On 11/18/2013 01:54 PM, Kevin Fenzi wrote:
Here's attached another run of my sources/patches url checker.
Please fix any packages you are responsible for in rawhide, and other
branches as other changes permit.
- This run was done on a Fedora 20 instance, so hopefully many of the
false positives due to old tools from the last run are gone.
- I didn't explicitly mention it last time, but you can find the output
of the script for your package at:
http://www.scrye.com/~kevin/fedora/sourcecheck-20131117/$packagename-dl.txt
This should help determine what the script saw that caused it to list
your package.
- The script simply checks has a checkout of your package and runs
'spectool -g packagename.spec' on it. Then it checks the md5sum of
anything in sources file against those downloaded sources.
- There are 1870 lines in this run. Down from 3067 last run.
(Likely due to reducing false positives due to old spectool)
700 sourcecheck-20070826.txt
620 sourcecheck-20070917.txt
561 sourcecheck-20071017.txt
775 sourcecheck-20080206.txt
685 sourcecheck-20080214.txt
674 sourcecheck-20080301.txt
666 sourcecheck-20080401.txt
660 sourcecheck-20080501.txt
642 sourcecheck-20080603.txt
649 sourcecheck-20080705.txt
662 sourcecheck-20080801.txt
912 sourcecheck-20081114.txt
884 sourcecheck-20090215.txt
1060 sourcecheck-20090810.txt
932 sourcecheck-20091101.txt
932 sourcecheck-20091104.txt
1612 sourcecheck-20100105.txt
1391 sourcecheck-20100106.txt
1007 sourcecheck-20100531.txt
3067 sourcecheck-20130930.txt
1870 sourcecheck-20131117.txt
You can find the results file at:
http://www.scrye.com/~kevin/fedora/sourcecheck/sourcecheck-20131117.txt
And also attached to this mail.
Lines in the output are of three forms:
- BADURL:base-file-name:$PACKAGENAME
This means that the URI provided in the Source(s) line didn't result in
a download of the source. This could be any of: URL changed, version
changed and URL wasn't updated, Site is down, Site is gone, etc.
Also there are a number of packages with incorrect sourceforge links.
(BTW, there are still some packages with ftp://people.redhat.com/
URLs).
- BADSOURCE:$SOURCENAME:$PACKAGENAME
This means that the source was downloaded ok from the upstream site,
but doesn't match the md5sum given in the sources file.
This could be due to needing to strip out content that fedora cannot
ship (but in that case you shouldn't have the full URI in the Source
line). Or upstream following poor release practices and updating
without changing their release.
- BAD_CVS_SOURCE:$SOURCENAME:$PACKAGENAME
This means that the file was downloaded from the URI given, and the
md5sum did not match the file thats present in git (not the lookaside).
This might be due to timestamps, or any of the above reasons.
kevin
--
Hi Kevin,
What should I do with this [*]? Report upstream?
I can successfully download the tarball from Firefox, but using spectool
gives that error.
Thanks,
Germán.
[*]
Getting http://www.pekwm.org/projects/pekwm/files/pekwm-0.1.17.tar.bz2
to ./pekwm-0.1.17.tar.bz2
% Total % Received % Xferd Average Speed Time Time Time
Current
Dload Upload Total Spent Left
Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:--
--:--:-- 0
100 160 100 160 0 0 196 0 --:--:-- --:--:-- --:--:--
196
100 160 100 160 0 0 196 0 --:--:-- --:--:-- --:--:--
196
curl: (60) Peer's Certificate issuer is not recognized.
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
--
Germán A. Racca
Fedora Package Maintainer
https://fedoraproject.org/wiki/User:Skytux
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
