Spec URL: http://echevemaster.fedorapeople.org/python-django-ckeditor/python-django-ckeditor.spec SRPMS URL: http://echevemaster.fedorapeople.org/python-django-ckeditor/python-django-ckeditor-4.0.2-1.fc19.src.rpm Description: Provides a RichTextField and CKEditorWidget utilizing CKEditor with image upload and browsing support included Fedora Account System Username: echevemaster Tested on koji: http://koji.fedoraproject.org/koji/taskinfo?taskID=5583452
Hi Eduardo, I'm working in this review about your package, please one suggestion in my review. Adjust your spec file and submit again please. - Issue about license is false positive - Outputs rpmlint are false positives ! - if you already asking for Requires package Django there is no need to ask him in BuildRequires also(same package) Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed Issues: ======= - If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. Note: Cannot find LICENSE.md in rpm(s) See: http://fedoraproject.org/wiki/Packaging/LicensingGuidelines#License_Text ===== MUST items ===== Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [.]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [.]: Package contains desktop file if it is a GUI application. [.]: Development files must be in a -devel package [x]: Package requires other packages for directories it uses. [x]: Package uses nothing in %doc for runtime. [x]: Package is not known to require ExcludeArch. [x]: Package complies to the Packaging Guidelines [x]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated". 32 files have unknown license. Detailed output of licensecheck in /home/marcelo.barbosa/rpmbuild/SOURCES/reviews/982077 -python-django-ckeditor/licensecheck.txt [x]: Package consistently uses macro is (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [.]: Package obeys FHS, except libexecdir and /usr/target. [.]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [!]: Requires correct, justified where necessary. use Django in Requires or BuildRequires but in both is not correct [x]: Spec file is legible and written in American English. [.]: Package contains systemd file(s) if in need. [x]: Large documentation must go in a -doc subpackage. Note: Documentation size is 30720 bytes in 5 files. [x]: All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Each %files section contains %defattr if rpm < 4.4 [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Fully versioned dependency in subpackages, if present. [x]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package do not use a name that already exist [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). Python: [x]: Python eggs must not download any dependencies during the build process. [x]: A package which is used by another package via an egg interface should provide egg info. [x]: Package meets the Packaging Guidelines::Python [x]: Package contains BR: python2-devel or python3-devel [x]: Binary eggs must be removed in %prep ===== SHOULD items ===== Generic: [x]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [x]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [x]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: Package should compile and build into binary rpms on all supported architectures. [.]: %check is present and all tests pass. is not present in source, not use %check in this package [x]: Packages should try to preserve timestamps of original installed files. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: Dist tag is present. [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: SourceX tarball generation or download is documented. [x]: SourceX is a working URL. [x]: Spec use %global instead of %define. ===== EXTRA items ===== Generic: [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: python-django-ckeditor-4.0.2-1.fc18.noarch.rpm python-django-ckeditor.noarch: E: htaccess-file /usr/lib/python2.7/site-packages/ckeditor/static/ckeditor/ckeditor/.htaccess python-django-ckeditor.noarch: E: htaccess-file /usr/lib/python2.7/site-packages/ckeditor/static/ckeditor/.htaccess 1 packages and 0 specfiles checked; 2 errors, 0 warnings. Rpmlint (installed packages) ---------------------------- # rpmlint python-django-ckeditor python-django-ckeditor.noarch: E: htaccess-file /usr/lib/python2.7/site-packages/ckeditor/static/ckeditor/ckeditor/.htaccess python-django-ckeditor.noarch: E: htaccess-file /usr/lib/python2.7/site-packages/ckeditor/static/ckeditor/.htaccess 1 packages and 0 specfiles checked; 2 errors, 0 warnings. # echo 'rpmlint-done:' Requires -------- python-django-ckeditor (rpmlib, GLIBC filtered): python(abi) python-django python-imaging Provides -------- python-django-ckeditor: python-django-ckeditor Source checksums ---------------- https://pypi.python.org/packages/source/d/django-ckeditor/django-ckeditor-4.0.2.tar.gz : CHECKSUM(SHA256) this package : 3d1157ef7b9a77f51348cf6fe72dcaeff982fac5c0fa02bc5dcca82993e66553 CHECKSUM(SHA256) upstream package : 3d1157ef7b9a77f51348cf6fe72dcaeff982fac5c0fa02bc5dcca82993e66553 Generated by fedora-review 0.4.1 (b2e211f) last change: 2013-04-29 Buildroot used: fedora-18-x86_64 Command line :/usr/bin/fedora-review -b 982077
Eduardo, I re-checked this package and approved, this is necessary Require and BuildRequire package, good work. ---------------- PACKAGE APPROVED ---------------- Marcelo Barbosa
Marcelo, when using such tools like fedora-review, you're supposed to manually review the empty forms as well. Just inserting an (unspecified) [.] is not sufficient. Your remark about requirements is wrong, Eduardo made it right. The license is not correct, from the included ckeditor, license.md: Licensed under the terms of any of the following licenses at your choice: - GNU General Public License Version 2 or later (the "GPL") http://www.gnu.org/licenses/gpl.html (See Appendix A) - GNU Lesser General Public License Version 2.1 or later (the "LGPL") http://www.gnu.org/licenses/lgpl.html (See Appendix B) - Mozilla Public License Version 1.1 or later (the "MPL") http://www.mozilla.org/MPL/MPL-1.1.html (See Appendix C) I don't see a BSD license at all. The source also bundles jquery and jush, which is licensed under Apache license. This generates a mix of licenses.
