Bug 542084 - Review Request: php-pear-HTTP-OAuth - Implementation of the OAuth spec
Review Request: php-pear-HTTP-OAuth - Implementation of the OAuth spec
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: David Nalley
Fedora Extras Quality Assurance
:
Depends On: 542077
Blocks: 542087
  Show dependency treegraph
 
Reported: 2009-11-28 04:31 EST by Remi Collet
Modified: 2010-05-13 18:40 EDT (History)
3 users (show)

See Also:
Fixed In Version: 0.1.6-1.fc11
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-12-15 20:10:22 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
david: fedora‑review+
dennis: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Description Remi Collet 2009-11-28 04:31:40 EST
Spec URL: http://remi.fedorapeople.org/php-pear-HTTP-OAuth.spec
SRPM URL: http://remi.fedorapeople.org/php-pear-HTTP-Request2-0.5.1-1.fc8.src.rpm
Description: 
Allows the use of the consumer and provider angles of the OAuth spec.

rpmlint is silent

Scratch build : http://koji.fedoraproject.org/koji/taskinfo?taskID=1835092
Comment 1 David Nalley 2009-11-30 00:34:32 EST
OK: rpmlint must be run on every package. The output should be posted in the review.
[ke4qqq@nalleyx60 SPECS]$ rpmlint ./php-pear-HTTP-Request2.spec 
0 packages and 1 specfiles checked; 0 errors, 0 warnings.
[ke4qqq@nalleyx60 SPECS]$ rpmlint ../SRPMS/php-pear-HTTP-Request2-0.5.1-1.fc12.src.rpm 
1 packages and 0 specfiles checked; 0 errors, 0 warnings.
[ke4qqq@nalleyx60 SPECS]$ rpmlint ../RPMS/noarch/php-pear-HTTP-Request2-0.5.1-1.fc12.noarch.rpm 
1 packages and 0 specfiles checked; 0 errors, 0 warnings.

OK: The package must be named according to the Package Naming Guidelines .
OK: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption.
OK: The package must meet the Packaging Guidelines
OK: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines .
OK: The License field in the package spec file must match the actual license.
Source contains New BSD license - shortname in Fedora licensing guidelines is BSD, which matches spec. 
NA: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.
OK: The spec file must be written in American English. 
OK: The spec file for the package MUST be legible. 
OK: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this.

[ke4qqq@nalleyx60 SOURCES]$ md5sum HTTP_Request2-0.5.1.tgz*
8096a3e9bbebf11780006e2c347ef650  HTTP_Request2-0.5.1.tgz
8096a3e9bbebf11780006e2c347ef650  HTTP_Request2-0.5.1.tgz.1

OK: The package MUST successfully compile and build into binary rpms on at least one primary architecture.
NA: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line.
OK: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense.
NA: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.
NA: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. 
OK: Packages must NOT bundle copies of system libraries.
NA: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker. 
OK: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. 
OK: A Fedora package must not list a file more than once in the spec file's %files listings. 
OK: Permissions on files must be set properly. Executables should be set with executable permissions, for example. Every %files section must include a %defattr(...) line. 
OK: Each package must have a %clean section, which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). 
OK: Each package must consistently use macros. 
OK: The package must contain code, or permissable content. 
NA: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity).
OK: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. 
NA: Header files must be in a -devel package. 
NA: Static libraries must be in a -static package. 
NA: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for directory ownership and usability). 
NA: If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package. 
NA: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name} = %{version}-%{release} 
NA: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.
NA: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation. 
Question : Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. 

Same question here as in 542077 - there is a %files entry that says: 
%{pear_phpdir}/HTTP

OK: At the beginning of %install, each package MUST run rm -rf %{buildroot} (or $RPM_BUILD_ROOT). 
OK: All filenames in rpm packages must be valid UTF-8.
Comment 2 David Nalley 2009-11-30 00:42:08 EST
Bah - blindly followed the srpm link - it contained the link to the srpm for 542077  - Ignore the above.
Comment 4 Remi Collet 2009-11-30 01:02:35 EST
This package doesn't own HTTP dir because it requires HTTP_Request2 which owns it.

