)
in its own file, then that file, containing the text of the license(s) for the
package must be included in %doc.
+ MUST: The spec file must be written in American English.
+ MUST: The spec file for the package MUST be legible. If the reviewer is unable
to read the spec file, it will be impossible to perform a review. Fedora is not
the place for entries into the Obfuscated Code Contest (http://www.ioccc.org/).
- MUST: The sources used to build the package must match the upstream source, as
provided in the spec URL. Reviewers should use md5sum for this task. If no
upstream URL can be specified for this package, please see the  Source URL
Guidelines for how to deal with this.
+ MUST: The package must successfully compile and build into binary rpms on at
least one supported architecture.
+ MUST: If the package does not successfully compile, build or work on an
architecture, then those architectures should be listed in the spec in ExcludeArch.
+ MUST: All build dependencies must be listed in BuildRequires, except for any
that are listed in the exceptions section of Packaging Guidelines; inclusion of
those as BuildRequires is optional. Apply common sense.
- MUST: The spec file MUST handle locales properly. This is done by using the
%find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.
+ MUST: Every binary RPM package which stores shared library files (not just
symlinks) in any of the dynamic linker's default paths, must call ldconfig in
%post and %postun.
+ MUST: If the package is designed to be relocatable, the packager must state
this fact in the request for review, along with the rationalization for
relocation of that specific package. Without this, use of Prefix: /usr is
considered a blocker.
+ MUST: A package must own all directories that it creates. If it does not
create a directory that it uses, then it should require a package which does
create that directory. Refer to the  Guidelines for examples.
+ MUST: A package must not contain any duplicate files in the %files listing.
- MUST: Permissions on files must be set properly. Executables should be set
with executable permissions, for example. Every %files section must include a
%defattr(...) line.
+ MUST: Each package must have a %clean section, which contains rm -rf
%{buildroot} (or $RPM_BUILD_ROOT).
+ MUST: Each package must consistently use macros, as described in the macros
section of Packaging Guidelines.
+ MUST: The package must contain code, or permissable content. This is described
in detail in the code vs. content section of Packaging Guidelines.
+ MUST: Large documentation files should go in a -doc subpackage. (The
definition of large is left up to the packager's best judgement, but is not
restricted to size. Large can refer to either size or quantity)
+ MUST: If a package includes something as %doc, it must not affect the runtime
of the application. To summarize: If it is in %doc, the program must run
properly if it is not present.
+ MUST: Header files must be in a -devel package.
+ MUST: Static libraries must be in a -static package.
+ MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for
directory ownership and usability).
+ MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1),
then library files that end in .so (without suffix) must go in a -devel package.
+ MUST: In the vast majority of cases, devel packages must require the base
package using a fully versioned dependency: Requires: %{name} =
%{version}-%{release} 
+ MUST: Packages must NOT contain any .la libtool archives, these should be
removed in the spec.
- MUST: Packages containing GUI applications must include a %{name}.desktop
file, and that file must be properly installed with desktop-file-install in the
%install section. This is described in detail in the desktop files section of
Packaging Guidelines. If you feel that your packaged GUI application does not
need a .desktop file, you must put a comment in the spec file with your explanation.
- MUST: Packages must not own files or directories already owned by other
packages. The rule of thumb here is that the first package to be installed
should own the files or directories that other packages may rely upon. This
means, for example, that no package in Fedora should ever share ownership with
any of the files or directories owned by the filesystem or man package. If you
feel that you have a good reason to own a file or directory that another package
owns, then please present that at package review time.
+ MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot}
+ MUST: All filenames in rpm packages must be valid UTF-8.

SHOULD Items:
+ SHOULD: If the source package does not include license text(s) as a separate
file from upstream, the packager SHOULD query upstream to include it.
+ SHOULD: The description and summary sections in the package spec file should
contain translations for supported Non-English languages, if available.
+ SHOULD: The reviewer should test that the package builds in mock. See
MockTricks for details on how to do this. (i686 and x86_64)
~ SHOULD: The package should compile and build into binary rpms on all supported
architectures. (not tested on ppc and pcc64)
+ SHOULD: The reviewer should test that the package functions as described. A
package should not segfault instead of running, for example.
+ SHOULD: If scriptlets are used, those scriptlets must be sane. This is vague,
and left up to the reviewers judgement to determine sanity.
+ SHOULD: Usually, subpackages other than devel should require the base package
using a fully versioned dependency.
+ SHOULD: The placement of pkgconfig(.pc) files depends on their usecase, and
this is usually for development purposes, so should be placed in a -devel pkg. A
reasonable exception is that the main pkg itself is a devel tool not installed
in a user runtime, e.g. gcc or gdb.
+ SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin,
/usr/bin, or /usr/sbin consider requiring the package which provides the file
instead of the file itself. Please see File Dependencies in the Guidelines for
further information.
Comment 2 Nicolas A. Corrarello 2008-02-15 14:34:07 EST
New SRPM is blueproximity-1.2.4.orig-1.fc8.src in the same url. The Spec file
has been updated. I really did not get the locale stuff.
Comment 3 Guidolin Francesco 2008-02-16 13:10:54 EST
Version:        1.2.4.orig
Non numeric version string like alpha, beta, rc, cannot be simply putted into 
the Version tag, you should use the Release field for this.
http://fedoraproject.org/wiki/Packaging/NamingGuidelines#head-d97a3f40b6dd9d2288206ac9bd8f1bf9b791b22a