So license must read: MPLv1.1 and ASL 2.0 and BSD and the spec file must contain a breakdown of licenses.
> I don't see a BSD license at all. Strangely, it's in file "LICENSE" and PKG-INFO. https://fedoraproject.org/wiki/Licensing:BSD?rd=Licensing/BSD#3ClauseBSD > So license must read: MPLv1.1 and ASL 2.0 and BSD For the included ckeditor it's an OR: GPLv2+ or LGPLv2+ or MPLv1.1 https://fedoraproject.org/wiki/Packaging:LicensingGuidelines#Dual_Licensing_Scenarios
Hi Matthias, with respect to the licenses, you're right.(I'm sorry I didn't checked thoroughly) there are a mix of those. althought the file LICENSE contains the boilerplate of the 3-clause BSD, that we can check with: ➜ django-ckeditor-4.0.2 licensecheck -r LICENSE LICENSE: BSD (3 clause) so the license field would look like that License: BSD and (GPLv2+ or LGPLv2+ or MPLv1.1) and MIT and ASL 2.0 Marcelo, in this cases the packager should stick at the licensing guidelines, see https://fedoraproject.org/wiki/Packaging:LicensingGuidelines#Multiple_Licensing_Scenarios In these cases, this would be a clear indication that be is incurring in https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries, but Fedora does not require client-side JavaScript to be unbundled in this moment. Please review this too : http://fedoraproject.org/wiki/Packaging:ReviewGuidelines (In reply to Michael Schwendt from comment #5) > > For the included ckeditor it's an OR: GPLv2+ or LGPLv2+ or MPLv1.1 Thanks for the clarification Here you go the updated files, marcelo, try again ;) SPEC: http://echevemaster.fedorapeople.org/python-django-ckeditor/2/python-django-ckeditor.spec SRPM: http://echevemaster.fedorapeople.org/python-django-ckeditor/2/python-django-ckeditor-4.0.2-2.fc19.src.rpm
Eduardo, I'd strongly suggest to remove all those .ds_store files during prep step. In general it's a good practice to remove unwanted files as early as possible, to make really sure, they are not used at all during compile.
