Bug 885495 - Review Request: python-keyczar - open source cryptographic toolkit
Summary: Review Request: python-keyczar - open source cryptographic toolkit
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Eduardo Echeverria
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-12-09 20:53 UTC by Maxim Burgerhout
Modified: 2013-01-11 23:32 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-01-07 04:06:37 UTC
Type: ---
echevemaster: fedora-review+
gwync: fedora-cvs+


Attachments (Terms of Use)

Description Maxim Burgerhout 2012-12-09 20:53:53 UTC
Spec URL: http://wzzrd.fedorapeople.org/python-keyczar/python-keyczar.spec
SRPM URL: http://wzzrd.fedorapeople.org/python-keyczar/python-keyczar-0.71b-1.fc19.src.rpm
Description: python-keyczar is an open source cryptographic toolkit designed to make it easier and safer for developers to use cryptography in their applications.
Fedora Account System Username: wzzrd

koji scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=4771313

Comment 1 Eduardo Echeverria 2012-12-09 23:08:42 UTC
Hi Maxim

In epel5 the packages that install python modules needs to define python_sitelib or python to indicate where to find the python directory and what modules are installed in, This is no needed in the latest releases of Fedora.

Also

%if 0%{?rhel} <= 5                                                               
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot                   
%endif 

not correct, should be:

%if 0%{?rhel} && 0%{?rhel} <= 5
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
%endif

http://fedoraproject.org/wiki/Packaging:Python#Macros

Now,  if you want to provide this package to epel5, see
https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies#Distribution_specific_guidelines


The entry

%{python_sitelib}/*

should be

%{python_sitelib}/

see: https://fedoraproject.org/wiki/Packaging:UnownedDirectories

- The package appears to contain unit tests, if so should run the tests, see the directory "tests" in the tarball, speciffically alltests.py  

kind regards

Comment 2 Maxim Burgerhout 2012-12-09 23:49:03 UTC
Thanks for reviewing, I appreciate it.

All fixed errors fixed. I did the %files entry slightly different in order not to own the site-packages directory itself. 

New versions of SPEC and SRPM at the above location.

Comment 3 Eduardo Echeverria 2012-12-10 05:49:52 UTC
Hi Maxim: 

I have bad news

python-pyasn1 not is available in epel5
http://koji.fedoraproject.org/koji/packageinfo?packageID=5620

I tried koji build and fail the build of package
http://koji.fedoraproject.org/koji/taskinfo?taskID=4771725
http://kojipkgs.fedoraproject.org//work/tasks/1725/4771725/mock_output.log

Therefore may not provide the package for epel5, unless you talk to the package maintainer, the maintainer is rcritten his email is: rcritten at redhat dot com,

As an aside, if hypothetically we could build for now epel5:

the line what I marked with asterisk (buildroot), should not be there 

%if 0%{?rhel} && 0%{?rhel} <= 5
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}

* BuildRoot:      %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)

%endif

Usually, going after Source0: 

Source0:        http://keyczar.googlecode.com/files/%{name}-%{version}.tar.gz
BuildRoot:      %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)

- Note that if you can not obtain of the package python-pyasn1 in epel5, will need to remove all specific references to building to epel5 (buildroot, %clean and the rm -rf $RPM_BUILD_ROOT), IMHO you should build for the latest releases of Fedora and then may ask change request according to this:

https://fedoraproject.org/wiki/Package_SCM_admin_requests#Package_Change_Requests_for_existing_packages


- Please bump the release number of the spec file on changes and try to write a meaningful changelog entry
https://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs

There are issues with the license (there is no proper license file)


===== MUST items =====

[ ]: If (and only if) the source package includes the text of the license(s)
     in its own file, then that file, containing the text of the license(s)
     for the package is included in %doc.
[ ]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses found:
     "Apache (v2.0)", "Unknown or generated". 2 files have unknown license.
     Detailed output of licensecheck in /home/makerpm/keyczar/885495-python-
     keyczar/licensecheck.txt

Please see the next link for more details on how to proceed.

https://fedoraproject.org/wiki/Packaging:LicensingGuidelines#License_Text

Comment 4 Maxim Burgerhout 2012-12-10 12:47:02 UTC
I agree on the EL5 / EL6 point. I removed the EL5 specific code from the spec file. 

I contacted upstream in order to get a LICENSE file added to the tarball.

