Bug 806680 - Review Request: bouncycastle-pg - Bouncy Castle OpenPGP API
Review Request: bouncycastle-pg - Bouncy Castle OpenPGP API
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Marek Goldmann
Fedora Extras Quality Assurance
: 806681 (view as bug list)
Depends On:
Blocks: 809950
  Show dependency treegraph
Reported: 2012-03-25 20:10 EDT by gil cattaneo
Modified: 2012-05-26 03:54 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-05-26 03:54:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
mgoldman: fedora‑review+
limburgher: fedora‑cvs+

Attachments (Terms of Use)

  None (edit)
Description gil cattaneo 2012-03-25 20:10:24 EDT
Spec URL: http://gil.fedorapeople.org/bouncycastle-pg.spec
SRPM URL: http://gil.fedorapeople.org/bouncycastle-pg-1.46-1.fc16.src.rpm
Description: The Bouncy Castle Java API for handling the OpenPGP protocol. This
jar contains the OpenPGP API for JDK 1.6. The APIs can be used in 
conjunction with a JCE/JCA provider such as the one provided with the
Bouncy Castle Cryptography APIs.
Comment 1 Robin Lee 2012-03-25 23:58:39 EDT
*** Bug 806681 has been marked as a duplicate of this bug. ***
Comment 2 gil cattaneo 2012-04-10 15:00:24 EDT
Spec URL: http://gil.fedorapeople.org/bouncycastle-pg.spec
SRPM URL: http://gil.fedorapeople.org/bouncycastle-pg-1.46-2.fc16.src.rpm
add BuildRequires: zip
Comment 4 gil cattaneo 2012-04-15 08:33:21 EDT
Spec URL: http://gil.fedorapeople.org/bouncycastle-pg.spec
SRPM URL: http://gil.fedorapeople.org/bouncycastle-pg-1.46-3.fc16.src.rpm
removed BuildRequires: unzip
Comment 5 Marek Goldmann 2012-05-02 08:50:39 EDT
Is it really required to do such magic in the spec file? This increases the maintain costs significantly. Cannot it be rewritten in more clear way?
Comment 6 gil cattaneo 2012-05-02 14:58:26 EDT
Spec URL: http://gil.fedorapeople.org/bouncycastle-pg.spec
SRPM URL: http://gil.fedorapeople.org/bouncycastle-pg-1.46-4.fc16.src.rpm
- rebuilt with ant and aqute-bndlib 0.0.363 support
- removed BR zip
Comment 7 gil cattaneo 2012-05-02 15:51:01 EDT
tested on: http://koji.fedoraproject.org/koji/taskinfo?taskID=4046827
Comment 8 gil cattaneo 2012-05-02 16:47:50 EDT
Spec URL: http://gil.fedorapeople.org/bouncycastle-pg.spec
SRPM URL: http://gil.fedorapeople.org/bouncycastle-pg-1.46-5.fc16.src.rpm
- fix BRs for fedora > f16
- add BR ant-junit
tested on: http://koji.fedoraproject.org/koji/taskinfo?taskID=4046968
Comment 9 Marek Goldmann 2012-05-08 06:14:38 EDT
Package Review

- = N/A
x = Check
! = Problem
? = Not evaluated

[x]  Rpmlint output:

$ rpmlint SPECS/bouncycastle-pg.spec 
0 packages and 1 specfiles checked; 0 errors, 0 warnings.

$ rpmlint  SRPMS/bouncycastle-pg-1.46-5.fc17.src.rpm 
bouncycastle-pg.src: I: enchant-dictionary-not-found en_US
1 packages and 0 specfiles checked; 0 errors, 0 warnings.

$ rpmlint RPMS/noarch/bouncycastle-pg-1.46-5.fc17.noarch.rpm 
bouncycastle-pg.noarch: I: enchant-dictionary-not-found en_US
1 packages and 0 specfiles checked; 0 errors, 0 warnings.