(In reply to Matthias Runge from comment #7) > Eduardo, > I'd strongly suggest to remove all those .ds_store files during prep step. > > In general it's a good practice to remove unwanted files as early as > possible, to make really sure, they are not used at all during compile. Done Mathias, thank you SPEC: http://echevemaster.fedorapeople.org/python-django-ckeditor/3/python-django-ckeditor.spec SRPM: http://echevemaster.fedorapeople.org/python-django-ckeditor/3/python-django-ckeditor-4.0.2-3.fc19.src.rpm
@Mathias, Thank you for your tips and reports. @Eduardo, Good work, always good reviewing your packages i learn much better. Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed - This licence is false positive, in your spec this is correctly. Issues: ======= - If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. Note: Cannot find LICENSE.md in rpm(s) See: http://fedoraproject.org/wiki/Packaging/LicensingGuidelines#License_Text ===== MUST items ===== Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [-]: Development files must be in a -devel package [x]: Package requires other packages for directories it uses. [x]: Package uses nothing in %doc for runtime. [-]: Package is not known to require ExcludeArch. [x]: Package complies to the Packaging Guidelines [x]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated". 32 files have unknown license. Detailed output of licensecheck in /home/marcelo.barbosa/rpmbuild/SOURCES/reviews/982077 -python-django-ckeditor/licensecheck.txt [x]: Package consistently uses macro is (instead of hard-coded directory names). [x]: If the package is under multiple licenses, the licensing breakdown must be documented in the spec. [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Large documentation must go in a -doc subpackage. Note: Documentation size is 30720 bytes in 5 files. [x]: All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Each %files section contains %defattr if rpm < 4.4 [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Fully versioned dependency in subpackages, if present. [x]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package do not use a name that already exist [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). Python: [x]: Python eggs must not download any dependencies during the build process. [x]: A package which is used by another package via an egg interface should provide egg info. [x]: Package meets the Packaging Guidelines::Python [x]: Package contains BR: python2-devel or python3-devel [x]: Binary eggs must be removed in %prep ===== SHOULD items ===== Generic: [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [x]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [x]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: Package should compile and build into binary rpms on all supported architectures. [-]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: Dist tag is present. [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: SourceX tarball generation or download is documented. [x]: SourceX is a working URL. [x]: Spec use %global instead of %define. ===== EXTRA items ===== Generic: [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: python-django-ckeditor-4.0.2-3.fc18.noarch.rpm python-django-ckeditor.noarch: E: htaccess-file /usr/lib/python2.7/site-packages/ckeditor/static/ckeditor/ckeditor/.htaccess python-django-ckeditor.noarch: E: htaccess-file /usr/lib/python2.7/site-packages/ckeditor/static/ckeditor/.htaccess 1 packages and 0 specfiles checked; 2 errors, 0 warnings. Rpmlint (installed packages) ---------------------------- # rpmlint python-django-ckeditor python-django-ckeditor.noarch: E: htaccess-file /usr/lib/python2.7/site-packages/ckeditor/static/ckeditor/ckeditor/.htaccess python-django-ckeditor.noarch: E: htaccess-file /usr/lib/python2.7/site-packages/ckeditor/static/ckeditor/.htaccess 1 packages and 0 specfiles checked; 2 errors, 0 warnings. # echo 'rpmlint-done:' Requires -------- python-django-ckeditor (rpmlib, GLIBC filtered): python(abi) python-django python-imaging Provides -------- python-django-ckeditor: python-django-ckeditor Source checksums ---------------- https://pypi.python.org/packages/source/d/django-ckeditor/django-ckeditor-4.0.2.tar.gz : CHECKSUM(SHA256) this package : 3d1157ef7b9a77f51348cf6fe72dcaeff982fac5c0fa02bc5dcca82993e66553 CHECKSUM(SHA256) upstream package : 3d1157ef7b9a77f51348cf6fe72dcaeff982fac5c0fa02bc5dcca82993e66553 Generated by fedora-review 0.4.1 (b2e211f) last change: 2013-04-29 Buildroot used: fedora-18-x86_64 Command line :/usr/bin/fedora-review -b 982077 ---------------- PACKAGE APPROVED ---------------- Marcelo Barbosa (firemanxbr)
New Package SCM Request ======================= Package Name: python-django-ckeditor Short Description: Django admin CKEditor integration Owners: echevemaster Branches: f18 f19 el6 InitialCC:
Git done (by process-git-requests).
python-django-ckeditor-4.0.2-3.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/python-django-ckeditor-4.0.2-3.fc19
python-django-ckeditor-4.0.2-3.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/python-django-ckeditor-4.0.2-3.fc18
python-django-ckeditor-4.0.2-3.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/python-django-ckeditor-4.0.2-3.el6
python-django-ckeditor-4.0.2-3.el6 has been pushed to the Fedora EPEL 6 testing repository.
python-django-ckeditor-4.0.2-3.fc18 has been pushed to the Fedora 18 stable repository.
python-django-ckeditor-4.0.2-3.fc19 has been pushed to the Fedora 19 stable repository.
Since this seems to bundle the already existing ckeditor code, why wasn't any attempt made to make use of it?
(In reply to Orion Poplawski from comment #18) > Since this seems to bundle the already existing ckeditor code, why wasn't > any attempt made to make use of it? because isn't mandatory http://fedoraproject.org/wiki/Packaging:Guidelines#Duplication_of_system_libraries
python-django-ckeditor-4.0.2-3.el6 has been pushed to the Fedora EPEL 6 stable repository.