I'll upload an updated version hopefully containing the LICENSE file from upstream :)

Are there other things that need fixing? Might as well do those now.

I'll contact the maintainer of python-pyasn1 as well.

Comment 5 Michael S. 2012-12-14 16:30:54 UTC
Eduardo, if you are doing the review, could you assign it to you, as this would remote it from https://fedoraproject.org/PackageReviewStatus/NEW.html ?

Comment 6 Eduardo Echeverria 2012-12-17 05:53:08 UTC
(In reply to comment #5)
> Eduardo, if you are doing the review, could you assign it to you, as this
> would remote it from https://fedoraproject.org/PackageReviewStatus/NEW.html ?

Ok Michael, I took the review, thanks

Maxim.-
Any news regarding the license?

Comment 7 Maxim Burgerhout 2012-12-17 21:29:18 UTC
As a matter of fact, there is news. Upstream agreed to add a LICENSE file to the tarball, which I await eagerly. I'll get back to you asap.

Comment 8 Maxim Burgerhout 2012-12-21 19:24:18 UTC
Ok, upstream added the license and some patches to a new release 0.71c.

Spec URL: http://wzzrd.fedorapeople.org/python-keyczar/python-keyczar.spec
SRPM URL: http://wzzrd.fedorapeople.org/python-keyczar/python-keyczar-0.71c-1.fc19.src.rpm

Comment 9 Eduardo Echeverria 2012-12-25 00:41:44 UTC
Hi Maxim:
I will make the formal review-

- The warnings about the spelling errors can be ignored


Package Review
==============

Key:
[x] = Pass
[!] = Fail
[-] = Not applicable
[?] = Not evaluated
[ ] = Manual review needed



===== MUST items =====

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: Package successfully compiles and builds into binary rpms on at least one
     supported primary architecture.
[x]: %build honors applicable compiler flags or justifies otherwise.
[x]: All build dependencies are listed in BuildRequires, except for any that
     are listed in the exceptions section of Packaging Guidelines.
[x]: Package contains no bundled libraries.
[x]: Changelog in prescribed format.
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Sources contain only permissible code or content.
[x]: Each %files section contains %defattr if rpm < 4.4
[x]: Macros in Summary, %description expandable at SRPM build time.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package requires other packages for directories it uses.
[x]: Package uses nothing in %doc for runtime.
[x]: Package is not known to require ExcludeArch.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package complies to the Packaging Guidelines
[x]: Spec file lacks Packager, Vendor, PreReq tags.
[x]: If (and only if) the source package includes the text of the license(s)
     in its own file, then that file, containing the text of the license(s)
     for the package is included in %doc.
[x]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses found:
     "Apache (v2.0)", "Unknown or generated". 2 files have unknown license.
     Detailed output of licensecheck in /home/makerpm/keyczar24122012/885495
     -python-keyczar/licensecheck.txt
* The package is licensed under ASL 2.0
[x]: Package consistently uses macro is (instead of hard-coded directory
     names).
[x]: Package is named using only allowed ASCII characters.
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
     Note: Package contains no Conflicts: tag(s)
[x]: Package do not use a name that already exist
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Package installs properly.
[x]: Package is not relocatable.
[x]: Requires correct, justified where necessary.
[x]: CheckResultdir
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: Sources used to build the package match the upstream source, as provided
     in the spec URL.
[x]: Spec file is legible and written in American English.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[-]: Package contains systemd file(s) if in need.
[x]: File names are valid UTF-8.
[-]: Large documentation must go in a -doc subpackage.
     Note: Documentation size is 184320 bytes in 3 files.
[x]: Packages must not store files under /srv, /opt or /usr/local

Python:
[x]: Package contains BR: python2-devel or python3-devel
[x]: Binary eggs must be removed in %prep
[x]: Python eggs must not download any dependencies during the build process.
[x]: A package which is used by another package via an egg interface should
     provide egg info.
[x]: Package meets the Packaging Guidelines::Python

===== SHOULD items =====

Generic:
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: If the source package does not include license text(s) as a separate file
     from upstream, the packager SHOULD query upstream to include it.
[x]: Dist tag is present.
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Final provides and requires are sane (rpm -q --provides and rpm -q
     --requires).
[?]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[x]: The placement of pkgconfig(.pc) files are correct.
[x]: SourceX tarball generation or download is documented.
[x]: SourceX / PatchY prefixed with %{name}.
[x]: SourceX is a working URL.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
     architectures.
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed files.
[x]: Spec use %global instead of %define.

