Bug 998143 - Review Request: perl-Data-UUID - Globally/Universally Unique Identifiers (GUIDs/UUIDs)
Summary: Review Request: perl-Data-UUID - Globally/Universally Unique Identifiers (GUI...
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Mathieu Bridon
QA Contact: Fedora Extras Quality Assurance
Depends On:
Blocks: 998235 998591
TreeView+ depends on / blocked
Reported: 2013-08-17 17:08 UTC by Paul Howarth
Modified: 2013-09-11 01:49 UTC (History)
2 users (show)

Fixed In Version: perl-Data-UUID-1.219-3.fc19
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2013-09-02 16:26:07 UTC
Type: ---
bochecha: fedora-review+
dennis: fedora-cvs+

Attachments (Terms of Use)

Description Paul Howarth 2013-08-17 17:08:00 UTC
Spec URL: http://subversion.city-fan.org/repos/cfo-repo/perl-Data-UUID/branches/fedora/perl-Data-UUID.spec
SRPM URL: http://www.city-fan.org/~paul/extras/perl-Data-UUID/perl-Data-UUID-1.219-2.fc20.src.rpm

This module provides a framework for generating v3 UUIDs (Universally Unique
Identifiers, also known as GUIDs (Globally Unique Identifiers). A UUID is 128
bits long, and is guaranteed to be different from all other UUIDs/GUIDs
generated until 3400 CE.

UUIDs were originally used in the Network Computing System (NCS) and later in
the Open Software Foundation's (OSF) Distributed Computing Environment.
Currently many different technologies rely on UUIDs to provide unique identity
for various software components. Microsoft COM/DCOM for instance, uses GUIDs
very extensively to uniquely identify classes, applications and components
across network-connected systems.

The algorithm for UUID generation, used by this extension, is described in the
Internet Draft "UUIDs and GUIDs" by Paul J. Leach and Rich Salz (see RFC 4122).
It provides a reasonably efficient and reliable framework for generating UUIDs
and supports fairly high allocation rates - 10 million per second per machine -
and therefore is suitable for identifying both extremely short-lived and very
persistent objects on a given system as well as across the network.

This module provides several methods to create a UUID. In all methods,
<namespace> is a UUID and <name> is a free form string.

Fedora Account System Username: pghmcfc

Comment 1 Mathieu Bridon 2013-08-23 02:05:55 UTC

[!]: License field in the package spec file matches the actual license.
[!]: If the source package does not include license text(s) as a separate file
     from upstream, the packager SHOULD query upstream to include it.

So this is a bit weird.

The software is declared as being BSD:


But then it includes this file:


That looks a lot like a variant of the MIT "Old Style (no advertising without
permission)" as found here:


I asked the legal team to confirm:


And they did confirm that the license in this file is a variant of MIT.

So if this package includes some code under this license, then the license
tag should be: BSD and MIT

    => Please fix the license tag.

In addition, could you ask upstream to include a BSD license file in the next
release? (I won't block the review on this, though)

[!]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
     Note: rm -rf %{buildroot} present but not required
[!]: Buildroot is not present
     Note: Invalid buildroot found:
     %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu)
[!]: Package has no %clean section with rm -rf %{buildroot} (or

    => Please remove these.

[!]: Package does not generate any conflict.

    => Package conflicts with uuid-perl, but this is tracked already, so it's
       not a problem for the review:

Package Review

[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed

===== MUST items =====

[x]: Development (unversioned) .so files in -devel subpackage, if present.

    => There's an unversioned .so file, but it is not what should normally go
       in -devel: it's a perfectly normal private library for the Perl module.

[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
[x]: %build honors applicable compiler flags or justifies otherwise.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[!]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
     Note: rm -rf %{buildroot} present but not required

    => Please remove this.

[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package requires other packages for directories it uses.
[x]: Package uses nothing in %doc for runtime.
[x]: Package is not known to require ExcludeArch.
[ ]: Package complies to the Packaging Guidelines
[!]: License field in the package spec file matches the actual license.
[x]: Package consistently uses macro is (instead of hard-coded directory
[x]: Package is named according to the Package Naming Guidelines.
[!]: Package does not generate any conflict.

    => Package conflicts with uuid-perl, but this is tracked already:

[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Useful -debuginfo package or justification otherwise.
[-]: Large documentation must go in a -doc subpackage.
     Note: Documentation size is 20480 bytes in 3 files.
[x]: All build dependencies are listed in BuildRequires, except for any that
     are listed in the exceptions section of Packaging Guidelines.
[x]: Each %files section contains %defattr if rpm < 4.4
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[-]: Fully versioned dependency in subpackages, if present.
[x]: If (and only if) the source package includes the text of the license(s)
     in its own file, then that file, containing the text of the license(s)
     for the package is included in %doc.
[-]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't
[x]: Package is named using only allowed ASCII characters.
[x]: Package do not use a name that already exist
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as provided
     in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local
[x]: Package successfully compiles and builds into binary rpms on at least one
     supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).

