Spec URL: https://eclipseo.fedorapeople.org/for-review/dnscrypt-proxy2.spec SRPM URL: https://eclipseo.fedorapeople.org/for-review/dnscrypt-proxy2-2.0.36-1.fc32.src.rpm Description: A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. Features: - DNS traffic encryption and authentication. Supports DNS-over-HTTPS (DoH) and DNSCrypt. - DNSSEC compatible - DNS query monitoring, with separate log files for regular and suspicious queries - Pattern-based local blocking of DNS names and IP addresses - Time-based filtering, with a flexible weekly schedule - Transparent redirection of specific domains to specific resolvers - DNS caching, to reduce latency and improve privacy - Local IPv6 blocking to reduce latency on IPv4-only networks - Load balancing: pick a set of resolvers, dnscrypt-proxy will automatically measure and keep track of their speed, and balance the traffic across the fastest available ones. - Cloaking: like a HOSTS file on steroids, that can return preconfigured addresses for specific names, or resolve and return the IP address of other names. This can be used for local development as well as to enforce safe search results on Google, Yahoo and Bing. - Automatic background updates of resolvers lists - Can force outgoing connections to use TCP; useful with tunnels such as Tor. Fedora Account System Username: eclipseo
This package is a re-review of dnscrypt-proxy from Fedora but designed only for EPEL7, in order to not introduce breaking change over dnscrypt-proxy 1. Koji build: https://koji.fedoraproject.org/koji/taskinfo?taskID=40789038
;; To create a file, visit it with C-x C-f and enter text in its buffer. Hello Robert-André Please check the following comments. 1. Man pages This package should contain a man page for "/usr/bin/dnscrypt-proxy". Please see https://docs.fedoraproject.org/en-US/packaging-guidelines/#_manpages help2man program is a good solution as you know. ``` $ help2man --no-discard-stderr -n dnscrypt-proxy2 /usr/bin/dnscrypt-proxy ``` 2. Naming This package can be set "Conflicts:" field if "dnscrypt-proxy2" is a forward compat package of "dnscrypt-proxy" because the EPEL GuidelinesAndPolicies says "it is okay to set a Conflicts between them". Please see: https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies#Conflicts_in_compat_packages Technically this package doesn't currently conflict with "dnscrypt-proxy" on EPEL7 because "dnscrypt-proxy" seems to contain "/usr/sbin/dnscrypt-proxy" instead of "/usr/bin/dnscrypt-proxy" https://centos.pkgs.org/7/epel-x86_64/dnscrypt-proxy-1.6.1-3.el7.x86_64.rpm.html Best Regards, Hirotaka Wakabayashi
Hello Robert-André Please update the verion from 2.0.36 to 2.0.39. https://github.com/DNSCrypt/dnscrypt-proxy/releases/tag/2.0.39 Thanks in advance, Hirotaka Wakabayashi
Hello, My first review is done about two weeks ago. I will review this again if I get any response from the packager.
New Spec URL: https://eclipseo.fedorapeople.org/for-review/dnscrypt-proxy2.spec New SRPM URL: https://eclipseo.fedorapeople.org/for-review/dnscrypt-proxy2-2.0.39-1.fc33.src.rpm
Hello Robert-André, Package Approved. Thanks for your updates and sorry for my late response. This packages will be better if it meets the following SHOULD items. https://docs.fedoraproject.org/en-US/packaging-guidelines/#_manpages https://docs.fedoraproject.org/en-US/packaging-guidelines/#_test_suites https://docs.fedoraproject.org/en-US/packaging-guidelines/Golang/#_running_the_unit_tests_gocheck I attaches the output of fedora review with my comments. ``` Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed Issues: ======= - If your application is a C or C++ application you must list a BuildRequires against gcc, gcc-c++ or clang. Note: No gcc, gcc-c++ or clang found in BuildRequires See: https://docs.fedoraproject.org/en-US/packaging-guidelines/C_and_C++/ - No %config files under /usr. Note: %config(noreplace) /usr/lib/systemd/system/dnscrypt-proxy.socket See: https://docs.fedoraproject.org/en-US/packaging- guidelines/#_configuration_files ===== MUST items ===== C/C++: [ ]: Package does