W: setup-not-quiet
Setup is not quiet, you should use %setup -q.

The source tag documents where to find the upstream sources for the rpm, in 
most cases this should be a complete URL to the upstream tarball. May be this:
Source0: 
http://downloads.sourceforge.net/blueproximity/blueproximity-1.2.4.tar.gz


Comment 4 Benoît Marcelin 2008-02-17 04:53:29 EST
The release number must be updated : don't use 1.2.4.orig
The http://repo.awardspace.com/contrib/blueproximity-1.2.4.orig-1.fc8.src was a 404

Please fix more bugs before request a new update : only 3 bugs were fixed (4 if
the image name on the .desktop was fixed)

For the local stuff look :
http://fedoraproject.org/wiki/Packaging/Guidelines#head-8c605ebf8330f6d505f384e671986fa99a8f72ee
Comment 5 Nicolas A. Corrarello 2008-02-17 11:55:26 EST
All of the above have been corrected:
(Suggestions by both Benoît and Guidolin)
New links are:
SRPM url: http://repo.awardspace.com/contrib/blueproximity-1.2.4-2.fc8.src.rpm
SPEC url: http://repo.awardspace.com/contrib/blueproximity.spec


Comment 6 Benoît Marcelin 2008-02-17 12:56:07 EST
In the .desktop the field Icon should be "Icon=blueproximity_base"
In %file section please use : %{_datadir}/applications/fedora-%{name}
Source0:       
http://downloads.sourceforge.net/blueproximity/%{name}-%{version}.tar.gz
Is more easier to use wen the package will be update
pygtk2-libglade require pygtk2 which require pygobject2 so keep over pygobject2
and pygtk2
Please fix all rpmlint error and fixable warning :
- E: description-line-too-long
blueproximity.src: E: invalid-spec-name blueproximity-1.spec
blueproximity.src:69: W: macro-in-%changelog setup
blueproximity.src:73: W: macro-in-%changelog version
blueproximity.src:76: W: macro-in-%changelog name
(to fix that use %%setup, %%{name} ... into the changelog)
blueproximity.src: W: no-%build-section
(add an empty %build section)
blueproximity.src: W: mixed-use-of-spaces-and-tabs (spaces: line 1, tab: line 5)

And please update the date into the changelog (unless you can curve time)
Comment 7 Nicolas A. Corrarello 2008-02-17 14:38:04 EST
Benoît:
Fixed this in:
Spec URL: http://repo.awardspace.com/contrib/blueproximity.spec
SRPM URL: http://repo.awardspace.com/contrib/blueproximity-1.2.4-3.fc8.src.rpm

Comment 8 Benoît Marcelin 2008-02-18 12:09:34 EST
Description Line (too long) and mixed use of spaces and tabs (spaces: line 2,
tab: line 1) weren't fixed
Comment 9 Nicolas A. Corrarello 2008-02-18 13:43:19 EST
Benoît:
Fixed this in:
Spec URL: http://repo.awardspace.com/contrib/blueproximity.spec
SRPM URL: http://repo.awardspace.com/contrib/blueproximity-1.2.4-4.fc8.src.rpm
Comment 10 Benoît Marcelin 2008-02-18 13:54:43 EST
fix W: incoherent-version-in-changelog 1.2.4-3 1.2.4-4.fc8
and I will do a full review
Comment 11 Nicolas A. Corrarello 2008-02-20 14:11:58 EST
Benoît:
If you can give me the rpmlint rules you're using I can check before updating.
Anyway, this have been fixed:
Spec URL: http://repo.awardspace.com/contrib/blueproximity.spec
SRPM URL: http://repo.awardspace.com/contrib/blueproximity-1.2.4-4.fc8.src.rpm
Comment 12 Benoît Marcelin 2008-02-20 14:43:03 EST
yum install rpmlint
and just run rpmlint on each rpm :
rpmlint blueproximity-1.2.4-4.fc8.src.rpm
rpmlint blueproximity-1.2.4-4.fc8.noarch.rpm