[x]: Package contains the mandatory BuildRequires and Requires:.
[x]: CPAN urls should be non-versioned.

===== SHOULD items =====

[!]: Buildroot is not present
     Note: Invalid buildroot found:
     %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu)

    => Please remove this.

[!]: Package has no %clean section with rm -rf %{buildroot} (or

    => Please remove this.

[!]: If the source package does not include license text(s) as a separate file
     from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[?]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[ ]: Package should compile and build into binary rpms on all supported
[x]: %check is present and all tests pass.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: Reviewer should test that the package builds in mock.
[x]: Dist tag is present.
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Uses parallel make.
[x]: SourceX tarball generation or download is documented.
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define.

===== EXTRA items =====

[-]: Large data in /usr/share should live in a noarch subpackage if package is
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).
[x]: Spec file according to URL is the same as in SRPM.

Checking: perl-Data-UUID-1.219-2.fc21.x86_64.rpm
perl-Data-UUID.x86_64: W: spelling-error %description -l en_US namespace -> name space, name-space, names pace
1 packages and 0 specfiles checked; 0 errors, 1 warnings.

Rpmlint (installed packages)
# rpmlint perl-Data-UUID
perl-Data-UUID.x86_64: W: spelling-error %description -l en_US namespace -> name space, name-space, names pace
1 packages and 0 specfiles checked; 0 errors, 1 warnings.
# echo 'rpmlint-done:'

perl-Data-UUID (rpmlib, GLIBC filtered):


Unversioned so-files
perl-Data-UUID: /usr/lib64/perl5/vendor_perl/auto/Data/UUID/UUID.so

Source checksums
http://search.cpan.org/CPAN/authors/id/R/RJ/RJBS/Data-UUID-1.219.tar.gz :
  CHECKSUM(SHA256) this package     : c736d39a6fabf163423b85d94c62cbba6f57ca2f3115e21a0d0c91c23836da28
  CHECKSUM(SHA256) upstream package : c736d39a6fabf163423b85d94c62cbba6f57ca2f3115e21a0d0c91c23836da28

Generated by fedora-review 0.4.1 (b2e211f) last change: 2013-04-29
Buildroot used: fedora-rawhide-x86_64
Command line :/usr/bin/fedora-review -b 998143 -m fedora-rawhide-x86_64

Comment 3 Mathieu Bridon 2013-09-02 08:28:12 UTC
(In reply to Paul Howarth from comment #2)
> License fixed and EL-5 support dropped as requested:

Ah, sorry, I didn't know you wanted to keep compatibility with EPEL 5.

I didn't mean to ask you to drop it, I just assumed you were pushing the package only in Fedora, where these things are completely unneeded.

If you want to push the package to EPEL 5, then these were perfectly valid.

I should have made that more clear in the review above, sorry about that. :-/

> Spec URL:
> http://subversion.city-fan.org/repos/cfo-repo/perl-Data-UUID/branches/fedora/
> perl-Data-UUID.spec
> http://www.city-fan.org/~paul/extras/perl-Data-UUID/perl-Data-UUID-1.219-3.
> fc20.src.rpm

The only real issue I had was the license tag, and this new package fixes that, so the package is approved.

Comment 4 Paul Howarth 2013-09-02 09:41:03 UTC
New Package SCM Request
Package Name: perl-Data-UUID
Short Description: Automatically return a true value when a file is required
Owners: pghmcfc
Branches: f19 f20
InitialCC: perl-sig

Thanks for the review Mathieu.

I try to support EL-5 where it's possible, and it was in this case. However, given that EL-6 has a uuid-perl package that would conflict with this one (and is rather less likely to get fixed than the Fedora equivalent), I think I'll wait for EL-7 before doing any EPEL support.

Comment 5 Dennis Gilmore 2013-09-02 15:07:43 UTC
Git done (by process-git-requests).

Comment 6 Fedora Update System 2013-09-02 16:24:27 UTC
perl-Data-UUID-1.219-3.fc19 has been submitted as an update for Fedora 19.

Comment 7 Fedora Update System 2013-09-11 01:49:34 UTC
perl-Data-UUID-1.219-3.fc19 has been pushed to the Fedora 19 stable repository.

Note You need to log in before you can comment on or make changes to this bug.