Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=225888 Stanislav Ochotnicky <sochotni@xxxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED --- Comment #2 from Stanislav Ochotnicky <sochotni@xxxxxxxxxx> 2010-12-22 09:08:37 EST --- Package Review ============== Key: - = N/A x = Check ! = Problem ? = Not evaluated === REQUIRED ITEMS === [!] Rpmlint output: hsqldb.noarch: W: name-repeated-in-summary C Hsqldb * I guess make it a bit different :-) hsqldb.noarch: W: spelling-error %description -l en_US servlets -> servants, serviettes, serviette * no problem hsqldb.noarch: W: non-standard-group Development/Java * Applications/Databases I guess? hsqldb.noarch: W: non-conffile-in-etc /etc/maven/fragments/hsqldb * no problem hsqldb.noarch: E: non-readable /var/lib/hsqldb/sqltool.rc 0600L * I guess this is supposed to be like that to allow only hsqldb user to do things. A bit of verification woul be great though hsqldb.noarch: W: non-conffile-in-etc /etc/sysconfig/hsqldb * Make it into %(config) hsqldb.noarch: W: no-manual-page-for-binary hsqldbRunUtil * Would be great to have it... hsqldb.noarch: W: dangerous-command-in-%post rm hsqldb.noarch: W: dangerous-command-in-%preun rm * I prefer to have dangling symlinks, but it's up to you hsqldb.noarch: E: postin-without-chkconfig /etc/rc.d/init.d/hsqldb hsqldb.noarch: E: preun-without-chkconfig /etc/rc.d/init.d/hsqldb hsqldb.noarch: W: service-default-enabled /etc/rc.d/init.d/hsqldb hsqldb.noarch: W: service-default-enabled /etc/rc.d/init.d/hsqldb hsqldb.noarch: W: no-reload-entry /etc/rc.d/init.d/hsqldb hsqldb.noarch: E: subsys-not-used /etc/rc.d/init.d/hsqldb * Whole init system needs looking into. Perhaps even creating systemd units etc. hsqldb.src: W: strange-permission hsqldb-1.8.0-standard.cfg 0755L * should probably be 644 hsqldb.src:214: W: macro-in-comment %{_sbindir} hsqldb.src:214: W: macro-in-comment %{name} hsqldb.src:215: W: macro-in-comment %{_sbindir} hsqldb.src:215: W: macro-in-comment %{name} * remove commented code, we have git history to deal with things like that now :-) hsqldb.src:47: W: mixed-use-of-spaces-and-tabs (spaces: line 47, tab: line 31) * choose one and stick with it hsqldb.src: W: invalid-url Source0: hsqldb_1_8_0_10.zip * I believe this should be proper URL as is in the comment above Source0 hsqldb-demo.noarch: W: non-standard-group Development/Java * Documentation ? hsqldb-demo.noarch: W: no-documentation * no problem hsqldb-javadoc.noarch: W: non-standard-group Development/Java hsqldb-manual.noarch: W: non-standard-group Development/Java * Documentation hsqldb-javadoc.noarch: W: wrong-file-end-of-line-encoding /usr/share/javadoc/hsqldb-1.8.0.10/hsqldbstylesheet.css hsqldb-manual.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/hsqldb-1.8.0.10/changelist_1_7_2.txt hsqldb-manual.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/hsqldb-1.8.0.10/changelog_1_7_1.txt hsqldb-manual.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/hsqldb-1.8.0.10/changelist_1_7_3.txt hsqldb-manual.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/hsqldb-1.8.0.10/hypersonic_lic.txt hsqldb-manual.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/hsqldb-1.8.0.10/changelist_1_8_0.txt hsqldb-manual.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/hsqldb-1.8.0.10/readme-docauthors.txt hsqldb-manual.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/hsqldb-1.8.0.10/databaseinjar.txt hsqldb-manual.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/hsqldb-1.8.0.10/changelog_1_8_0.txt hsqldb-manual.