Spec URL: http://www.marcanoonline.com/downloads/fedora/package_submissions/trilead-ssh2/trilead-ssh2.spec SRPM URL: http://www.marcanoonline.com/downloads/fedora/package_submissions/trilead-ssh2/trilead-ssh2-213-1.fc9.src.rpm Description: Trilead SSH-2 for Java is a library which implements the SSH-2 protocol in pure Java (tested on J2SE 1.4.2 and 5.0). It allows one to connect to SSH servers from within Java programs. It supports SSH sessions (remote command execution and shell access), local and remote port forwarding, local stream forwarding, X11 forwarding and SCP. There are no dependencies on any JCE provider, as all crypto functionality is included. This package is the newest version of ganymed-ssh2 that is not maintained anymore and is required for newer versions of eclipse-subclipse that I am updating. There is no direct source download link, the page http://www.trilead.com/Download/Trilead_SSH_for_Java/ requires to check to options Is this kind of requests legal for Fedora "By downloading a Trilead software product you are certifying that you are not a national of Iraq; Liberia; Myanmar (Burma); Sierra Leone; Côte d'Ivoire; Sudan; Democratic Republic of the Congo; Usbekistan; Belarus; Lebanon or any country (or an explicit mentioned individual or group) to which the SECO (State Secretariat for Economic Affairs, http://www.seco.admin.ch) has decided to impose sanctions against. Please confirm by checking the above checkbox."
You ask a legal question, so blocking FE-Legal. It would be very much preferable to be able to download a tarball directly.
How is the legal question going? I would like to review this but I have no idea what to do with this FE-legal thing.
Well, we're still thinking about this one. Please be patient with us.
After consulting with RH Legal, we've decided that the requirement for Fedora to accept that restriction on behalf of our users in order to simply download the source code is unacceptable. Your only remaining recourse would be to ask upstream if they would lift that restriction. Its a rather odd restriction, seeingly tied to Swiss Economic Sanctions (not crypto related)?
First email sent, Hopefully they can do something to help
Second email sent, the first one has not been replied. Starting to reevaluate http://www.eclipse.org/subversive/
Good news, response received: "To make things short: we removed the export restriction clause and the checkbox from the download page, downloaders also need not to accecpt the BSD license anymore. There is now a direct download link"
Great news.
Lifting FE-Legal, as there is no longer any problem with the restrictions removed. Thanks for following up on this with upstream.
Rpmlint warnings for fix before going to formal review * W: file-not-utf8 /usr/share/doc/trilead-ssh2-213/HISTORY.txt - Easily fixable * W: obsolete-not-provided ganymed-ssh2 - eclipse-slide is requiring ganymed-ssh2 so i guess we would be on the safe side to provide it * W: mixed-use-of-spaces-and-tabs (spaces: line 1, tab: line 18) * W: non-standard-group Development/Documentation There is one more rpmlint warning but it is clearly a bug in rpmlint W: libdir-macro-in-noarch-package %{_libdir}/gcj/%{name} Also please fix Source0 to point to the download url.
(In reply to comment #10) > * W: obsolete-not-provided ganymed-ssh2 - eclipse-slide is requiring > ganymed-ssh2 so i guess we would be on the safe side to provide it I missed this one, trilead-ssh2 is not binary/nor 100% source compatible (but only a few package renames are needed), so both packages are needed until eclipse-slide is updated (ganymed-ssh2 project is dead). I will ask the developer about that
Updated: http://www.marcanoonline.com/downloads/fedora/package_submissions/trilead-ssh2/trilead-ssh2-213-2.fc10.src.rpm http://www.marcanoonline.com/downloads/fedora/package_submissions/trilead-ssh2/trilead-ssh2.spec Updated GCJ AOT to the latest guidelines (I still provides it even when people is starting to not generate it, OpenJDK still is not fully ported outside i386/x86_64 The only rpmlint warnings remaining are: file-not-utf8 /usr/share/doc/trilead-ssh2-213/HISTORY.txt I think this is a rpmlint bug, the only char I see on that document outside the ASCII range is used for the name "Michaël" and I see it without errors on UTF-8 non-standard-group Development Documentation This is as the Java packaging guidelines specfile template libdir-macro-in-noarch-package %attr(-,root,root) %{_libdir}/gcj/%{name} The same, GCJ AOT packaging guidelines
oops forgot, removed Obsoletes until eclipse-slide is updated
I'll review this.
OK package named correctly OK spec file named correctly OK meets the Packaging Guidelines (except for above) OK license is correct, approved and in %doc OK license field in the package spec file matches the actual license OK package MUST successfully compile and build into binary rpms on at least one primary architecture (compiles on x86 cleanly) OK owns all directories OK doesn't contain any duplicate files OK permissions are correctly set OK clean section present OK uses macros consistently OK package contains code OK no large documentation files OK if a package includes something as %doc, it must not affect the runtime of the application. OK packages must not own files or directories already owned by other packages. OK %install MUST run rm -rf %{buildroot} OK all filenames must be valid UTF-8 The only remaining issue is file-not-utf8 /usr/share/doc/trilead-ssh2-213/HISTORY.txt "Michaël" is not actually UTF-8 in this file. Just put the next line in the %prep and we are good to go. iconv -f ISO-8859-1 -t UTF-8 -o HISTORY.txt HISTORY.txt
Robert, I hope you have some time for this soon so I can go on with subclipse.
done http://www.marcanoonline.com/downloads/fedora/package_submissions/trilead-ssh2/trilead-ssh2-213-3.fc10.src.rpm http://www.marcanoonline.com/downloads/fedora/package_submissions/trilead-ssh2/trilead-ssh2.spec
OK, There is nothing else holding this review. This package is APPROVED.
New Package CVS Request ======================= Package Name: trilead-ssh2 Short Description: Trilead SSH-2 for Java is a library which implements the SSH-2 protocol in pure Owners: robmv Branches: F-10 InitialCC: robmv
cvs done. Alexander: Please remember to assign reviews to yourself as reviewer.
Package is in repos now.