Spec URL: <http://cerberus.fedorapeople.org/jboss-web/7.0.13/1/jboss-web.spec> SRPM URL: <http://cerberus.fedorapeople.org/jboss-web/7.0.13/1/jboss-web-7.0.13-1.fc18.src.rpm> Description: JBoss Web Server is an enterprise ready web server designed for medium and large applications, based on Tomcat. JBoss Web a component of the JBoss Application Server, there are no more standalone version of JBoss Web you need the Application Server to get the Servlet/JSP container., JBoss Web Server provides organizations with a single deployment platform for Java Server Pages (JSP) and Java Servlet technologies, PHP, and CGI. It uses a genuine high performance hybrid technology that incorporates the best of the most recent OS technologies for processing high volume data, while keeping all the reference Java specifications. http://koji.fedoraproject.org/koji/taskinfo?taskID=3931742
I am taking this for review.
Package Review ============== Key: - = N/A x = Check ! = Problem ? = Not evaluated === REQUIRED ITEMS === [!] Rpmlint output: Output of rpmlint of the source package: $ rpmlint jboss-web-7.0.13-1.fc18.src.rpm jboss-web.src: E: description-line-too-long C JBoss Web Server is an enterprise ready web server designed for medium and large applications, based on Tomcat. jboss-web.src: W: invalid-url URL: http://www.jboss.org/jbossweb HTTP Error 403: Forbidden jboss-web.src:60: W: macro-in-comment %{_javadocdir} jboss-web.src:60: W: macro-in-comment %{name} jboss-web.src:61: W: macro-in-comment %{_javadocdir} jboss-web.src:61: W: macro-in-comment %{name} jboss-web.src: W: invalid-url Source0: jboss-web-7.0.13.Final.tar.xz 1 packages and 0 specfiles checked; 1 errors, 6 warnings. Output of rpmlint of the binary packages: $ rpmlint jboss-web-7.0.13-1.fc18.noarch.rpm jboss-web-doc-7.0.13-1.fc18.noarch.rpm jboss-web.noarch: E: description-line-too-long C JBoss Web Server is an enterprise ready web server designed for medium and large applications, based on Tomcat. jboss-web.noarch: W: invalid-url URL: http://www.jboss.org/jbossweb HTTP Error 403: Forbidden jboss-web-doc.noarch: W: invalid-url URL: http://www.jboss.org/jbossweb HTTP Error 403: Forbidden 2 packages and 0 specfiles checked; 1 errors, 2 warnings. URL warnings are acceptable. [x] Package is named according to the Package Naming Guidelines[1]. [x] Spec file name must match the base package name, in the format %{name}.spec. [x] Package meets the Packaging Guidelines[2]. [x] Package successfully compiles and builds into binary rpms. Koji build: http://koji.fedoraproject.org/koji/taskinfo?taskID=3933281 [x] Buildroot definition is not present [!] Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines[3,4]. Some of the source files state in their license header that they are covered by "CDDL or GPLv2+ or ASL 2.0", which are known to be imcompatible. This affects most of the files in the java/javax directory. See for example the file "java/javax/servlet/ServletContextListener.java". [!] License field in the package spec file matches the actual license. The license in the spec file is "LGPLv3+" but the package contains files with a mix of licenses. Some examples: LGPLv2.1+: java/org/jboss/servlet/http/HttpEventFilterChain.java LGPLv2+: java/org/jboss/web/php/PhpThread.java ASL 2.0: java/org/apache/jasper/* LGPLv2.1+ or ASL 2.0: java/org/apache/naming/resources/ProxyDirContext.java MIT: java/org/apache/tomcat/util/json/JSONTokener.java CDDL or LGPLv2+: java/javax/servlet/ServletContainerInitializer.java [x] If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [x] All independent sub-packages have license of their own [x] Spec file is legible and written in American English. [x] Sources used to build the package matches the upstream source, as provided in the spec URL. Checked using a recursive diff of the sources, which gives output like this: diff --recursive --unified t/jboss-web-7.0.13.Final/java/org/apache/catalina/authenticator/AuthenticatorBase.java t2/jboss-web-7.0.13.Final/java/org/apache/catalina/authenticator/AuthenticatorBase.java --- t/jboss-web-7.0.13.Final/java/org/apache/catalina/authenticator/AuthenticatorBase.java 2011-10-11 17:29:56.000000000 +0200 +++ t2/jboss-web-7.0.13.Final/java/org/apache/catalina/authenticator/AuthenticatorBase.java 2011-10-11 17:29:56.818919000 +0200 @@ -70,7 +70,7 @@ * requests. Requests of any other type will simply be passed * through. * * @author Craig R. McClanahan - * @version $Revision: 1848 $ $Date: 2011-10-11 11:29:56 -0400 (Tue, 11 Oct 2011) $ + * @version $Revision: 1848 $ $Date: 2011-10-11 17:29:56 +0200 (Tue, 11 Oct 2011) $ */ These differences are acceptable, as they appear due to distinct time zones and subversion