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/hsqldb-1.8.0.10/changelog_1_7_2.txt Should be fixed with sed in prep 5 packages and 0 specfiles checked; 4 errors, 35 warnings. [x] Package is named according to the Package Naming Guidelines[1]. [x] Spec file name must match the base package name, in the format %{name}.spec. [x] Package meets the Packaging Guidelines[2]. [x] Package successfully compiles and builds into binary rpms. [x] Buildroot definition is not present [x] Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines[3,4]. [x] License field in the package spec file matches the actual license. License type: BSD [x] If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [!] All independent sub-packages have license of their own Javadoc subpackage should include license as should manual subpackage. [x] Spec file is legible and written in American English. [x] Sources used to build the package matches the upstream source, as provided in the spec URL. MD5SUM this package : 17410483b5b5f267aa18b7e00b65e6e0 [!] All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines[5]. I see no reason to have coreutils/shadow-utils in Requires. Also if you decide to move symlink generation from post/postun to build phase you can remove Requires(post) on servlet25 [x] Package must own all directories that it creates. [x] Package requires other packages for directories it uses. [x] Package does not contain duplicates in %files. [!] Permissions on files are set properly. %attr(0755,hsqldb,hsqldb) %{_localstatedir}/lib/%{name}/data - this world readable setting seems like a unnecessary security "risk" at first glance. Some of other custom attrs can be also removed (644 ones). [!] Package does NOT have a %clean section which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). (not needed anymore) * can be removed [!] Package consistently uses macros (no %{buildroot} and $RPM_BUILD_ROOT mixing) * please use one or the other (maven metadata has buildroot macro) [!] Package contains code, or permissable content. [!] Fully versioned dependency in subpackages, if present. [-] Package contains a properly installed %{name}.desktop file if it is a GUI application. [x] Package does not own files or directories owned by other packages. [x] Javadoc documentation files are generated and included in -javadoc subpackage [!] Javadocs are placed in %{_javadocdir}/%{name} (no -%{version} symlinks) [x] Packages have proper BuildRequires/Requires on jpackage-utils [!] Javadoc subpackages have Require: jpackage-utils Please add it [!] Package uses %global not %define [-] If package uses tarball from VCS include comment how to re-create that tarball (svn export URL, git clone URL, ...) [x] If source tarball includes bundled jar/class files these need to be removed prior to building "-exec rm -f {} \;" can be replaced with "-delete" though. [x] All filenames in rpm packages must be valid UTF-8. [!] Jar files are installed to %{_javadir}/%{name}.jar (see [6] for details) [x] If package contains pom.xml files install it (including depmaps) even when building with ant [x] pom files has correct add_to_maven_depmap call which resolves to the pom file (use "JPP." and "JPP-" correctly) === Maven === [x] Use %{_mavenpomdir} macro for placing pom files instead of %{_datadir}/maven2/poms [-] If package uses "-Dmaven.test.skip=true" explain why it was needed in a comment [-] If package uses custom depmap "-Dmaven2.jpp.depmap.file=*" explain why it's needed in a comment [x] Package uses %update_maven_depmap in %post/%postun [x] Packages have Requires(post) and Requires(postun) on jpackage-utils (for %update_maven_depmap macro) === Other suggestions === [x] If possible use upstream build method (maven/ant/javac) [x] Avoid having BuildRequires on exact NVR unless necessary [x] Package has BuildArch: noarch (if possible) [!] Latest version is packaged. 1.8.1.3 is latest 1.8.x upstream version (there is 2.0 too) [x] Reviewer should test that the package builds in mock. Tested on: fedora-x86_64-rawhide === Other Issues === 1. I don't understand need for manually unzipping in beginning of %prep 2. Patches should have comments about reasons and upstreamability [1] https://fedoraproject.org/wiki/Packaging:NamingGuidelines [2] https://fedoraproject.org/wiki/Packaging:Guidelines [3] https://fedoraproject.org/wiki/Packaging:LicensingGuidelines [4] https://fedoraproject.org/wiki/Licensing:Main [5] https://fedoraproject.org/wiki/Packaging/Guidelines#Exceptions_2 [6] https://fedoraproject.org/wiki/Packaging:Java#Filenames -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review