On Tue, Jan 07, 2020 at 12:30:25PM +0000, Tom Hughes wrote: > On 07/01/2020 12:22, Miroslav Suchý wrote: > >Dne 07. 01. 20 v 12:41 Tom Hughes napsal(a): > >>The thing is that no matter how much you can manage to automate the > >>creation of spec files for a given ecosystem, and I've never seen one > >>where the typical spec file doesn't need some manual tweaking, you > >>are still going to hit the fundamental problem that those specs then > >>need to be reviewed. > > > >I disagree. > >Especially with libraries - be it python, gems... it can be very well automated without the need for review. > > Well that depends on the reason for the review, doesn't it? > > Just to take a few things, how does automation check that the license > declared in the upstream metadata is correct? or that the upstream > package is obeying FHS and not installing files in the wrong place? Yes, it does, or at least it should. This is the kind of thing that absolutely can be automated. For licensing in particular, we have machine-readable spdx tags on files, and automatic conversion of sdpx tags to Fedora tags. And language-specific packaging formats have a metadata field for the license field. If both those sources agree, then automation should be able to say that the license is correct with a very high degree of confidence. Automation is not going to catch every case, but neither would a human. And for FHS compliance, similar checks can be easily implemented. Fedora-review certainly does some. But if language-specific packaging framework provides a way to do installation automatically, then actually the chances of an upstream project inventing their own paths is diminished, so this should be less of an issue in the future. > I have extensive experience with npm and packaging Node.js libraries > in Fedora and even a well behaved upstream is rarely fully automatable > and many upstreams are not well behaved. No doubt. That's why I said elsewhere in the thread that automation is something that requires cooperation from both upstream and our side. Zbyszek _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
