Bug 537979 - Review Request: ghc-hashed-storage - Hashed file storage support
Review Request: ghc-hashed-storage - Hashed file storage support
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Lorenzo Villani
Fedora Extras Quality Assurance
:
Depends On: 537971
Blocks: 522953
  Show dependency treegraph
 
Reported: 2009-11-16 21:05 EST by Jens Petersen
Modified: 2014-01-02 00:56 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-01-23 04:27:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
lorenzo: fedora‑review+
petersen: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Description Jens Petersen 2009-11-16 21:05:23 EST
Spec URL: http://petersen.fedorapeople.org/ghc-hashed-storage/ghc-hashed-storage.spec
SRPM URL: http://petersen.fedorapeople.org/ghc-hashed-storage/ghc-hashed-storage-0.3.9-1.fc12.src.rpm
Description: 
Support code for reading and manipulating hashed file storage (where each file and directory is associated with a cryptographic hash, for corruption-resistant storage and fast comparisons).

The supported storage formats include darcs hashed pristine, a plain filesystem tree and an indexed plain tree (where the index maintains hashes of the plain files and directories).

Needed by darcs 2.3.
Comment 1 Lorenzo Villani 2009-12-31 11:24:08 EST
Ignore numbers in square brackets.

#  MUST: rpmlint must be run on every package. The output should be posted in the review.[1]

Unable to build the package locally with the required version of mmap. Can you try to bump the spec to build a newer version?

# MUST: The package must be named according to the Package Naming Guidelines .

OK

# MUST: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption. [2] .

OK

# MUST: The package must meet the Packaging Guidelines .

OK

# MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines .

BSD (3 clause) is a valid license.

# MUST: The License field in the package spec file must match the actual license. [3]

BSD is a valid short name for the 3-clause license.

# MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.[4]

OK

# MUST: The spec file must be written in American English. [5]

OK

# MUST: The spec file for the package MUST be legible. [6]

OK

# MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this.

[lvillani@normandy tmp]$ md5sum hashed-storage-0.3.9.tar.gz hashed-storage-0.3.9.tar.gz.1
8310b334aa0464f7a72d27c45b042dfd  hashed-storage-0.3.9.tar.gz
8310b334aa0464f7a72d27c45b042dfd  hashed-storage-0.3.9.tar.gz.1

(.1 is the tarball downloaded from upstream website)
OK.


# MUST: The package MUST successfully compile and build into binary rpms on at least one primary architecture. [7]

Unable to build package.

# MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line. [8]

Unable to build package.

# MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense.

NOT OK: The specfile is missing a dependency on ghc-mmap-{devel,prof}

# MUST: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.[9]

Unable to build package.

# MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. [10]

Static libraries: OK

# MUST: Packages must NOT bundle copies of system libraries.[11]

Unable to build package.

# MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker. [12]

OK

# MUST: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. [13]

Unable to build package.

# MUST: A Fedora package must not list a file more than once in the spec file's %files listings. [14]

OK

# MUST: Permissions on files must be set properly. Executables should be set with executable permissions, for example. Every %files section must include a %defattr(...) line. [15]

OK

# MUST: Each package must have a %clean section, which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). [16]

OK

# MUST: Each package must consistently use macros. [17]

OK

# MUST: The package must contain code, or permissable content. [18]

OK

# MUST: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity). [19]

OK

# MUST: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. [19]

Unable to build package.

# MUST: Header files must be in a -devel package. [20]

OK

# MUST: Static libraries must be in a -static package. [21]

Exception: GHC 6.10 creates only statically linked libraries -> OK

# MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for directory ownership and usability). [22]

OK

# MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package. [20]

OK (No shared libraries with GHC)

# MUST: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name} = %{version}-%{release} [23]

OK

# MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.[21]

OK (we don't use libtool)

# MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation. [24]

OK (not a GUI application)

# MUST: Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. [25]
# MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot} (or $RPM_BUILD_ROOT). [26]

Unable to build package.

# MUST: All filenames in rpm packages must be valid UTF-8. [27]

Unable to build package.


Not approving, yet.
Comment 2 Jens Petersen 2010-01-10 23:11:07 EST
Thanks for the careful review.  ghc-mmap is now built for rawhide.

