Spec URL: http://fedora.danny.cz/et/entertrack.spec SRPM URL: http://fedora.danny.cz/et/entertrack-1.2.2-1.fc10.src.rpm Description: EnterTrack is an open source web-based artifact tracking/management system written in PHP. EnterTrack is derived from Issue-Tracker v4.0.1 (www.issue-tracker.com) and adds a number of features particularly useful to larger groups. EnterTrack provides large organizations with start-to-finish tracking of artifacts (artifacts can be problems, bugs, requests, projects, etc.), group collaboration for artifact management, and status reports for high-level performance metrics. Rpmlint warns about non-standard uid/gid for files and directories that needs to be writable by apache and errors at zero-length index.html whose purpose is to block access to the dir (some content is added in the current upstream code).
Update spec URL: http://fedora.danny.cz/et/entertrack.spec Updated SRPM URL: http://fedora.danny.cz/et/entertrack-1.2.3-1.fc10.src.rpm ChangeLog: - update to new upstream version 1.2.3
Update spec URL: http://fedora.danny.cz/et/entertrack.spec Updated SRPM URL: http://fedora.danny.cz/et/entertrack-1.2.4-1.fc10.src.rpm ChangeLog: - update to new upstream version 1.2.4
Update spec URL: http://fedora.danny.cz/et/entertrack.spec Updated SRPM URL: http://fedora.danny.cz/et/entertrack-1.2.5-1.fc10.src.rpm ChangeLog: - update to new upstream version 1.2.5
Update spec URL: http://fedora.danny.cz/et/entertrack.spec Updated SRPM URL: http://fedora.danny.cz/et/entertrack-1.2.6-1.fc10.src.rpm ChangeLog: - update to new upstream version 1.2.6
+ rpmlint output Lots and lots of: entertrack.noarch: W: non-standard-uid /var/lib/entertrack/cache apache entertrack.noarch: W: non-standard-gid /var/lib/entertrack/cache apache entertrack.noarch: W: non-standard-uid /var/lib/entertrack/sessions apache entertrack.noarch: W: non-standard-gid /var/lib/entertrack/sessions apache As far as I'm aware these warnings are harmless. + package name satisfies the packaging naming guidelines Because this isn't a PHP add-on, it doesn't need to obey the PHP naming guidelines. + specfile name matches the package base name + package should satisfy packaging guidelines ? license meets guidelines and is acceptable to Fedora I'm dubious about this package. It includes a wholesale copy of JpGraph (http://www.aditus.nu/jpgraph/jpdownload.php). The files say simply "All Rights Reserved" but the website says "JpGraph is released under a dual license. QPL 1.0 (Qt Free Licensee) For non-commercial, open-source or educational use and JpGraph Professional License for commercial use." This is "open source" (very loosely defined), but not "non-commercial". Is this the free or the professional version? At the very minimum I think we need to run this one past Tom 'spot' Callaway, and I'd be happier if you could check that the copy included is not the professional version. The email/ directory is another copied package, license GPL (version unspecified). The includes/ directory is LGPLv2+. - license matches the actual package license + %doc includes license file %doc includes one of the license files anyway. + spec file written in American English + spec file is legible + upstream sources match sources in the srpm 87e141f72ce3994cf499e31d3e6a0274 916402 + package successfully builds on at least one architecture i386 n/a ExcludeArch bugs filed + BuildRequires list all build dependencies ? %find_lang instead of %{_datadir}/locale/* Probably could have installed the po files using %find_lang instead of deleting them. Was there a problem with them? n/a binary RPM with shared library files must call ldconfig in %post and %postun + does not use Prefix: /usr + package owns all directories it creates + no duplicate files in %files + %defattr line + %clean contains rm -rf $RPM_BUILD_ROOT + consistent use of macros ? package must contain code or permissible content n/a large documentation files should go in -doc subpackage + files marked %doc should not affect package n/a header files should be in -devel n/a static libraries should be in -static n/a packages containing pkgconfig (.pc) files need 'Requires: pkgconfig' n/a libfoo.so must go in -devel n/a -devel must require the fully versioned base n/a packages should not contain libtool .la files n/a packages containing GUI apps must include %{name}.desktop file + packages must not own files or directories owned by other packages + %install must start with rm -rf %{buildroot} etc. + filenames must be valid UTF-8 Optional: ? if there is no license file, packager should query upstream n/a translations of description and summary for non-English languages, if available - reviewer should build the package in mock - the package should build into binary RPMs on all supported architectures - review should test the package functions as described n/a scriptlets should be sane n/a pkgconfig files should go in -devel + shouldn't have file dependencies outside /etc /bin /sbin /usr/bin or /usr/sbin
Hm, it looks like that JpGraph is a bit problematic - http://fedoraproject.org/wiki/FWN/Issue82#JPGraph_License_Query_Shows_How_To_Remove_A_Package. I will remove it from the released source package completely, the cost will be non-working graph creation, but that is already mentioned in conf/paths.conf. I will talk about that issue with EnterTrack's upstream.
The inclusion of JpGraph library was posted upstream, see http://sourceforge.net/forum/forum.php?thread_id=2202649&forum_id=430769 for details. Updated spec URL: http://fedora.danny.cz/et/entertrack.spec Updated SRPM URL: http://fedora.danny.cz/et/entertrack-1.2.6-2.fc10.src.rpm ChangeLog: - remove JpGraph library from the source archive until done by upstream - fix License tag
That corrects all the problems found in the original review, so: APPROVED.
New Package CVS Request ======================= Package Name: entertrack Short Description: Artifact tracking/management system Owners: sharkcz Branches: F-9 F-10 EL-5
cvs done.
Imported and built. Thanks for the review.