Spec URL: http://petersen.fedorapeople.org/ghc-hashed-storage/ghc-hashed-storage.spec SRPM URL: http://petersen.fedorapeople.org/ghc-hashed-storage/ghc-hashed-storage-0.3.9-1.fc12.src.rpm Description: Support code for reading and manipulating hashed file storage (where each file and directory is associated with a cryptographic hash, for corruption-resistant storage and fast comparisons). The supported storage formats include darcs hashed pristine, a plain filesystem tree and an indexed plain tree (where the index maintains hashes of the plain files and directories). Needed by darcs 2.3.
Ignore numbers in square brackets. # MUST: rpmlint must be run on every package. The output should be posted in the review.[1] Unable to build the package locally with the required version of mmap. Can you try to bump the spec to build a newer version? # MUST: The package must be named according to the Package Naming Guidelines . OK # MUST: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption. [2] . OK # MUST: The package must meet the Packaging Guidelines . OK # MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines . BSD (3 clause) is a valid license. # MUST: The License field in the package spec file must match the actual license. [3] BSD is a valid short name for the 3-clause license. # MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.[4] OK # MUST: The spec file must be written in American English. [5] OK # MUST: The spec file for the package MUST be legible. [6] OK # MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this. [lvillani@normandy tmp]$ md5sum hashed-storage-0.3.9.tar.gz hashed-storage-0.3.9.tar.gz.1 8310b334aa0464f7a72d27c45b042dfd hashed-storage-0.3.9.tar.gz 8310b334aa0464f7a72d27c45b042dfd hashed-storage-0.3.9.tar.gz.1 (.1 is the tarball downloaded from upstream website) OK. # MUST: The package MUST successfully compile and build into binary rpms on at least one primary architecture. [7] Unable to build package. # MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line. [8] Unable to build package. # MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense. NOT OK: The specfile is missing a dependency on ghc-mmap-{devel,prof} # MUST: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.[9] Unable to build package. # MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. [10] Static libraries: OK # MUST: Packages must NOT bundle copies of system libraries.[11] Unable to build package. # MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker. [12] OK # MUST: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. [13] Unable to build package. # MUST: A Fedora package must not list a file more than once in the spec file's %files listings. [14] OK # MUST: Permissions on files must be set properly. Executables should be set with executable permissions, for example. Every %files section must include a %defattr(...) line. [15] OK # MUST: Each package must have a %clean section, which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). [16] OK # MUST: Each package must consistently use macros. [17] OK # MUST: The package must contain code, or permissable content. [18] OK # MUST: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity). [19] OK # MUST: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. [19] Unable to build package. # MUST: Header files must be in a -devel package. [20] OK # MUST: Static libraries must be in a -static package. [21] Exception: GHC 6.10 creates only statically linked libraries -> OK # MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for directory ownership and usability). [22] OK # MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package. [20] OK (No shared libraries with GHC) # MUST: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name} = %{version}-%{release} [23] OK # MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.[21] OK (we don't use libtool) # MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation. [24] OK (not a GUI application) # MUST: Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. [25] # MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot} (or $RPM_BUILD_ROOT). [26] Unable to build package. # MUST: All filenames in rpm packages must be valid UTF-8. [27] Unable to build package. Not approving, yet.
Thanks for the careful review. ghc-mmap is now built for rawhide. I fixed the missing mmap dep and updated to latest macros. However bad news: darcs-2.3.1 does not build with ghc-6.12.1, and darcs-beta requires hashed-storage >= 0.4.2 which has additional dependencies: binary and dataenc. :-/ So this doesn't build yet: Spec URL: http://petersen.fedorapeople.org/ghc-hashed-storage/ghc-hashed-storage.spec SRPM URL: http://petersen.fedorapeople.org/ghc-hashed-storage/ghc-hashed-storage-0.4.3-1.fc12.src.rpm I will open new reviews for binary and dataenc and link them here as deps. (If you prefer I could revert to 0.3.9 for now to speed up this review.)
Let's revert to 0.3.9. Making the changes for GHC 6.12 and the new hashed storage is just a matter of adding the needed 'BuildRequires'.
Spec URL: http://petersen.fedorapeople.org/ghc-hashed-storage/ghc-hashed-storage.spec SRPM URL: http://petersen.fedorapeople.org/ghc-hashed-storage/ghc-hashed-storage-0.3.9-2.fc12.src.rpm Scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=1916161
License tag is wrong. Please use "License: GPL+ and BSD"
Aha - which part if GPL? :)
Doh - would help if I actually looked at the right package... You're right SHA256.hsc is marked GPL. I actually talked to the author about this and he remarked that he had rewritten the file recently but that does not affect this review... So yeah I think the License tag should be "GPL+".