I fixed the missing mmap dep and updated to latest macros.

However bad news: darcs-2.3.1 does not build with ghc-6.12.1,
and darcs-beta requires hashed-storage >= 0.4.2 which has additional
dependencies: binary and dataenc. :-/

So this doesn't build yet:

Spec URL:
http://petersen.fedorapeople.org/ghc-hashed-storage/ghc-hashed-storage.spec
SRPM URL:
http://petersen.fedorapeople.org/ghc-hashed-storage/ghc-hashed-storage-0.4.3-1.fc12.src.rpm

I will open new reviews for binary and dataenc and link them here as deps.

(If you prefer I could revert to 0.3.9 for now to speed up this review.)
Comment 3 Lorenzo Villani 2010-01-11 11:10:04 EST
Let's revert to 0.3.9. Making the changes for GHC 6.12 and the new hashed storage is just a matter of adding the needed 'BuildRequires'.
Comment 5 Lorenzo Villani 2010-01-20 07:11:23 EST
License tag is wrong. Please use "License: GPL+ and BSD"
Comment 6 Jens Petersen 2010-01-20 19:22:12 EST
Aha - which part if GPL? :)
Comment 7 Jens Petersen 2010-01-20 21:19:41 EST
Doh - would help if I actually looked at the right package...

You're right SHA256.hsc is marked GPL.  I actually talked
to the author about this and he remarked that he had rewritten
the file recently but that does not affect this review...
So yeah I think the License tag should be "GPL+".
Comment 8 Jens Petersen 2010-01-21 03:38:51 EST
To clarify again, I think "GPL+" is correct for now.
GPL plus BSD = GPL: the library is not dual-licensed
so GPL+ is the correct license AFAICT.

(In reply to comment #7)
> You're right SHA256.hsc is marked GPL.  I actually talked
> to the author about this and he remarked that he had rewritten
> the file recently but that does not affect this review...

(Correctly he hasn't updated the original header file yet IIUC, but anyway.)
Comment 9 Conrad Meyer 2010-01-21 03:53:24 EST
I think that makes it GPL AND BSD (whereas dual-licensed would be GPL OR BSD). But I could be wrong.
Comment 10 Jens Petersen 2010-01-21 04:29:24 EST
(In reply to comment #8)
> (Correctly he hasn't updated the original header file yet IIUC, but anyway.)    

So in that sense we could actually ignore GPL.

(In reply to comment #9)
> I think that makes it GPL AND BSD (whereas dual-licensed would be GPL OR BSD).

You're right about dual-licenseing being "OR", but AFAIK "AND"
means part of the binary package is one license and another part
another (cf cpphs).  In this case it is a single library linked
together and hence GPL trumphs BSD.

However going on the above comment from the author I think we could
just forget about the "GPL code" - I could add a comment to that
effect in the spec file.
Comment 11 Jens Petersen 2010-01-21 04:30:46 EST
(In reply to comment #10)
> (In reply to comment #8)
> > (Correctly he hasn't updated the original header file yet IIUC, but anyway.)    
> 
> So in that sense we could actually ignore GPL.

Meant to add he has actually made that change in hashed-map-0.4.5
which will be required by darcs-2.4.0 anyway.
Comment 12 Lorenzo Villani 2010-01-21 15:43:57 EST
I will make an exception for the license tag (change confirmed in hashed-map-0.4.5).
+1
Comment 13 Jens Petersen 2010-01-22 04:43:04 EST
Thanks Lorenzo for the careful review.


New Package CVS Request
=======================
Package Name: ghc-hashed-storage
Short Description: Haskell hashed file storage support
Owners: petersen
Branches: devel
InitialCC: haskell-sig
Comment 14 Jason Tibbitts 2010-01-22 12:09:22 EST
CVS done (by process-cvs-requests.py).
Comment 15 Jens Petersen 2010-01-23 04:27:54 EST
Thanks - approved package imported to cvs.

I am updating to 0.4.5 for darcs-beta.
Comment 16 Christoph Wickert 2010-01-30 11:54:44 EST
I'm not familiar with haskell, but looking at the spec I wonder what's the use of using globals for name, summary and description and depends?