not contain kernel modules. -> Pass [ ]: Package contains no static executables. -> Pass [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs. Generic: [ ]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. -> Pass [ ]: License field in the package spec file matches the actual license. Note: Cannot run licensecheck: Command 'licensecheck -r /var/lib/mock/fedora- rawhide-x86_64/root/builddir/build/BUILD/dnscrypt-proxy-2.0.39' returned non-zero exit status 2. -> Pass [ ]: License file installed when any subpackage combination is installed. -> Not applicable [ ]: Package requires other packages for directories it uses. Note: No known owner of /usr/share/selinux/packages/dnscrypt-proxy -> Pass [ ]: Package must own all directories that it creates. Note: Directories without known owners: /usr/share/selinux, /usr/share/selinux/packages/dnscrypt-proxy, /usr/share/selinux/packages -> Fail but no problem because this package requires selinux. [ ]: Package does not own files or directories owned by other packages. Note: Dirs in package are owned also by: /etc/dnscrypt-proxy(dnscrypt- proxy) -> No problem because dnscrypt-proxy will not be pushed to EPEL7 because of EPEL incompatible upgrades policy https://fedoraproject.org/wiki/EPEL_incompatible_upgrades_policy [ ]: %build honors applicable compiler flags or justifies otherwise. -> Pass [ ]: Package contains no bundled libraries without FPC exception. -> Pass [ ]: Changelog in prescribed format. -> Pass [ ]: Sources contain only permissible code or content. -> Pass [ ]: Package contains desktop file if it is a GUI application. -> Not applicable [ ]: Development files must be in a -devel package -> Not applicable [ ]: Package uses nothing in %doc for runtime. -> Pass [ ]: Package consistently uses macros (instead of hard-coded directory names). -> Pass [ ]: Package is named according to the Package Naming Guidelines. -> Pass [ ]: Package does not generate any conflict. -> Pass [ ]: Package obeys FHS, except libexecdir and /usr/target. -> Pass [ ]: If the package is a rename of another package, proper Obsoletes and Provides are present. -> Not applicable [ ]: Requires correct, justified where necessary. -> Pass [ ]: Spec file is legible and written in American English. -> Pass [ ]: Package contains systemd file(s) if in need. -> Pass [ ]: Useful -debuginfo package or justification otherwise. -> Pass [ ]: Package is not known to require an ExcludeArch tag. -> Pass [ ]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 30720 bytes in 2 files. -> Pass [ ]: Package complies to the Packaging Guidelines -> Fail because of Systemd BuildRequires matter but not a problem because systemd requires systemd-rpm-macros. [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: %config files are marked noreplace or the reason is justified. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: systemd_post is invoked in %post, systemd_preun in %preun, and systemd_postun in %postun for Systemd service files. Note: Systemd service file(s) in dnscrypt-proxy2 [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [ ]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. -> Not applicable [ ]: Final provides and requires are sane (see attachments). -> Pass [ ]: Package functions as described. -> Pass [ ]: Latest version is packaged. -> Pass [ ]: Package does not include license text files separate from upstream. -> Pass [ ]: Patches link to upstream bugs/comments/lists or are otherwise justified. -> Pass [ ]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. -> Not applicable. Upstream provides minisig signature instead of gnupg. [ ]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. -> Not applicable [ ]: %check is present and all tests pass. -> Fail See https://docs.fedoraproject.org/en-US/packaging-guidelines/#_test_suites See https://docs.fedoraproject.org/en-US/packaging-guidelines/Golang/#_running_the_unit_tests_gocheck [ ]: Packages should try to preserve timestamps of original installed files. -> Pass [ ]: Spec use %global instead of %define unless justified. Note: %define requiring justification: %define gobuild(o:) %{expand: -> Pass [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Fully versioned dependency in subpackages if applicable. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Package should compile and build into binary rpms on all supported architectures. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on debuginfo package(s). Note: No rpmlint messages. [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: dnscrypt-proxy2-2.0.39-1.fc33.x86_64.rpm dnscrypt-proxy2-debuginfo-2.0.39-1.fc33.x86_64.rpm dnscrypt-proxy2-debugsource-2.0.39-1.fc33.x86_64.rpm dnscrypt-proxy2-2.0.39-1.fc33.src.rpm dnscrypt-proxy2.x86_64: W: spelling-error %description -l en_US resolvers -> resolver, resolves, revolvers dnscrypt-proxy2.x86_64: W: spelling-error %description -l en_US preconfigured -> reconfigured, p reconfigured, reconfigure dnscrypt-proxy2.x86_64: W: non-etc-or-var-file-marked-as-conffile /usr/lib/systemd/system/dnscrypt-proxy.socket dnscrypt-proxy2.x86_64: W: no-manual-page-for-binary dnscrypt-proxy dnscrypt-proxy2.src: W: spelling-error %description -l en_US resolvers -> resolver, resolves, revolvers dnscrypt-proxy2.src: W: spelling-error %description -l en_US preconfigured -> reconfigured, p reconfigured, reconfigure 4 packages and 0 specfiles checked; 0 errors, 6 warnings. Rpmlint (debuginfo) ------------------- Checking: dnscrypt-proxy2-debuginfo-2.0.39-1.fc33.x86_64.rpm 1 packages and 0 specfiles checked; 0 errors, 0 warnings. Rpmlint (installed packages) ---------------------------- perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LC_CTYPE = "C.UTF-8", LANG = "en_US.UTF-8" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LC_CTYPE = "C.UTF-8", LANG = "en_US.UTF-8" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). dnscrypt-proxy2-debugsource.x86_64: W: invalid-url URL: https://github.com/jedisct1/dnscrypt-proxy <urlopen error [Errno -2] Name or service not known> dnscrypt-proxy2-debuginfo.x86_64: W: invalid-url URL: https://github.com/jedisct1/dnscrypt-proxy <urlopen error [Errno -2] Name or service not known> dnscrypt-proxy2.x86_64: W: spelling-error %description -l en_US resolvers -> resolver, resolves, revolvers dnscrypt-proxy2.x86_64: W: spelling-error %description -l en_US preconfigured -> reconfigured, p reconfigured, reconfigure dnscrypt-proxy2.x86_64: W: invalid-url URL: https://github.com/jedisct1/dnscrypt-proxy <urlopen error [Errno -2] Name or service not known> dnscrypt-proxy2.x86_64: W: non-etc-or-var-file-marked-as-conffile /usr/lib/systemd/system/dnscrypt-proxy.socket dnscrypt-proxy2.x86_64: W: no-manual-page-for-binary dnscrypt-proxy 3 packages and 0 specfiles checked; 0 errors, 7 warnings. Source checksums ---------------- https://github.com/jedisct1/dnscrypt-proxy/archive/2.0.39/dnscrypt-proxy-2.0.39.tar.gz : CHECKSUM(SHA256) this package : c943c74c0894bb51336529e733ca3811dffdb914a59b9707c63a327f2c8ff835 CHECKSUM(SHA256) upstream package : c943c74c0894bb51336529e733ca3811dffdb914a59b9707c63a327f2c8ff835 Requires -------- dnscrypt-proxy2 (rpmlib, GLIBC filtered): /bin/sh config(dnscrypt-proxy2) libc.so.6()(64bit) libpthread.so.0()(64bit) policycoreutils rtld(GNU_HASH) systemd dnscrypt-proxy2-debuginfo (rpmlib, GLIBC filtered): dnscrypt-proxy2-debugsource (rpmlib, GLIBC filtered): Provides -------- dnscrypt-proxy2: config(dnscrypt-proxy2) dnscrypt-proxy2 dnscrypt-proxy2(x86-64) dnscrypt-proxy2-debuginfo: debuginfo(build-id) dnscrypt-proxy2-debuginfo dnscrypt-proxy2-debuginfo(x86-64) dnscrypt-proxy2-debugsource: dnscrypt-proxy2-debugsource dnscrypt-proxy2-debugsource(x86-64) Generated by fedora-review 0.7.5 (5fa5b7e) last change: 2020-02-16 Command line :try-fedora-review -b 1793187 Buildroot used: fedora-rawhide-x86_64 Active plugins: Generic, Shell-api, C/C++ Disabled plugins: fonts, Python, SugarActivity, Perl, Java, Ruby, R, PHP, Haskell, Ocaml Disabled flags: EPEL6, EPEL7, DISTTAG, BATCH, EXARCH ``` Best Regards, Hirotaka Wakabayashi
(fedscm-admin): The Pagure repository was created at https://src.fedoraproject.org/rpms/dnscrypt-proxy2