+
Comment 5 David Nalley 2009-11-30 01:04:11 EST
OK: rpmlint must be run on every package. The output should be posted in the review.
[ke4qqq@nalleyx60 SPECS]$ rpmlint php-pear-HTTP-OAuth.spec 
0 packages and 1 specfiles checked; 0 errors, 0 warnings.
[ke4qqq@nalleyx60 SPECS]$ rpmlint ../SRPMS/php-pear-HTTP-OAuth-0.1.5-1.fc12.src.rpm 
1 packages and 0 specfiles checked; 0 errors, 0 warnings.
[ke4qqq@nalleyx60 SPECS]$ rpmlint ../RPMS/noarch/php-pear-HTTP-OAuth-0.1.5-1.fc12.noarch.rpm 
1 packages and 0 specfiles checked; 0 errors, 0 warnings.

OK: The package must be named according to the Package Naming Guidelines .
OK: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption.
OK: The package must meet the Packaging Guidelines
OK: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines .
OK: The License field in the package spec file must match the actual license.
Spec file cites BSD - source has New BSD license. 
NA: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.
OK: The spec file must be written in American English. 
OK: The spec file for the package MUST be legible. 
OK: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this.

[ke4qqq@nalleyx60 SOURCES]$ md5sum HTTP_OAuth-0.1.5.tgz*
ae5829122e2356890dd72e4dd5094b6e  HTTP_OAuth-0.1.5.tgz
ae5829122e2356890dd72e4dd5094b6e  HTTP_OAuth-0.1.5.tgz.1

OK: The package MUST successfully compile and build into binary rpms on at least one primary architecture.
NA: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line.
OK: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense.
NA: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.
NA: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. 
OK: Packages must NOT bundle copies of system libraries.
NA: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker. 
OK: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. 
OK: A Fedora package must not list a file more than once in the spec file's %files listings. 
OK: Permissions on files must be set properly. Executables should be set with executable permissions, for example. Every %files section must include a %defattr(...) line. 
OK: Each package must have a %clean section, which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). 
OK: Each package must consistently use macros. 
OK: The package must contain code, or permissable content. 
NA: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity).
NA: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. 
NA: Header files must be in a -devel package. 
NA: Static libraries must be in a -static package. 
NA: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for directory ownership and usability). 
NA: If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package. 
NA: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name} = %{version}-%{release} 
NA: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.
NA: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation. 
OK: Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. 
OK: At the beginning of %install, each package MUST run rm -rf %{buildroot} (or $RPM_BUILD_ROOT). 
OK: All filenames in rpm packages must be valid UTF-8. 




APPROVED


Thanks for the work Remi
Comment 6 Remi Collet 2009-11-30 12:00:34 EST
Thanks for the review

New Package CVS Request
=======================
Package Name: php-pear-HTTP-OAuth
Short Description: Implementation of the OAuth spec
Owners: remi
Branches: F-12, F-11
InitialCC:
Comment 7 Kevin Fenzi 2009-12-03 01:33:08 EST
cvs done.
Comment 8 Fedora Update System 2009-12-03 12:38:53 EST
php-pear-HTTP-OAuth-0.1.6-1.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/php-pear-HTTP-OAuth-0.1.6-1.fc11
Comment 9 Fedora Update System 2009-12-03 12:39:38 EST
php-pear-HTTP-OAuth-0.1.6-1.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/php-pear-HTTP-OAuth-0.1.6-1.fc12
Comment 10 Fedora Update System 2009-12-04 18:38:00 EST
php-pear-HTTP-OAuth-0.1.6-1.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update php-pear-HTTP-OAuth'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2009-12617
Comment 11 Fedora Update System 2009-12-04 19:05:54 EST
php-pear-HTTP-OAuth-0.1.6-1.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update php-pear-HTTP-OAuth'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2009-12735
Comment 12 Fedora Update System 2009-12-15 20:10:17 EST
php-pear-HTTP-OAuth-0.1.6-1.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 13 Fedora Update System 2009-12-15 20:20:26 EST
php-pear-HTTP-OAuth-0.1.6-1.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 14 Remi Collet 2010-05-13 03:55:49 EDT
Package Change Request
======================
Package Name: php-pear-HTTP-OAuth
New Branches: EL-6
Owners: remi
Comment 15 Dennis Gilmore 2010-05-13 18:40:30 EDT
CVS done

Note You need to log in before you can comment on or make changes to this bug.