Using globals only makes sense if
- the their contents is changing a lot
- if the conditionals are used in the spec several times.

Nether is the case and it makes the spec hard to read and rpmlint.

BTW: Was this package ever rpmlint'ed during review?

$ rpmlint ~/Desktop/ghc-hashed-storage-0.3.9-2.fc12.src.rpm 
ghc-hashed-storage.src: W: strange-permission hashed-storage-0.3.9.tar.gz 0600
ghc-hashed-storage.src: W: no-cleaning-of-buildroot %install
ghc-hashed-storage.src: W: no-buildroot-tag
1 packages and 0 specfiles checked; 0 errors, 3 warnings.

The missing "rm -rf $RPM_BUILD_ROOT" is not in the %cabal_install macro ether:
$ rpm --eval %cabal_install
/usr/bin/runghc Setup copy --destdir=${RPM_BUILD_ROOT} -v

$ rpmlint ghc-hashed-storage*0.3.9-2.fc13.i686.rpm
ghc-hashed-storage.i686: W: unstripped-binary-or-object /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9-ghc6.12.1.so
ghc-hashed-storage.i686: W: executable-stack /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9-ghc6.12.1.so
ghc-hashed-storage-devel.i686: W: no-documentation
ghc-hashed-storage-prof.i686: E: devel-dependency ghc-hashed-storage-devel
ghc-hashed-storage-prof.i686: W: no-documentation
ghc-hashed-storage-prof.i686: W: devel-file-in-non-devel-package /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9_p.a
4 packages and 0 specfiles checked; 1 errors, 5 warnings.

I was trying to build this in mock, but it fails:

F-12:
+ %cabal_configure --ghc -p
/var/tmp/rpm-tmp.sYV5fI: line 29: fg: no job control

F-13:
Configuring hashed-storage-0.4.5...
Setup: At least the following dependencies are missing:
binary -any, dataenc -any
Comment 17 Christoph Wickert 2010-01-30 12:00:21 EST
OK,  Iguess 0.4.5 is not supposed to build, but is the whole haskell stack broken in rawhide? I can't build 0.3.9 ether.
Comment 18 Jens Petersen 2010-02-01 01:43:04 EST
(In reply to comment #16)
> I'm not familiar with haskell, but looking at the spec I wonder what's the use
> of using globals for name, summary and description and depends?

Because they are used by ghc-rpm-macros.

> $ rpmlint ~/Desktop/ghc-hashed-storage-0.3.9-2.fc12.src.rpm 
> ghc-hashed-storage.src: W: strange-permission hashed-storage-0.3.9.tar.gz 0600

Was fixed in cvs import.

> ghc-hashed-storage.src: W: no-cleaning-of-buildroot %install
> ghc-hashed-storage.src: W: no-buildroot-tag

rpmlint needs updating... they are now superfluous.

> $ rpmlint ghc-hashed-storage*0.3.9-2.fc13.i686.rpm
> ghc-hashed-storage.i686: W: unstripped-binary-or-object
> /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9-ghc6.12.1.so
> ghc-hashed-storage.i686: W: executable-stack
> /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9-ghc6.12.1.so

This are normal fpr ghc libs.

> ghc-hashed-storage-devel.i686: W: no-documentation

ghc-hashed-storage-doc

> ghc-hashed-storage-prof.i686: E: devel-dependency ghc-hashed-storage-devel

Yes it is needed.

> ghc-hashed-storage-prof.i686: W: devel-file-in-non-devel-package
> /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9_p.a

normal

> F-12:
> + %cabal_configure --ghc -p
> /var/tmp/rpm-tmp.sYV5fI: line 29: fg: no job control

The package is for rawhide and requires ghc-6.12.1
it will build in f12 without latest ghc and ghc-rpm-macros.
(No not all fedora packages are backported to earlier releases...)

> F-13:

0.3.9 package is in rawhide...

What do you need this package for?  cabal-install may be your friend:
"cabal install hashed-storage".
Comment 19 Christoph Wickert 2010-02-01 04:12:39 EST
(In reply to comment #18)
> (In reply to comment #16)
> > I'm not familiar with haskell, but looking at the spec I wonder what's the use
> > of using globals for name, summary and description and depends?
> 
> Because they are used by ghc-rpm-macros.

