Uhh. This package is already in Fedora, so there's no need for this review ticket.

I see you're the upstream maintainer, and think that the ClamTk package hasn't had the TLC it needs. You should contact the ClamTk Fedora maintainer and ask him to update the package to the newest release. This you can do either by opening a bug against clamtk here in Bugzilla, or by mailing clamtk-owner .

If you want to get involved in Fedora packaging you need to open up a review ticket on something that isn't in Fedora.

Closing this ticket as NOTABUG.

PS. If you become a Fedora packager, you can apply for maintainership of clamtk from the current clamtk package owner.

*** This bug has been marked as a duplicate of bug 474535 ***

Ah, reopening, until there is some movement on
bug 530709.

ref:
https://www.redhat.com/archives/fedora-devel-list/2009-November/msg00371.html

Oh OK, sorry. Some notes:

- Source needs to honor Source URL guideline
http://fedoraproject.org/wiki/Packaging/SourceURL

- Missing Requires: desktop-file-utils due to usage of update-desktop-database.

- Mixing of "clamtk" and "%{name}" in %files is IMHO bad style. Change
 %{_datadir}/pixmaps/clamtk.png
to
 %{_datadir}/pixmaps/%{name}.png
or replace occurrences of "%{name}" with "clamtk".

Thank you for your suggestions.

Spec URL: http://clamtk.sourceforge.net/fedora/clamtk.spec
SRPM URL: http://clamtk.sourceforge.net/fedora/clamtk-4.20-2.fc11.src.rpm

Fixed and still rpmlint clean.

Well, I think it is time we should restart this review request
(and later switch the maintainer of clamtk), as more than one
month passed since non-maintainer procedure began.

To Dave:
First of all, would you update clamtk to 4.21?
(note that I have not checked your srpm at all yet)

Here you are:

Spec URL: http://clamtk.sourceforge.net/fedora/4.21/clamtk.spec
SRPM URL: http://clamtk.sourceforge.net/fedora/4.21/clamtk-4.21-1.fc12.src.rpm

Thank you for checking.

Ah, you seems to be the upstream for clamtk, then:

First of all, what does "the same terms as Perl itself" (in
LICENSE file) exactly mean?

- From your spec file, it seems to mean "ASL 2.0"
- However http://dev.perl.org/licenses/ shows perl 5 license
  is under "ASL 2.0 or GPL+"
- And $ rpm -qi perl shows on Fedora the license of perl is marked
  as "(GPL+ or Artistic) and (GPLv2+ or Artistic)".

Note that (from clamav.src.rpm) clamav is under GPLv2 (not GPLv2+)
and ASL 2.0 is incompatible with GPLv2, so ASL 2.0 (only) is not
allowed for clamtk license:
https://fedoraproject.org/wiki/Licensing

(In reply to comment #10)

Sorry, scratch out my previous comment...

Well,

* License
  - Anyway please clarify the license. On Fedora "under the same terms
    as Perl itself" means "GPL+ or Artistic", however is this what
    you intend?
    https://fedoraproject.org/wiki/Packaging/Perl#License_tag

* BuildRequires
  - This srpm won't build without "BuildRequires: desktop-file-utils"
    (as this srpm calls "desktop-file-install" at %install)

* Requires
  - "Requires: desktop-file-utils" should be removed
    ( see:
      https://fedoraproject.org/wiki/Packaging/ScriptletSnippets#desktop-database )

  - Dependency for perl module related dependency must be specified
    by virtual Provides' names and not by using rpm name directly:
    https://fedoraproject.org/wiki/Packaging/Perl#Perl_Requires_and_Provides

  !!By the way please check if writing "Requires: perl-File-Find-Rule" (should be
    written as perl(File::Find::Rule)) explicitly is _really_ needed.
    rpmbuild detects perl module based dependency automatically and adds those
    dependency to binary rpm.
    Actually if you try $ rpm -qp --requires clamtk-XXXXX.noarch.rpm", you will
    see many "perl(foo)" dependency.