quirks. [x] All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines[5]. [x] Package must own all directories that it creates or must require other packages for directories it uses. [x] Package does not contain duplicates in %files. [x] File sections do not contain %defattr(-,root,root,-) unless changed with good reason [x] Permissions on files are set properly. [x] Package does NOT have a %clean section which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). (not needed anymore) [x] Package consistently uses macros (no %{buildroot} and $RPM_BUILD_ROOT mixing) [x] Package contains code, or permissable content. [-] Fully versioned dependency in subpackages, if present. [-] Package contains a properly installed %{name}.desktop file if it is a GUI application. [-] Package does not own files or directories owned by other packages. [!] Javadoc documentation files are generated and included in -javadoc subpackage [!] Javadocs are placed in %{_javadocdir}/%{name} (no -%{version} symlinks) No javadoc is generated. [x] Packages have proper BuildRequires/Requires on jpackage-utils [-] Javadoc subpackages have Require: jpackage-utils [x] Package uses %global not %define [x] If package uses tarball from VCS include comment how to re-create that tarball (svn export URL, git clone URL, ...) [x] If source tarball includes bundled jar/class files these need to be removed prior to building [x] All filenames in rpm packages must be valid UTF-8. [x] Jar files are installed to %{_javadir}/%{name}.jar (see [6] for details) [x] If package contains pom.xml files install it (including depmaps) even when building with ant [x] pom files has correct add_maven_depmap === Maven === [x] Use %{_mavenpomdir} macro for placing pom files instead of %{_datadir}/maven2/poms [-] If package uses "-Dmaven.test.skip=true" explain why it was needed in a comment [-] If package uses custom depmap "-Dmaven.local.depmap.file=*" explain why it's needed in a comment [x] Package DOES NOT use %update_maven_depmap in %post/%postun [x] Packages DOES NOT have Requires(post) and Requires(postun) on jpackage-utils for %update_maven_depmap macro === Other suggestions === [x] If possible use upstream build method (maven/ant/javac) [x] Avoid having BuildRequires on exact NVR unless necessary [x] Package has BuildArch: noarch (if possible) [x] Latest version is packaged. [x] Reviewer should test that the package builds in mock. Tested on: http://koji.fedoraproject.org/koji/taskinfo?taskID=3933281 === Issues === 1. Description line is too long, please make it shorter than 79 characters. 2. Macros in comments, please remove them. 3. Several license issues, see above. 4. No javadocs. === Final Notes === My suggestion to move forward: 1. Contact upstream developers and inform them of the licensing issues, specially for the files stating several incompatible licenses. Contact legal.org for assistance. 2. Remove macros from comments (this is not strictly required). 3. As the licensing of the content in the "java/javax" is problematic you may want to replace it with dependencies on packages providing the same content. In this particular case that content can be obtained from the following packages (already in rawhide): jboss-annotations-1.1-api jboss-el-2.2-api jboss-jsp-2.1-api jboss-servlet-3.0-api You could add those to BuildRequires and Requires. Then in the %setup section you can remove the "java/javax" directory and replace it with links in the "lib" directory: %setup # Remove all the javax classes, as they should come from other packages: rm -rf java/javax ln -s $(build-classpath jboss-annotations-1.1-api) lib ln -s $(build-classpath jboss-el-2.2-api) lib ln -s $(build-classpath jboss-jsp-2.2-api) lib ln -s $(build-classpath jboss-servlet-3.0-api) lib If you do this you will need to add the dependencies to the POM file as well. This also reduces the number of different implementations of "javax" things that we have in Fedora. I would even suggest to remove that "java/javax" directory from the source tarball. Once the license issues are cleared with upstream and legal we can check what is the right license type. 4. In order to generate the javadoc you could add a new source file: Source2: build-javadoc.xml With the following content: <project name="javadoc" default="build"> <target name="build"> <mkdir dir="apidocs" /> <javadoc destdir="apidocs"> <fileset dir="java"/> </javadoc> </target> </project> Then in the spec you can add the following: %setup cp %{SOURCE2} . %build ant -f build-javadoc.xml %install install -d -m 755 $RPM_BUILD_ROOT%{_javadocdir}/%{name} cp -rp apidocs/* $RPM_BUILD_ROOT%{_javadocdir}/%{name}
Okay, I will work on it. Thanks for the review!