===== EXTRA items =====

Generic:
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).
[x]: Spec file according to URL is the same as in SRPM.
[x]: Large data in /usr/share should live in a noarch subpackage if package is
     arched.


Rpmlint
-------
Checking: python-keyczar-0.71c-1.fc17.src.rpm
          python-keyczar-0.71c-1.fc17.noarch.rpm
python-keyczar.src: W: spelling-error %description -l en_US cryptographic -> cryptography, cryptographer, crystallographic
python-keyczar.noarch: W: spelling-error %description -l en_US cryptographic -> cryptography, cryptographer, crystallographic
2 packages and 0 specfiles checked; 0 errors, 2 warnings.




Rpmlint (installed packages)
----------------------------
# rpmlint python-keyczar
python-keyczar.noarch: W: spelling-error %description -l en_US cryptographic -> cryptography, cryptographer, crystallographic
1 packages and 0 specfiles checked; 0 errors, 1 warnings.
# echo 'rpmlint-done:'



Requires
--------
python-keyczar-0.71c-1.fc17.noarch.rpm (rpmlib, GLIBC filtered):
    
    python(abi) = 2.7
    python-crypto  
    python-pyasn1  



Provides
--------
python-keyczar-0.71c-1.fc17.noarch.rpm:
    
    python-keyczar = 0.71c-1.fc17



MD5-sum check
-------------
http://keyczar.googlecode.com/files/python-keyczar-0.71c.tar.gz :
  CHECKSUM(SHA256) this package     : 34845f4d8388b11e1176d36e90c2126cff564a621133bd1a946aa6640d2e9035
  CHECKSUM(SHA256) upstream package : 34845f4d8388b11e1176d36e90c2126cff564a621133bd1a946aa6640d2e9035

I don't see anymore blockers, therefore

----------------

PACKAGE APPROVED

----------------

Comment 10 Maxim Burgerhout 2012-12-25 08:25:40 UTC
New Package SCM Request
=======================
Package Name: python-keyczar
Short Description: open source cryptographic toolkit
Owners: wzzrd
Branches: f17 f18 el6
InitialCC:

Comment 11 Michael S. 2012-12-25 09:20:36 UTC
Eduardo, can you reset the flag fedora-review to the correct value ?
 There is a bug in bugzilla or firefox that reset the form when submitted, and so the flag got cleared and added back by maxim, except that maxim can only set the review as set by himself, not for someone else.

Comment 12 Eduardo Echeverria 2012-12-25 13:36:15 UTC
(In reply to comment #11)
> Eduardo, can you reset the flag fedora-review to the correct value ?
>  There is a bug in bugzilla or firefox that reset the form when submitted,
> and so the flag got cleared and added back by maxim, except that maxim can
> only set the review as set by himself, not for someone else.

Sure, no problem.

Comment 13 Gwyn Ciesla 2012-12-26 05:00:57 UTC
Git done (by process-git-requests).

Comment 14 Fedora Update System 2012-12-26 19:13:18 UTC
python-keyczar-0.71c-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/python-keyczar-0.71c-1.fc18

Comment 15 Fedora Update System 2012-12-26 19:14:33 UTC
python-keyczar-0.71c-1.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/python-keyczar-0.71c-1.fc17

Comment 16 Fedora Update System 2012-12-26 19:15:23 UTC
python-keyczar-0.71c-1.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/python-keyczar-0.71c-1.el6

Comment 17 Fedora Update System 2012-12-27 20:03:46 UTC
python-keyczar-0.71c-1.el6 has been pushed to the Fedora EPEL 6 testing repository.

Comment 18 Fedora Update System 2013-01-07 04:06:39 UTC
python-keyczar-0.71c-1.fc17 has been pushed to the Fedora 17 stable repository.

Comment 19 Fedora Update System 2013-01-11 00:57:01 UTC
python-keyczar-0.71c-1.el6 has been pushed to the Fedora EPEL 6 stable repository.

Comment 20 Fedora Update System 2013-01-11 23:32:02 UTC
python-keyczar-0.71c-1.fc18 has been pushed to the Fedora 18 stable repository.


Note You need to log in before you can comment on or make changes to this bug.