I understand your comments and have implemented them, but have a question regarding the License portion. This would require changing the LICENSE file in the original tarball. So, what is the best way to do this: re-packaging 4.21 (4.21-2) with updated LICENSE information, or waiting for 4.22 and re-posting it here? Thanks.

(In reply to comment #13)
* License
> I understand your comments and have implemented them, but have a question
> regarding the License portion. This would require changing the LICENSE file in
> the original tarball. So, what is the best way to do this: re-packaging 4.21
> (4.21-2) with updated LICENSE information, or waiting for 4.22 and re-posting
> it here? Thanks.  

- Don't change 4.21 tarball itself.
  As you are the upstream
  - If you don't want to release 4.22 now, include new license text
    in the srpm (as SourceX) and keep 4.21 tarball itself as it is.
    Then replace the license text with the new one at %prep or so.
  - If you release 4.22, it is okay.

ping?

I would like to take the second option - try again with release 4.22, if that is still okay. I am doing some final testing and awaiting updated language files. It will not affect the spec file. Pending no objections, I will re-post the updated spec file and source rpm when complete.

Otherwise, I can re-post them now as 4.21-2 for review. The downside is I would have to mess with the spec file, and I would just as soon not.

Thank you for reply. Then I will wait for 4.22 release (as
it seems it will be released soon)

4.22 has just been released.

Spec URL: http://clamtk.sourceforge.net/fedora/4.22/clamtk.spec
SRPM URL: http://clamtk.sourceforge.net/fedora/4.22/clamtk-4.22-1.fc12.src.rpm

Regarding the licensing issue, I recently noticed that the Debian ports have always listed it as "GPL+ or Artistic" anyway. So now the Fedora builds match that.

And with luck, the Perl module dependency portion is correct now.

Looking forward to feedback. Thank you.

For 4.22-1:

* Requires
  - Again please check if writing "R: perl-foo" explicitly is
    really needed.
    ! For example when you try $ rpm -q --requires clamtk", you'll
      see that "perl(Locale::gettext)" is automatically detected
      and added to R, so writing "R: perl-gettext" is not needed.

      By the way with rawhide rpm (4.8.0), when you try
      "rpm -qv --requires clamtk", you can check what Requires are
      manually written in the spec file and what are automatically
      added by rpmbuild like:
---------------------------------------------------
$ rpm -qv --requires clamtk
post: /bin/sh  
postun: /bin/sh  
auto: /usr/bin/perl  
manual: clamav >= 0.90
manual: clamav-data  
manual: clamav-update  
manual: cronie  
manual: perl(:MODULE_COMPAT_5.10.1)  
auto: perl(Carp)  
auto: perl(ClamTk::App)  
.....
---------------------------------------------------

! License
  - Not a blocker, however it is better that you update lib/GUI.pm
    and the corresponding gettext po files.

By the way:

-------------------------------------------------------------
NOTE: Before being sponsored:

This package will be accepted with another few work. 
But before I accept this package, someone (I am a candidate) 
must sponsor you.

Once you are sponsored, you have the right to review other 
submitters' review requests and approve the packages formally. 
For this reason, the person who want to be sponsored (like you) 
are required to "show that you have an understanding 
of the process and of the packaging guidelines" as is described
on :
http://fedoraproject.org/wiki/PackageMaintainers/HowToGetSponsored

Usually there are two ways to show this.
A. submit other review requests with enough quality.
B. Do a "pre-review" of other person's review request
   (at the time you are not sponsored, you cannot do
   a formal review)

When you have submitted a new review request or have pre-reviewed other 
person's review request, please write the bug number on this bug report 
so that I can check your comments or review request.

Fedora package collection review requests which are waiting for someone to
review can be checked on:
http://fedoraproject.org/PackageReviewStatus/NEW.html
(NOTE: please don't choose "Merge Review")


Review guidelines are described mainly on:
http://fedoraproject.org/wiki/Packaging/ReviewGuidelines
http://fedoraproject.org/wiki/Packaging/Guidelines
http://fedoraproject.org/wiki/Packaging/ScriptletSnippets
------------------------------------------------------------

As you're the upstream of this package it may be that you
are interested in maintaining this package only on Fedora,
however still I want to see at least one pre-review by you
(if you don't want to submit another review request)

Quick questions while preparing 4.23:

1. <quote>"perl(Locale::gettext)" is automatically detected</quote>

Not arguing - but the actual module is perl-gettext. I took this to be something different since perl-Locale-gettext does not exist. If you are sure it is the same thing (or, at least, that it will still pull in the right requirement), then I will remove it as a requirement.