Sent out e-mails to legal and Remy Maucherat (project lead for jbossweb) about the licensing issue. Tried your method to build javadoc. It worked but wouldn't build the project so I added a patch to patch build.xml. Looks to me like it should have worked. It creates apidocs folder but then still complains about it not existing. Can you take a peek? Thanks for your guidance. - Tony http://cerberus.fedorapeople.org/jboss-web/7.0.13/2/jboss-web.spec http://cerberus.fedorapeople.org/jboss-web/7.0.13/2/jboss-web-7.0.13-2.fc16.src.rpm
Thanks Tony! In order to use the method I suggested to build the javadoc you need to use the original build.xml *and* the new build-javadoc.xml. It wasn't very well explained in my previous comment, sorry. In the %build section you will need to invoke ant twice: # Once for the binaries: ant # And another time for the javadoc: ant -f build-javadoc.xml Patching the original build.xml is also ok, but it will require more work when you update to a new upstream version. I let it up to you to decide which is better. Right now it is not working because of the slash in front of the directory, it should be a relative path: - cp -rp /apidocs/* $RPM_BUILD_ROOT%{_javadocdir}/%{name} + cp -rp apidocs/* $RPM_BUILD_ROOT%{_javadocdir}/%{name}
Okay. Haha, yeah that was my first thought but I didn't change the path to relative. Fixed now. Also added a %files javadoc section. Javadoc still throws warnings about the stuff that was deleted. Don't know if it's required but I guess put some exclusions in the build-javadoc.xml for those directories. Also do I still add dependency information in jboss-web-7.0.13.Final-pom.xml. Thanks again Juan! http://koji.fedoraproject.org/koji/taskinfo?taskID=3937470 http://cerberus.fedorapeople.org/jboss-web/7.0.13/3/jboss-web.spec http://cerberus.fedorapeople.org/jboss-web/7.0.13/3/jboss-web-7.0.13-3.fc18.src.rpm
Package Review ============== Key: - = N/A x = Check ! = Problem ? = Not evaluated === REQUIRED ITEMS === [!] Rpmlint output: Output of rpmlint of the source package: $ rpmlint jboss-web-7.0.13-3.fc18.src.rpm jboss-web.src: E: description-line-too-long C JBoss Web Server is an enterprise ready web server designed for medium and large applications, based on Tomcat. jboss-web.src: W: invalid-url URL: http://www.jboss.org/jbossweb HTTP Error 403: Forbidden jboss-web.src: W: invalid-url Source0: jboss-web-7.0.13.Final.tar.xz 1 packages and 0 specfiles checked; 1 errors, 2 warnings. Output of rpmlint of the binary packages: $ rpmlint jboss-web-7.0.13-3.fc18.noarch.rpm jboss-web-doc-7.0.13-3.fc18.noarch.rpm jboss-web-javadoc-7.0.13-3.fc18.noarch.rpm jboss-web.noarch: E: description-line-too-long C JBoss Web Server is an enterprise ready web server designed for medium and large applications, based on Tomcat. jboss-web.noarch: W: invalid-url URL: http://www.jboss.org/jbossweb HTTP Error 403: Forbidden jboss-web-doc.noarch: W: invalid-url URL: http://www.jboss.org/jbossweb HTTP Error 403: Forbidden jboss-web-javadoc.noarch: W: spelling-error Summary(en_US) Javadocs -> Java docs, Java-docs, Avocados jboss-web-javadoc.noarch: W: invalid-url URL: http://www.jboss.org/jbossweb HTTP Error 403: Forbidden 3 packages and 0 specfiles checked; 1 errors, 4 warnings. URL warnings are acceptable. The description should be shorter than 79 characters. [x] Package is named according to the Package Naming Guidelines[1]. [x] Spec file name must match the base package name, in the format %{name}.spec. [x] Package meets the Packaging Guidelines[2]. [x] Package successfully compiles and builds into binary rpms. Koji build: http://koji.fedoraproject.org/koji/taskinfo?taskID=3939085 [x] Buildroot definition is not present [x] Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines[3,4]. [!] License field in the package spec file