Thanks for the info, but I don't see common_summary or common_description used there.

> > $ rpmlint ~/Desktop/ghc-hashed-storage-0.3.9-2.fc12.src.rpm 
> > ghc-hashed-storage.src: W: strange-permission hashed-storage-0.3.9.tar.gz 0600
> 
> Was fixed in cvs import.

Right. Other warnings/error are false positives, but still rpmlint is part of a review and the rpmlint output should be posted. If this doesn't happen, I don't consider this a proper review.

> The package is for rawhide and requires ghc-6.12.1
> it will build in f12 without latest ghc and ghc-rpm-macros.

Then it should have proper versioned BuildRequires. The version numbers may only be omitted, if all supported Fedora releases satisfy the versions.

> 0.3.9 package is in rawhide...
> 
> What do you need this package for?  cabal-install may be your friend:
> "cabal install hashed-storage".    

I just wanted to test if the package builds in mock, and currently 0.3.9 does not: http://koji.fedoraproject.org/koji/taskinfo?taskID=1955760
Comment 20 Jens Petersen 2010-02-02 04:55:28 EST
(In reply to comment #19)

> Thanks for the info, but I don't see common_summary or common_description used
> there.

Which version of ghc-rpm-macros are you looking at?

> Other warnings/error are false positives, but still rpmlint is part of a
> review and the rpmlint output should be posted.

Agreed

> > The package is for rawhide and requires ghc-6.12.1
> > it will [not] build in f12 without latest ghc and ghc-rpm-macros.

> Then it should have proper versioned BuildRequires. The version numbers may
> only be omitted, if all supported Fedora releases satisfy the versions.

ghc-rpm-macros BR is versioned: later I may want to backport the package
to F12 with updated macros there - then a ghc version would be unnecesary.
ie the latest macros assume ghc-6.12.1 not the package itself per se. 
I suppose ghc-rpm-macros could have a requires on ghc but I was trying
to avoid that I think.

> I just wanted to test if the package builds in mock, and currently 0.3.9 does
> not: http://koji.fedoraproject.org/koji/taskinfo?taskID=1955760    

You're right, it seems I made a mistake and didn't upload the actual package
that scratch-built in koji... :(

I uploaded
http://petersen.fedorapeople.org/ghc-hashed-storage/final/ghc-hashed-storage-0.3.9-2.fc12.src.rpm
which I believe was the correct package and also what I imported to cvs.
I hope that might satisfy your curiosity. :)


Honesty I am very busy at work right and don't really have time
for a review inquisition but if you feel great malpractice and
incompetence took place here you can reopen.

I think we got absorbed in the license question and then Lozenzo
forgot to confirm that that package builds, but it was fixed anyway
before importing so not a big deal IMHO.
Comment 21 Christoph Wickert 2010-02-02 19:10:08 EST
(In reply to comment #20)
> (In reply to comment #19)
> 
> > Thanks for the info, but I don't see common_summary or common_description used
> > there.
> 
> Which version of ghc-rpm-macros are you looking at?

ghc-rpm-macros-0.2.5-1.fc12.noarch

> ghc-rpm-macros BR is versioned: 

Strange, I wonder why I could install/mock it then. Might have been the wrong package then.

> I hope that might satisfy your curiosity. :)

Indeed, it does. Everything looks fine in CVS now, so I let this review rest.
Comment 22 Jens Petersen 2010-10-03 22:11:57 EDT
Package Change Request
======================
Package Name: ghc-hashed-storage
New Branches: el6
Owners: petersen
InitialCC: haskell-sig
Comment 23 Kevin Fenzi 2010-10-04 15:03:23 EDT
Git done (by process-git-requests).
Comment 24 Jens Petersen 2013-12-27 03:51:30 EST
Package Change Request
======================
Package Name: ghc-hashed-storage
New Branches: el5
Owners: petersen
InitialCC: haskell-sig
Comment 25 Jens Petersen 2014-01-02 00:56:03 EST
Git done (by process-git-requests).

Note You need to log in before you can comment on or make changes to this bug.