Since perl-libwww-perl (or perl(libwww-perl)) does not show up after running the command "rpm -qv --requires clamtk", I will keep it in as a requirement.

2. The GUI.pm license language has been updated and will be reflected as such in 4.23.

3. The po/gettext files contain the line: "This file is distributed under the same license as the ClamTk package."  As they are submitted with ClamTk, do they all have to have full license statements, or does this suffice?

4. Due to time constraints, I will likely not be able to review/sponsor other packages. I am always happy to help; however, my time is limited to either development or $something_else.  I hope this is not a blocker.

Thank you for continuing to help. 4.23 will likely be released around 17 Jan.

(In reply to comment #21)
> Quick questions while preparing 4.23:
> 
> 1. <quote>"perl(Locale::gettext)" is automatically detected</quote>
> 
> Not arguing - but the actual module is perl-gettext. 
- The rpm name "perl-gettext" is based on the tarball name this binary
  rpm is created from. i.e. the name "perl-gettext" is named so just because
  this binary rpm is based on "gettext-%{version}.tar.gz" and this rpm's
  name does not exactly correspond to the module name this binary rpm 
  actually provides.

  The virtual provides "Provides: perl(Locale::gettext)" is added
  by rpmbuild automatically because this binary has "Locale/gettext.pm"
  which contains "package Locale::gettext;". So this rpm (perl-gettext)
  actually provides the module perl(Locale::gettext), not perl(gettext), 
  and the module name clamtk actually needs is perl(Locale::gettext), 
  not perl(gettext), as shown in %_bindir/clamtk
---------------------------------------------------
    26  use Locale::gettext;
---------------------------------------------------

> I took this to be
> something different since perl-Locale-gettext does not exist. If you are sure
> it is the same thing (or, at least, that it will still pull in the right
> requirement), then I will remove it as a requirement.

  - See above

> Since perl-libwww-perl (or perl(libwww-perl)) does not show up after running
> the command "rpm -qv --requires clamtk", I will keep it in as a requirement.

  - Here the module clamtk actually needs is "perl(LWP::UserAgent)", not
   "perl(libwww-perl)" or so, as shown in ClamTk/Update.pm:
-------------------------------------------------------
    18  use LWP::UserAgent;
-------------------------------------------------------
    and perl-libwww-perl provides perl(LWP::UserAgent).

    The binary rpm name and virtual provides names the rpm
    actually provides is not the same, and using virtual provides/obsoletes
    list based on what perl module is acually used is much better.

> 3. The po/gettext files contain the line: "This file is distributed under the
> same license as the ClamTk package."  As they are submitted with ClamTk, do
> they all have to have full license statements, or does this suffice?
  - This is sufficient
  
> 4. Due to time constraints, I will likely not be able to review/sponsor other
> packages. I am always happy to help; however, my time is limited to either
> development or $something_else.  I hope this is not a blocker.

- Unfortunately I won't sponsor anyone in need of sponsorship
  unless he/she submits another review request or does at least one
  pre-review of other person's review request . If you are not going
  to do so for now, I once withdraw reviewing this package so that 
  you can find another sponsor candidate for you.

ping?

Apologies if you were waiting on confirmation of whether or not I would do another review request or a pre-review of another person's request. Unfortunately, I will be unable to do any other packages. Due to time constraints, I have my hands full with one. I understand if you need to withdraw and appreciate your assistance to date.  I will post a review request for 4.23 shortly. If there are no takers, I will just close out this request and go back to doing it on my own, offering downloads straight from the website. Thanks again.

Well, then I will once withdraw reviewing this review ticket
so that another sponsor may want to sponsor you and you will
be able to find that people.