matches the actual license. The license in the spec file is "LGPLv3+" but the package contains files with a mix of licenses. Some examples: LGPLv2.1+: java/org/jboss/servlet/http/HttpEventFilterChain.java LGPLv2+: java/org/jboss/web/php/PhpThread.java ASL 2.0: java/org/apache/jasper/* LGPLv2.1+ or ASL 2.0: java/org/apache/naming/resources/ProxyDirContext.java MIT: java/org/apache/tomcat/util/json/JSONTokener.java The license type should be: LGPLv2+ and ASL 2.0 and MIT and (LGPLv2+ or ASL 2.0) [x] If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [x] All independent sub-packages have license of their own [x] Spec file is legible and written in American English. [x] Sources used to build the package matches the upstream source, as provided in the spec URL. Checked using a recursive diff of the sources, which gives output like this: diff --recursive --unified t/jboss-web-7.0.13.Final/java/org/apache/catalina/authenticator/AuthenticatorBase.java t2/jboss-web-7.0.13.Final/java/org/apache/catalina/authenticator/AuthenticatorBase.java --- t/jboss-web-7.0.13.Final/java/org/apache/catalina/authenticator/AuthenticatorBase.java 2011-10-11 17:29:56.000000000 +0200 +++ t2/jboss-web-7.0.13.Final/java/org/apache/catalina/authenticator/AuthenticatorBase.java 2011-10-11 17:29:56.818919000 +0200 @@ -70,7 +70,7 @@ * requests. Requests of any other type will simply be passed * through. * * @author Craig R. McClanahan - * @version $Revision: 1848 $ $Date: 2011-10-11 11:29:56 -0400 (Tue, 11 Oct 2011) $ + * @version $Revision: 1848 $ $Date: 2011-10-11 17:29:56 +0200 (Tue, 11 Oct 2011) $ */ These differences are acceptable, as they appear due to distinct time zones and subversion quirks. [x] All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines[5]. [x] Package must own all directories that it creates or must require other packages for directories it uses. [x] Package does not contain duplicates in %files. [x] File sections do not contain %defattr(-,root,root,-) unless changed with good reason [x] Permissions on files are set properly. [x] Package does NOT have a %clean section which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). (not needed anymore) [x] Package consistently uses macros (no %{buildroot} and $RPM_BUILD_ROOT mixing) [x] Package contains code, or permissable content. [-] Fully versioned dependency in subpackages, if present. [-] Package contains a properly installed %{name}.desktop file if it is a GUI application. [-] Package does not own files or directories owned by other packages. [x] Javadoc documentation files are generated and included in -javadoc subpackage [x] Javadocs are placed in %{_javadocdir}/%{name} (no -%{version} symlinks) No javadoc is generated. [x] Packages have proper BuildRequires/Requires on jpackage-utils [-] Javadoc subpackages have Require: jpackage-utils [x] Package uses %global not %define [x] If package uses tarball from VCS include comment how to re-create that tarball (svn export URL, git clone URL, ...) [x] If source tarball includes bundled jar/class files these need to be removed prior to building [x] All filenames in rpm packages must be valid UTF-8. [x] Jar files are installed to %{_javadir}/%{name}.jar (see [6] for details) [x] If package contains pom.xml files install it (including depmaps) even when building with ant [x] pom files has correct add_maven_depmap === Maven === [x] Use %{_mavenpomdir} macro for placing pom files instead of %{_datadir}/maven2/poms [-] If package uses "-Dmaven.test.skip=true" explain why it was needed in a comment [-] If package uses custom depmap "-Dmaven.local.depmap.file=*" explain why it's needed in a comment [x] Package DOES NOT use %update_maven_depmap in %post/%postun [x] Packages DOES NOT have Requires(post) and Requires(postun) on jpackage-utils for %update_maven_depmap macro === Other suggestions === [x] If possible use upstream build method (maven/ant/javac) [x] Avoid having BuildRequires on exact NVR unless necessary [x] Package has BuildArch: noarch (if possible) [x] Latest version is packaged. [x] Reviewer should test that the package builds in mock. Tested on: http://koji.fedoraproject.org/koji/taskinfo?taskID=3939085 === Issues === 1. Description line is too long, please make it shorter than 79 characters. 