Bug 624023 - Review Request: reprepro - Debian package repository producer
Review Request: reprepro - Debian package repository producer
Status: CLOSED DUPLICATE of bug 828188
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Christoph Wickert
Fedora Extras Quality Assurance
: 720181 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2010-08-13 08:59 EDT by Jeroen van Meeuwen
Modified: 2012-06-30 14:28 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-06-30 14:28:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
cwickert: fedora‑review?

Attachments (Terms of Use)

  None (edit)
Description Jeroen van Meeuwen 2010-08-13 08:59:03 EDT
Spec URL: http://git.ergo-project.org/?p=kolab-fedora.git;a=blob_plain;f=el5/custom-el5-kolabsys.com/SPECS/reprepro.spec;hb=1fc6ca169df29d3c7dac2cebccb6f3ea0763a666
SRPM URL: http://koji.ergo-project.org/packages/reprepro/4.2.0/4.el5.buildsys/src/reprepro-4.2.0-4.el5.buildsys.src.rpm

reprepro is a tool to manage a repository of Debian packages (.deb, .udeb, .dsc, ...). It stores files either being injected manually or downloaded from some other repository (partially) mirrored into one pool/ hierarchy. Managed packages and files are stored in a Berkeley DB, so no database server is needed. Checking signatures of mirrored repositories and creating signatures of the generated Package indices is supported.
Comment 2 Christoph Wickert 2010-10-31 08:10:28 EDT
Spec and srpm don't match, spec is at -4 while package is still -3. As there is no -4 package in the repo I have taken -3 with the spec of -4.

REVIEW FOR f0df6898fc563cff1ef694fbc772842a  reprepro-4.2.0-3.fc12.src.rpm

MUST Items:
FIX - MUST: $ rpmlint /var/lib/mock/fedora-14-x86_64/result/*.rpm
reprepro.src: W: spelling-error %description -l en_US udeb -> deb, u deb, udder
reprepro.src: W: spelling-error %description -l en_US dsc -> dc, sc, desc
reprepro.src: W: spelling-error %description -l en_US indices -> induces, indies, indicts
reprepro.src: W: non-standard-group Development/Utilities
reprepro.x86_64: W: spelling-error %description -l en_US udeb -> deb, u deb, udder
reprepro.x86_64: W: spelling-error %description -l en_US dsc -> dc, sc, desc
reprepro.x86_64: W: spelling-error %description -l en_US indices -> induces, indies, indicts
reprepro.x86_64: W: non-standard-group Development/Utilities
3 packages and 0 specfiles checked; 0 errors, 8 warnings.

Can be ignored: spelling-error
Needs to be fixed: non-standard-group Development/Utilities -> Development/Tools

OK - MUST: named according to the Package Naming Guidelines
OK - MUST: spec file name matches the base package %{name}
OK - MUST: package meets the Packaging Guidelines
OK - MUST: Fedora approved license and meets the Licensing Guidelines (GPLv2 only)
OK - MUST: License field in spec file matches the actual license
FIX - MUST: license file included in %doc
OK - MUST: spec is in American English
OK - MUST: spec is legible
OK - MUST: sources match the upstream source by MD5 72605173cccdbc805f3037824064895d
OK - MUST: successfully compiles and builds into binary rpms on x86_64
N/A - MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch.
OK - MUST: all build dependencies are listed in BuildRequires.
N/A - MUST: handles locales properly with %find_lang
N/A - MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun.
OK - MUST: Package does not bundle copies of system libraries.
N/A - MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package.
OK - MUST: owns all directories that it creates (none)
OK - MUST: no duplicate files in the %files listing
OK - MUST: Permissions on files are set properly, includes %defattr(...)
OK - MUST: consistently uses macros
OK - MUST: package contains code, or permissable content
N/A - MUST: Large documentation files should go in a -doc subpackage
TBD - MUST: Files included as %doc do not affect the runtime of the application (no docs included!)
N/A - MUST: Header files must be in a -devel package
N/A - MUST: Static libraries must be in a -static package
N/A - MUST: library files that end in .so are in the -devel package.
N/A - MUST: devel packages must require the base package using a fully versioned dependency
OK - MUST: The package does not contain any .la libtool archives.
N/A - MUST: Packages containing GUI applications must include a %{name}.desktop file.
OK - MUST: package does not own files or directories already owned by other packages.
OK - Should: at the beginning of %install, the package runs rm -rf $RPM_BUILD_ROOT.
OK - MUST: all filenames valid UTF-8

FIX - SHOULD: Source package includes license text(s) as a separate file.
N/A - SHOULD: The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available.
OK - SHOULD: builds in mock.
OK - SHOULD: compiles and builds into binary rpms on all supported architectures.
OK - SHOULD: functions as described.
N/A - SHOULD: Scriptlets are sane (no scriptlets used).
N/A - SHOULD: Usually, subpackages other than devel should require the base package using a fully versioned dependency.
N/A - SHOULD: pkgconfig(.pc) files should be placed in a -devel pkg
OK - SHOULD: no file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin
OK - SHOULD: package contains man pages for binaries/scripts.

Other items:
OK - latest stable version
OK - SourceURL valid
OK - Compiler flags ok
OK - Debuginfo complete
OK - SHOULD: package has a %clean section, which contains rm -rf $RPM_BUILD_ROOT.
N/A - SHOULD: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig'.

TODO items:
- Fix the items marked with FIX

- Use the full length of 80 characters for the description

- Requires db4 and gpgme are not needed, I doubt bzip2 is. Libraries should not have explicit requires.

- Add AUTHORS, COPYING, ChangeLog, README, NEWS, TODO, docs/FAQ, docs/manual.html, docs/short-howto, to %doc

- You also want might want to include the examples from the docs folder, but make sure to remove the executable bits.

- Do not specify the manpage with extension gz, we might very well switch to another compression method.

- Timestamp of the source tarball does not match (at least in -3 srpm), please download it again, see https://fedoraproject.org/wiki/Packaging:Guidelines#Timestamps

- Changelog doesn't follow any of the allowed formats, see https://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs
Comment 3 Andrew Colin Kissa 2011-07-17 11:28:43 EDT
*** Bug 720181 has been marked as a duplicate of this bug. ***
Comment 4 Sebastien Caps 2012-05-24 11:48:13 EDT
Since this post seems not very active(2010!) 
I propose my own SPEC and SRPM URL (if this is permitted)
Comment 5 Christoph Wickert 2012-06-01 11:02:32 EDT
Your spec does not address all the issues I found in the review.
- manpages still have the extension hardcoded

You even introduced some new problems:
- %{_usr}/bin should be %{_bindir}
- bzip2-libs is not a -devel package
- Various unneeded explicit Requires
- Source1 not needed, it's the same as COPYING form the tarball
- not all docs are included, e.g. the examples are missing

If you want to take over packaging and maintenance of this package, please submit a new review request and mark this one a duplicate of it. Thanks in advance!
Comment 6 Sebastien Caps 2012-06-04 08:41:20 EDT
New bug reported https://bugzilla.redhat.com/show_bug.cgi?id=828188
Please close this one
Comment 7 Fabian Affolter 2012-06-30 14:28:42 EDT

*** This bug has been marked as a duplicate of bug 828188 ***

Note You need to log in before you can comment on or make changes to this bug.