To clarify again, I think "GPL+" is correct for now. GPL plus BSD = GPL: the library is not dual-licensed so GPL+ is the correct license AFAICT. (In reply to comment #7) > You're right SHA256.hsc is marked GPL. I actually talked > to the author about this and he remarked that he had rewritten > the file recently but that does not affect this review... (Correctly he hasn't updated the original header file yet IIUC, but anyway.)
I think that makes it GPL AND BSD (whereas dual-licensed would be GPL OR BSD). But I could be wrong.
(In reply to comment #8) > (Correctly he hasn't updated the original header file yet IIUC, but anyway.) So in that sense we could actually ignore GPL. (In reply to comment #9) > I think that makes it GPL AND BSD (whereas dual-licensed would be GPL OR BSD). You're right about dual-licenseing being "OR", but AFAIK "AND" means part of the binary package is one license and another part another (cf cpphs). In this case it is a single library linked together and hence GPL trumphs BSD. However going on the above comment from the author I think we could just forget about the "GPL code" - I could add a comment to that effect in the spec file.
(In reply to comment #10) > (In reply to comment #8) > > (Correctly he hasn't updated the original header file yet IIUC, but anyway.) > > So in that sense we could actually ignore GPL. Meant to add he has actually made that change in hashed-map-0.4.5 which will be required by darcs-2.4.0 anyway.
I will make an exception for the license tag (change confirmed in hashed-map-0.4.5). +1
Thanks Lorenzo for the careful review. New Package CVS Request ======================= Package Name: ghc-hashed-storage Short Description: Haskell hashed file storage support Owners: petersen Branches: devel InitialCC: haskell-sig
CVS done (by process-cvs-requests.py).
Thanks - approved package imported to cvs. I am updating to 0.4.5 for darcs-beta.
I'm not familiar with haskell, but looking at the spec I wonder what's the use of using globals for name, summary and description and depends? Using globals only makes sense if - the their contents is changing a lot - if the conditionals are used in the spec several times. Nether is the case and it makes the spec hard to read and rpmlint. BTW: Was this package ever rpmlint'ed during review? $ rpmlint ~/Desktop/ghc-hashed-storage-0.3.9-2.fc12.src.rpm ghc-hashed-storage.src: W: strange-permission hashed-storage-0.3.9.tar.gz 0600 ghc-hashed-storage.src: W: no-cleaning-of-buildroot %install ghc-hashed-storage.src: W: no-buildroot-tag 1 packages and 0 specfiles checked; 0 errors, 3 warnings. The missing "rm -rf $RPM_BUILD_ROOT" is not in the %cabal_install macro ether: $ rpm --eval %cabal_install /usr/bin/runghc Setup copy --destdir=${RPM_BUILD_ROOT} -v $ rpmlint ghc-hashed-storage*0.3.9-2.fc13.i686.rpm ghc-hashed-storage.i686: W: unstripped-binary-or-object /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9-ghc6.12.1.so ghc-hashed-storage.i686: W: executable-stack /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9-ghc6.12.1.so ghc-hashed-storage-devel.i686: W: no-documentation ghc-hashed-storage-prof.i686: E: devel-dependency ghc-hashed-storage-devel ghc-hashed-storage-prof.i686: W: no-documentation ghc-hashed-storage-prof.i686: W: devel-file-in-non-devel-package /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9_p.a 4 packages and 0 specfiles checked; 1 errors, 5 warnings. I was trying to build this in mock, but it fails: F-12: + %cabal_configure --ghc -p /var/tmp/rpm-tmp.sYV5fI: line 29: fg: no job control F-13: Configuring hashed-storage-0.4.5... Setup: At least the following dependencies are missing: binary -any, dataenc -any
OK, Iguess 0.4.5 is not supposed to build, but is the whole haskell stack broken in rawhide? I can't build 0.3.9 ether.