(I will do the review tomorrow)
Comment 13 Benoît Marcelin 2008-02-25 15:49:00 EST
It still builds under mock, run, and rpmlint runs ok
One issue must be fixed : you have a duplicate of blueproximity_base.svg (use a
symlink)
Many lines can be remove :
install -d %{buildroot}
install -d %{buildroot}%{_bindir}
install -d %{buildroot}%{_datadir}/pixmaps/
install -d %{buildroot}%{_datadir}/locale/
install -d %{buildroot}%{_datadir}/locale/$i
install -d %{buildroot}%{_datadir}/locale/$i/LC_MESSAGES/
mkdir -p %{buildroot}%{_datadir}/applications
%dir %{_datadir}/%{name}/
	( and modify next line to %{_datadir}/%{name} )

MUST Items:
+ MUST: rpmlint must be run on every package : Ok
+ MUST: The package must be named according to the Package Naming Guidelines.
+ MUST: The spec file name must match the base package %{name}, in the format
%{name}.spec unless your package has an exemption on Package Naming Guidelines.
+ MUST: The package must meet the  Packaging Guidelines.
+ MUST: The package must be licensed with a Fedora approved license and meet the
Licensing Guidelines.
+ MUST: The License field in the package spec file must match the actual license.
+ MUST: If (and only if) the source package includes the text of the license(s)
in its own file, then that file, containing the text of the license(s) for the
package must be included in %doc.
+ MUST: The spec file must be written in American English.
+ MUST: The spec file for the package MUST be legible. If the reviewer is unable
to read the spec file, it will be impossible to perform a review. Fedora is not
the place for entries into the Obfuscated Code Contest (http://www.ioccc.org/).
+ MUST: The sources used to build the package must match the upstream source, as
provided in the spec URL. Reviewers should use md5sum for this task. If no
upstream URL can be specified for this package, please see the  Source URL
Guidelines for how to deal with this.
+ MUST: The package must successfully compile and build into binary rpms on at
least one supported architecture.
+ MUST: If the package does not successfully compile, build or work on an
architecture, then those architectures should be listed in the spec in ExcludeArch.
+ MUST: All build dependencies must be listed in BuildRequires, except for any
that are listed in the exceptions section of Packaging Guidelines; inclusion of
those as BuildRequires is optional. Apply common sense.
+ MUST: The spec file MUST handle locales properly. This is done by using the
%find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.
+ MUST: Every binary RPM package which stores shared library files (not just
symlinks) in any of the dynamic linker's default paths, must call ldconfig in
%post and %postun.
+ MUST: If the package is designed to be relocatable, the packager must state
this fact in the request for review, along with the rationalization for
relocation of that specific package. Without this, use of Prefix: /usr is
considered a blocker.
+ MUST: A package must own all directories that it creates. If it does not
create a directory that it uses, then it should require a package which does
create that directory. Refer to the  Guidelines for examples.
- MUST: A package must not contain any duplicate files in the %files listing.
+ MUST: Permissions on files must be set properly. Executables should be set
with executable permissions, for example. Every %files section must include a
%defattr(...) line.
+ MUST: Each package must have a %clean section, which contains rm -rf
%{buildroot} (or $RPM_BUILD_ROOT).
+ MUST: Each package must consistently use macros, as described in the macros
section of Packaging Guidelines.
+ MUST: The package must contain code, or permissable content. This is described
in detail in the code vs. content section of Packaging Guidelines.
+ MUST: Large documentation files should go in a -doc subpackage. (The
definition of large is left up to the packager's best judgement, but is not
restricted to size. Large can refer to either size or quantity)
+ MUST: If a package includes something as %doc, it must not affect the runtime
of the application. To summarize: If it is in %doc, the program must run
properly if it is not present.
+ MUST: Header files must be in a -devel package.
+ MUST: Static libraries must be in a -static package.
+ MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for
directory ownership and usability).
+ MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1),
then library files that end in .so (without suffix) must go in a -devel package.
+ MUST: In the vast majority of cases, devel packages must require the base
package using a fully versioned dependency: Requires: %{name} =
%{version}-%{release}
+ MUST: Packages must NOT contain any .la libtool archives, these should be
removed in the spec.
+ MUST: Packages containing GUI applications must include a %{name}.desktop
file, and that file must be properly installed with desktop-file-install in the
%install section.
+ MUST: Packages must not own files or directories already owned by other packages.
+ MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot}
+ MUST: All filenames in rpm packages must be valid UTF-8.