[x]  Package is named according to the Package Naming Guidelines[1].
[x]  Spec file name must match the base package name, in the format %{name}.spec.
[x]  Package meets the Packaging Guidelines[2].
[x]  Package successfully compiles and builds into binary rpms.
[x]  Buildroot definition is not present
[x]  Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines[3,4].
[x]  License field in the package spec file matches the actual license.
License type: MIT
[x]  If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc.
[x]  All independent sub-packages have license of their own
[x]  Spec file is legible and written in American English.
[x]  Sources used to build the package matches the upstream source, as provided in the spec URL.
MD5SUM this package    : f7189c81b3a0492acc5d21e5d342dba9
MD5SUM upstream package: f7189c81b3a0492acc5d21e5d342dba9
[x]  All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines[5].
[x]  Package must own all directories that it creates or must require other packages for directories it uses.
[x]  Package does not contain duplicates in %files.
[x]  File sections do not contain %defattr(-,root,root,-) unless changed with good reason
[x]  Permissions on files are set properly.
[x]  Package does NOT have a %clean section which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). (not needed anymore)
[x]  Package consistently uses macros (no %{buildroot} and $RPM_BUILD_ROOT mixing)
[x]  Package contains code, or permissable content.
[x]  Fully versioned dependency in subpackages, if present.
[-]  Package contains a properly installed %{name}.desktop file if it is a GUI application.
[x]  Package does not own files or directories owned by other packages.
[x]  Javadoc documentation files are generated and included in -javadoc subpackage
[x]  Javadocs are placed in %{_javadocdir}/%{name} (no -%{version} symlinks)
[x]  Packages have proper BuildRequires/Requires on jpackage-utils
[x]  Javadoc subpackages have Require: jpackage-utils
[!]  Package uses %global not %define

Use %global.

[-]  If package uses tarball from VCS include comment how to re-create that tarball (svn export URL, git clone URL, ...)
[x]  If source tarball includes bundled jar/class files these need to be removed prior to building
[x]  All filenames in rpm packages must be valid UTF-8.
[x]  Jar files are installed to %{_javadir}/%{name}.jar (see [6] for details)
[x]  If package contains pom.xml files install it (including depmaps) even when building with ant
[x]  pom files has correct add_maven_depmap

=== Maven ===
[x]  Use %{_mavenpomdir} macro for placing pom files instead of %{_datadir}/maven2/poms
[-]  If package uses "-Dmaven.test.skip=true" explain why it was needed in a comment
[-]  If package uses custom depmap "-Dmaven.local.depmap.file=*" explain why it's needed in a comment
[x]  Package DOES NOT use %update_maven_depmap in %post/%postun
[x]  Packages DOES NOT have Requires(post) and Requires(postun) on jpackage-utils for %update_maven_depmap macro

=== Other suggestions ===
[x]  If possible use upstream build method (maven/ant/javac)
[x]  Avoid having BuildRequires on exact NVR unless necessary
[x]  Package has BuildArch: noarch (if possible)
[x]  Latest version is packaged.

1.47 is available, but I assume we need to stick with the version availabe in Fedora.

[x]  Reviewer should test that the package builds in mock.
Tested on:


=== Issues ===
1. Use %global instead %define

=== Final Notes ===
1. We're only interested at this point in F17+, so it's safe to remove the checks for fedora version. Please consider removing those checks.
2. Consider removing Requires requirement from javadoc subpackage:

Requires:      %{name} = %{version}-%{release}
Comment 10 gil cattaneo 2012-05-08 06:34:37 EDT
Spec URL: http://gil.fedorapeople.org/bouncycastle-pg.spec
SRPM URL: http://gil.fedorapeople.org/bouncycastle-pg-1.46-6.fc16.src.rpm
- used %%global instead %%define
- removed the checks for fedora version
- removed requirement from javadoc subpackage
Comment 11 Marek Goldmann 2012-05-08 06:55:25 EDT
*** APPROVED ***

A note: in the future please don't overwrite files after fixing review issues.
Comment 12 gil cattaneo 2012-05-08 06:59:49 EDT
New Package SCM Request
Package Name: bouncycastle-pg
Short Description: Bouncy Castle OpenPGP API
Owners: gil
Branches: f17
InitialCC: java-sig
Comment 13 Gwyn Ciesla 2012-05-08 08:33:18 EDT
Git done (by process-git-requests).
Comment 14 Fedora Update System 2012-05-08 09:21:58 EDT
bouncycastle-pg-1.46-6.fc17 has been submitted as an update for Fedora 17.
Comment 15 Orcan Ogetbil 2012-05-08 22:38:31 EDT
Yes, we need to stick with 1.46. Please see bug 806262 for explanation.
Comment 16 Fedora Update System 2012-05-09 12:10:28 EDT
bouncycastle-pg-1.46-6.fc17 has been pushed to the Fedora 17 testing repository.
Comment 17 Fedora Update System 2012-05-10 08:08:23 EDT
bouncycastle-pg-1.46-7.fc17 has been submitted as an update for Fedora 17.
Comment 18 Fedora Update System 2012-05-26 03:54:20 EDT
bouncycastle-pg-1.46-7.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.