(In reply to comment #16) > I'm not familiar with haskell, but looking at the spec I wonder what's the use > of using globals for name, summary and description and depends? Because they are used by ghc-rpm-macros. > $ rpmlint ~/Desktop/ghc-hashed-storage-0.3.9-2.fc12.src.rpm > ghc-hashed-storage.src: W: strange-permission hashed-storage-0.3.9.tar.gz 0600 Was fixed in cvs import. > ghc-hashed-storage.src: W: no-cleaning-of-buildroot %install > ghc-hashed-storage.src: W: no-buildroot-tag rpmlint needs updating... they are now superfluous. > $ rpmlint ghc-hashed-storage*0.3.9-2.fc13.i686.rpm > ghc-hashed-storage.i686: W: unstripped-binary-or-object > /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9-ghc6.12.1.so > ghc-hashed-storage.i686: W: executable-stack > /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9-ghc6.12.1.so This are normal fpr ghc libs. > ghc-hashed-storage-devel.i686: W: no-documentation ghc-hashed-storage-doc > ghc-hashed-storage-prof.i686: E: devel-dependency ghc-hashed-storage-devel Yes it is needed. > ghc-hashed-storage-prof.i686: W: devel-file-in-non-devel-package > /usr/lib/ghc-6.12.1/hashed-storage-0.3.9/libHShashed-storage-0.3.9_p.a normal > F-12: > + %cabal_configure --ghc -p > /var/tmp/rpm-tmp.sYV5fI: line 29: fg: no job control The package is for rawhide and requires ghc-6.12.1 it will build in f12 without latest ghc and ghc-rpm-macros. (No not all fedora packages are backported to earlier releases...) > F-13: 0.3.9 package is in rawhide... What do you need this package for? cabal-install may be your friend: "cabal install hashed-storage".
(In reply to comment #18) > (In reply to comment #16) > > I'm not familiar with haskell, but looking at the spec I wonder what's the use > > of using globals for name, summary and description and depends? > > Because they are used by ghc-rpm-macros. Thanks for the info, but I don't see common_summary or common_description used there. > > $ rpmlint ~/Desktop/ghc-hashed-storage-0.3.9-2.fc12.src.rpm > > ghc-hashed-storage.src: W: strange-permission hashed-storage-0.3.9.tar.gz 0600 > > Was fixed in cvs import. Right. Other warnings/error are false positives, but still rpmlint is part of a review and the rpmlint output should be posted. If this doesn't happen, I don't consider this a proper review. > The package is for rawhide and requires ghc-6.12.1 > it will build in f12 without latest ghc and ghc-rpm-macros. Then it should have proper versioned BuildRequires. The version numbers may only be omitted, if all supported Fedora releases satisfy the versions. > 0.3.9 package is in rawhide... > > What do you need this package for? cabal-install may be your friend: > "cabal install hashed-storage". I just wanted to test if the package builds in mock, and currently 0.3.9 does not: http://koji.fedoraproject.org/koji/taskinfo?taskID=1955760
(In reply to comment #19) > Thanks for the info, but I don't see common_summary or common_description used > there. Which version of ghc-rpm-macros are you looking at? > Other warnings/error are false positives, but still rpmlint is part of a > review and the rpmlint output should be posted. Agreed > > The package is for rawhide and requires ghc-6.12.1 > > it will [not] build in f12 without latest ghc and ghc-rpm-macros. > Then it should have proper versioned BuildRequires. The version numbers may > only be omitted, if all supported Fedora releases satisfy the versions. ghc-rpm-macros BR is versioned: later I may want to backport the package to F12 with updated macros there - then a ghc version would be unnecesary. ie the latest macros assume ghc-6.12.1 not the package itself per se. I suppose ghc-rpm-macros could have a requires on ghc but I was trying to avoid that I think. > I just wanted to test if the package builds in mock, and currently 0.3.9 does > not: http://koji.fedoraproject.org/koji/taskinfo?taskID=1955760 You're right, it seems I made a mistake and didn't upload the actual package that scratch-built in koji... :( I uploaded http://petersen.fedorapeople.org/ghc-hashed-storage/final/ghc-hashed-storage-0.3.9-2.fc12.src.rpm which I believe was the correct package and also what I imported to cvs. I hope that might satisfy your curiosity. :) Honesty I am very busy at work right and don't really have time for a review inquisition but if you feel great malpractice and incompetence took place here you can reopen. I think we got absorbed in the license question and then Lozenzo forgot to confirm that that package builds, but it was fixed anyway before importing so not a big deal IMHO.
(In reply to comment #20) > (In reply to comment #19) > > > Thanks for the info, but I don't see common_summary or common_description used > > there. > > Which version of ghc-rpm-macros are you looking at? ghc-rpm-macros-0.2.5-1.fc12.noarch > ghc-rpm-macros BR is versioned: Strange, I wonder why I could install/mock it then. Might have been the wrong package then. > I hope that might satisfy your curiosity. :) Indeed, it does. Everything looks fine in CVS now, so I let this review rest.
Package Change Request ====================== Package Name: ghc-hashed-storage New Branches: el6 Owners: petersen InitialCC: haskell-sig
Git done (by process-git-requests).
Package Change Request ====================== Package Name: ghc-hashed-storage New Branches: el5 Owners: petersen InitialCC: haskell-sig