Spec URL: http://lmacken.fedorapeople.org/rpms/python-repoze-what-quickstart.spec
SRPM URL: http://lmacken.fedorapeople.org/rpms/python-repoze-what-quickstart-1.0-2.fc10.src.rpm

* Sun May 31 2009 Luke Macken <lmacken> - 1.0-2
- s/python-repoze-who-plugins-sql/python-repoze-what-plugins-sql/

MUST: rpmlint must be run on every package. The output should be posted in the review.[1]
[yankee@koan python-repoze-what-quickstart]$ rpmlint -iv *
python-repoze-what-quickstart.src: I: checking
python-repoze-what-quickstart.src: E: summary-too-long A plugin enabling a simple authentication system with repoze.who and repoze.what
The "Summary:" must not exceed 79 characters.

python-repoze-what-quickstart.noarch: I: checking
python-repoze-what-quickstart.noarch: E: summary-too-long A plugin enabling a simple authentication system with repoze.who and repoze.what
The "Summary:" must not exceed 79 characters.

python-repoze-what-quickstart.src: I: checking
python-repoze-what-quickstart.src: E: summary-too-long A plugin enabling a simple authentication system with repoze.who and repoze.what
The "Summary:" must not exceed 79 characters.

3 packages and 2 specfiles checked; 3 errors, 0 warnings.

--CHECK

MUST: The package must be named according to the Package Naming Guidelines .
--CHECK

MUST: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption. [2] .
--CHECK

MUST: The package must meet the Packaging Guidelines .
--CHECK

MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines .
--CHECK

MUST: The License field in the package spec file must match the actual license. [3]
--CHECK

MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.[4]
--CHECK

MUST: The spec file must be written in American English. [5]
--CHECK

MUST: The spec file for the package MUST be legible. [6]
--CHECK

MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this.
--CHECK

MUST: The package MUST successfully compile and build into binary rpms on at least one primary architecture. [7]
--CHECK

MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line. [8]
--CHECK

MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense.
--CHECK

MUST: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.[9]
--CHECK

MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. [10]
--CHECK

MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker. [11]
--CHECK

MUST: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. [12]
--CHECK

MUST: A Fedora package must not list a file more than once in the spec file's %files listings. [13]
--CHECK

MUST: Permissions on files must be set properly. Executables should be set with executable permissions, for example. Every %files section must include a %defattr(...) line. [14]
--CHECK

MUST: Each package must have a %clean section, which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). [15]
--CHECK

MUST: Each package must consistently use macros. [16]
--CHECK

MUST: The package must contain code, or permissable content. [17]
--CHECK

MUST: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity). [18]
--CHECK

MUST: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. [18]
--CHECK

MUST: Header files must be in a -devel package. [19]
--CHECK

MUST: Static libraries must be in a -static package. [20]
--CHECK

MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for directory ownership and usability). [21]
--CHECK

MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package. [19]
--CHECK

MUST: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name} = %{version}-%{release} [22]
--CHECK

MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.[20]
--CHECK

MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation. [23]
--CHECK

MUST: Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. [24]
--CHECK

MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot} (or $RPM_BUILD_ROOT). [25]
--CHECK

MUST: All filenames in rpm packages must be valid UTF-8. [26]
--CHECK

SHOULD Items:
Items marked as SHOULD are things that the package (or reviewer) SHOULD do, but is not required to do.

SHOULD: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [27]
--FAIL, query upstream, you know what to do here

(more importantly, each file contains a license header, but there is no general license in the package as a whole, so use your best judgement here)

SHOULD: The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available. [28]
--CHECK

SHOULD: The reviewer should test that the package builds in mock. [29]
--CHECK

SHOULD: The package should compile and build into binary rpms on all supported architectures. [30]
--CHECK

SHOULD: The reviewer should test that the package functions as described. A package should not segfault instead of running, for example.
--CHECK

SHOULD: If scriptlets are used, those scriptlets must be sane. This is vague, and left up to the reviewers judgement to determine sanity. [31]
--CHECK

SHOULD: Usually, subpackages other than devel should require the base package using a fully versioned dependency. [22]
--CHECK

SHOULD: The placement of pkgconfig(.pc) files depends on their usecase, and this is usually for development purposes, so should be placed in a -devel pkg. A reasonable exception is that the main pkg itself is a devel tool not installed in a user runtime, e.g. gcc or gdb. [21]
--CHECK

SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself. [32]
--CHECK

Resolution: PASS

Please note the following though. The files section is overly general, which is ok, but if you can, please try to make it more specific. I'm assuming you know what you're doing here.

Thanks for the submission!

New Package CVS Request
=======================
Package Name: python-repoze-what-quickstart
Short Description: A plugin for a simple authentication system with repoze.who/what
Owners: spot
Branches: EL-5 F-10 F-11 devel
InitialCC: lmacken

... and it's done.

I'll fix the file ownership before I commit, thanks.

This is built in rawhide, but due to other deps, isn't yet built for any other targets. Luke, feel free to kick off a build here when you get the other stuff straightened out.

python-repoze-what-quickstart-1.0-2.el5 has been pushed to the Fedora EPEL 5 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update python-repoze-what-quickstart'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/EL-5/FEDORA-EPEL-2009-0316

(In reply to comment #4)
> This is built in rawhide, but due to other deps, isn't yet built for any other
> targets. Luke, feel free to kick off a build here when you get the other stuff
> straightened out.  

This should be good to go for F-11, as python-repoze-what-plugins-sql should only need being pushed to stable (see bug #479021).

python-repoze-what-quickstart-1.0.1-1.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/python-repoze-what-quickstart-1.0.1-1.fc11

python-repoze-what-quickstart-1.0.1-1.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.