SHOULD Items:
+ SHOULD: If the source package does not include license text(s) as a separate
file from upstream, the packager SHOULD query upstream to include it.
+ SHOULD: The description and summary sections in the package spec file should
contain translations for supported Non-English languages, if available.
+ SHOULD: The reviewer should test that the package builds in mock. See
MockTricks for details on how to do this. (i686 and x86_64)
~ SHOULD: The package should compile and build into binary rpms on all supported
architectures. (not tested on ppc and pcc64)
+ SHOULD: The reviewer should test that the package functions as described. A
package should not segfault instead of running, for example.
+ SHOULD: If scriptlets are used, those scriptlets must be sane. This is vague,
and left up to the reviewers judgement to determine sanity.
+ SHOULD: Usually, subpackages other than devel should require the base package
using a fully versioned dependency.
+ SHOULD: The placement of pkgconfig(.pc) files depends on their usecase, and
this is usually for development purposes, so should be placed in a -devel pkg. A
reasonable exception is that the main pkg itself is a devel tool not installed
in a user runtime, e.g. gcc or gdb.
+ SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin,
/usr/bin, or /usr/sbin consider requiring the package which provides the file
instead of the file itself. Please see File Dependencies in the Guidelines for
further information.
Comment 14 Nicolas A. Corrarello 2008-03-06 13:23:27 EST
Benoit:
I fixed the duplicate of the png file, changed it for a symlink, but I still
can't find for this to build without install -d'ing the directories.
A little hint with this?
Comment 15 Nicolas A. Corrarello 2008-03-06 14:04:59 EST
Benoit:
Upstream does not have a make install or setup.py ... I've to create some
directories manually, don't have any choice

Spec URL: http://repo.awardspace.com/contrib/blueproximity.spec
SRPM URL: http://repo.awardspace.com/contrib/blueproximity-1.2.4-5.fc8.src.rpm
Comment 16 Benoît Marcelin 2008-03-08 19:31:48 EST
You can remove :
install -d %{buildroot}%{_datadir}/locale/

and for the symlink you can do something like :
cd %{buildroot}%{_datadir}
ln -s ../%{name}/pixmaps/%{name}_base.svg pixmaps/
cd -
Comment 17 Nicolas A. Corrarello 2008-03-11 12:59:38 EDT
Benoit:
Thanks again for your help, fixed this in:
Spec URL: http://repo.awardspace.com/contrib/blueproximity.spec
SRPM URL: http://repo.awardspace.com/contrib/blueproximity-1.2.4-6.fc8.src.rpm

Comment 18 Benoît Marcelin 2008-03-13 11:28:43 EDT
Great it's ok for me :)
Comment 19 Kevin Fenzi 2008-03-13 12:04:17 EDT
Please add a proper cvs template from: 
http://fedoraproject.org/wiki/PackageMaintainers/CVSAdminProcedure
so we know what branches you need, etc. 

Please reset the fedora-cvs flag when you are ready. 
Comment 20 Nicolas A. Corrarello 2008-03-13 12:36:58 EDT
New Package CVS Request
=======================
Package Name: blueproximity
Short Description: A tool that locks/unlocks your computer when your bluetooth
device gets close/away from your computer
Owners: ncorrare
Branches: F-8
InitialCC: 
Cvsextras Commits: yes
Comment 21 Kevin Fenzi 2008-03-13 20:02:03 EDT
Nicolas: It doesn't appear that you are sponsored yet... you need to get
sponsorship before we can add this package with you as maintainer. 

Can you take a look at: 
http://fedoraproject.org/wiki/PackageMaintainers/HowToGetSponsored
and see if you can do any of the items there to show your understanding of the
guidelines? 

Clearing the cvs flag and setting the FE_NEEDSPONSOR blocker so sponsors can see
this request... 
Comment 22 Benoît Marcelin 2008-04-19 04:59:57 EDT
Up
Comment 23 Benoît Marcelin 2008-06-18 06:42:22 EDT
*** Bug 450226 has been marked as a duplicate of this bug. ***
Comment 26 Kevin Fenzi 2009-01-05 01:13:04 EST
So, where do we stand here? 

Nicolas: Did you have any other packages to submit? 
Can you do some 'pre-reviews' of other pending submissions to show that you know the guidelines?
Comment 27 Kevin Fenzi 2009-03-20 22:19:25 EDT
Still no movement here?

I have had someone else express interest in submitting this package, so I will close this review if I don't hear back soon.
Comment 28 Kevin Fenzi 2009-05-14 01:13:48 EDT
No word here at all. I am closing this now.

Note You need to log in before you can comment on or make changes to this bug.