4.23:

Spec URL: http://clamtk.sourceforge.net/fedora/4.23/clamtk.spec
SRPM URL: http://clamtk.sourceforge.net/fedora/4.23/clamtk-4.23-1.fc12.src.rpm

Please forgive me as I've not digested all of the context, but if you're the upstream maintainer then I'm sure we can get some sponsorship worked out.

Our main concern is that it's likely that Fedora and its myriad of guidelines isn't going to be your main concern, so we'd like to make sure that this package stays in shape after review.  One possibility is to ask that you understand our guidelines by doing some other package review work, which is what Mamoru prefers to see before he offers sponsorship.

Another possibility is to see if we can get an interested and somewhat experienced Fedora packager to co-maintain this package with you.  If that happened, I'd probably be willing to offer sponsorship.  A third possibility is that someone would just offer you sponsorship, which might happen (it's up to the sponsors to decide) but personally I'd like to see if we can get a comaintainer first.

Jason, options two and three sound great.  My only goal is to either fix or remove a clearly broken package - preferably fix. I waited almost six years to see a program I wrote show up in the RH/Fedora repositories, but not broken. You're right, in that I'd rather just work it upstream and communicate with maintainers (which I do with other distributions), but if I have to maintain (or co-maintain) it, I'll do that too.  Thanks for responding. I appreciate your help.

Iam a Fedora 12 x86_64 user. I installed ClamAV (ver:0.95.3-1200) and ClamTK. I can see the GUI (Virus Scanner) in the applications menu but it does nothing at all. Any help ?

I also have to say that I installed these applications using the official package manager. I read the best about ClamTk and Gnome Schedule in the only official magazine about Linux in my country..... It's a pity, but I can't trust my package manager any more , because I also noticed such abnormal behaviour with wine emulator and with gnome schedule and who knows what else..... Thanks a lot.

Fanis, that is what we are trying to fix with this review request. The package in the repositories is broken.

In the meanwhile, please go to http://clamtk.sf.net - there are downloads available for several distributions including Fedora. You can just double-click it to install. That version works. :-)

Oh, nice, bugzilla seems to have lost my comment, but it added the CC.  Strange.

In any case, for some reason I had thought that clamtk was orphaned in Fedora, but it does currently have a maintainer.  I found him on IRC (and have CC'd him on this ticket).  He's willing to have you as a comaintainer, but I get the impression he has very little time so I'm not sure how much he will be able to help you.  If issues come up, please either ping me on IRC (tibbs in #fedora-devel on freenode) or email me.

Dave, you should be set up now.  It will take a bit before your privileges propagate, but you should soon be able to check the package out of CVS and start working on it.

There are many procedures and such that you will need to follow.  This is described in http://fedoraproject.org/wiki/Join_the_package_collection_maintainers that document is geared towards completely new packages.  Since this package is already in the distribution you can skip forward to the "install the client tools" bit, then do "Check out the module" but skip "Import the package" and instead edit what's there.  Then follow http://fedoraproject.org/wiki/Package_update_HOWTO to actually make an update.  Again, I know this can be a bit complicated, so please let me know if you have any problems and Jerome doesn't have sufficient time to help you out.

I'm going to close this ticket out now just to keep the books straight.

*** This bug has been marked as a duplicate of bug 474535 ***

Oops, Dave, there's one extra thing I need you to do.  Can you go to https://admin.fedoraproject.org/pkgdb/packages/name/clamtk, log in with your Fedora account information, and click 'Add Myself to Package" for at least the "Fedora devel" collection?  (F12 and F11 if you want to work on the existing releases as well.)  I'll approve your request if Jerome doesn't do so before me.

Thanks a lot all of you for your interest.

@ Dave M

I removed anything I had installed for ClamAV-ClamTK  with the Fedora 12 package manager and I installed the application directly from the site you indicated. It is working well but I have 2 questions. 
1. The application gui presents a red stop sign to the left of the "Virus definitions" text. To the right side of the same text it writes "28 Oct 2009". I wonder if this red sign probably means that the Virus definitions are old. Is there any problem here or it is ok ?
2. Does this kind of installation permit any further updates with the Fedora 12 auto-update procedure ?

Thank you very much for your response . You really solved my little problem.