2. License should be "LGPLv2+ and ASL 2.0 and MIT and (LGPLv2+ or ASL 2.0)". 3. "Requires: jboss-jsp-2.1-api" should be "Requires: jboss-jsp-2.2-api". 4. The POM file doesn't include the dependencies for "jboss-*-api". === Final Notes === We are almost there! The javadoc warnings are acceptable. Once you fix the above issues I will approve. To be clear about #1, #2 and #3: --- jboss-web.spec +++ jboss-web.spec @@ -6,7 +6,7 @@ Release: 3%{?dist} Summary: JBoss Web Group: Development/Libraries -License: LGPLv3+ +License: LGPLv2+ and ASL 2.0 and MIT and (LGPLv2+ or ASL 2.0) URL: http://www.jboss.org/jbossweb # svn export # http://anonsvn.jboss.org/repos/jbossweb/tags/JBOSSWEB_7_0_13_FINAL/ # jboss-web-7.0.13.Final @@ -34,11 +34,12 @@ Requires: java Requires: jboss-annotations-1.1-api Requires: jboss-el-2.2-api -Requires: jboss-jsp-2.1-api +Requires: jboss-jsp-2.2-api Requires: jboss-servlet-3.0-api %description -JBoss Web Server is an enterprise ready web server designed for medium and large applications, based on Tomcat. +JBoss Web Server is an enterprise ready web server designed for medium and +large applications, based on Tomcat. %package doc Summary: User guide for %{name} For #4 you need to add something like this to the POM: <dependencies> <dependency> <groupId>org.jboss.spec.javax.annotation</groupId> <artifactId>jboss-annotations-api_1.1_spec</artifactId> <version>1.0.1-SNAPSHOT</version> </dependency> <dependency> <groupId>org.jboss.spec.javax.el</groupId> <artifactId>jboss-el-api_2.2_spec</artifactId> <version>1.0.1-SNAPSHOT</version> </dependency> <dependency> <groupId>org.jboss.spec.javax.servlet.jsp</groupId> <artifactId>jboss-jsp-api_2.2_spec</artifactId> <version>1.0.1.Final</version> </dependency> <dependency> <groupId>org.jboss.spec.javax.servlet</groupId> <artifactId>jboss-servlet-api_3.0_spec</artifactId> <version>1.0.1.Final</version> </dependency> </dependencies> Thanks Tony!
Okay. Changes were added. http://cerberus.fedorapeople.org/jboss-web/7.0.13/4/jboss-web.spec http://cerberus.fedorapeople.org/jboss-web/7.0.13/4/jboss-web-7.0.13-4.fc18.src.rpm http://koji.fedoraproject.org/koji/taskinfo?taskID=3940962 Thanks again!
I don't see any reason to block this package now. There is a little thing that you can fix before doing the initial commit. Instead of long lines in the changelog, use several lines, one per change: * Wed Mar 28 2012 Anthony Sasadeusz <sasadeu1> 7.0.13-4 - Fixed licensing issue - Cleaned up description and requires section - Added dependency information to POM file Good job! ================ *** APPROVED *** ================
New Package SCM Request ======================= Package Name: jboss-web Short Description: JBoss Web Server Owners: cerberus Branches: f17 InitialCC: goldmann jhernand
Git done (by process-git-requests).
Did a fedpkg build for f17 and only 1 of the 3 completed. The two that failed complained about Error: No Package found for jboss-annotations-1.1-api. Not sure if I can close this bug yet. http://koji.fedoraproject.org/koji/taskinfo?taskID=3943576
I created a buildroot override for jboss-annotations-1.1-api. That should allow you to do the build. Please wait for the next repo and then try again the build: koji wait-repo f17-build fedpkg build
Tony, I see that you already built for F17. Please remember to create an update: fedpkg update Thanks!