Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=784156 --- Comment #11 from Steven Dake <sdake@xxxxxxxxxx> 2012-02-14 11:13:46 EST --- Gal couple comments inline (In reply to comment #9) > I've been asked to publish a full review report. > > [PASS] MUST: rpmlint must be run on the source rpm and all binary rpms the > build produces. The output should be posted in the review. > The review process requires that the output of rpmlint on all binaries and source rpm files be posted in the review. > [PASS] MUST: The package must be named according to the Package Naming > Guidelines. > > [PASS] MUST: The spec file name must match the base package %{name}, in the > format %{name}.spec unless your package has an exemption. > > [PASS] MUST: The package must meet the Packaging Guidelines. > > [PASS] MUST: The package must be licensed with a Fedora approved license and > meet the Licensing Guidelines. > > [PASS] MUST: The License field in the package spec file must match the actual > license. > > [PASS] MUST: If (and only if) the source package includes the text of the > license(s) in its own file, then that file, containing the text of the > license(s) for the package must be included in %doc. > This is only done for the main package. It should be done for every package (devel, plugin-*, so this requirement FAILS. > [PASS] MUST: The spec file must be written in American English. > > [PASS] MUST: The spec file for the package MUST be legible. > > [PASS] MUST: The sources used to build the package must match the upstream > source, as provided in the spec URL. Reviewers should use md5sum for this task. > If no upstream URL can be specified for this package, please see the Source URL > Guidelines for how to deal with this. > Typically you would show the sha256sum in the review. For example: [root@beast SOURCES]# sha256sum uwsgi-1.0.2.1.tar.gz 78280b57a970db7842e4481f8b00f13d011f27b340c869dc1ad28d564d716439 uwsgi-1.0.2.1.tar.gz [root@beast SPECS]# wget http://projects.unbit.it/downloads/uwsgi-1.0.2.1.tar.gz --2012-02-14 09:06:35-- http://projects.unbit.it/downloads/uwsgi-1.0.2.1.tar.gz Resolving projects.unbit.it... 81.174.68.52 Connecting to projects.unbit.it|81.174.68.52|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 465250 (454K) [application/x-gzip] Saving to: “uwsgi-1.0.2.1.tar.gz” 100%[======================================>] 465,250 93.5K/s in 5.9s 2012-02-14 09:06:41 (76.9 KB/s) - “uwsgi-1.0.2.1.tar.gz” saved [465250/465250] [root@beast SPECS]# sha256sum uwsgi-1.0.2.1.tar.gz 78280b57a970db7842e4481f8b00f13d011f27b340c869dc1ad28d564d716439 uwsgi-1.0.2.1.tar.gz > [PASS] MUST: The package MUST successfully compile and build into binary rpms > on at least one primary architecture. > > [IRRELEVANT] MUST: If the package does not successfully compile, build or work > on an architecture, then those architectures should be listed in the spec in > ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in > bugzilla, describing the reason that the package does not compile/build/work on > that architecture. The bug number MUST be placed in a comment, next to the > corresponding ExcludeArch line. > > [PASS] MUST: All build dependencies must be listed in BuildRequires, except for > any that are listed in the exceptions section of the Packaging Guidelines ; > inclusion of those as BuildRequires is optional. Apply common sense. > > [IRRELEVANT] MUST: The spec file MUST handle locales properly. This is done by > using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden. > > [IRRELEVANT] MUST: Every binary RPM package (or subpackage) which stores shared > library files (not just symlinks) in any of the dynamic linker's default paths, > must call ldconfig in %post and %postun. rather then irrelevant, NA (not applicable) makes more sense here. > > [PASS] MUST: Packages must NOT bundle copies of system libraries. > > [IRRELEVANT] MUST: If the package is designed to be relocatable, the packager > must state this fact in the request for review, along with the rationalization > for relocation of that specific package. Without this, use of Prefix: /usr is > considered a blocker. > > [PASS] MUST: A package must own all directories that it creates. If it does not > create a directory that it uses, then it should require a package which does > create that directory. > are you sure about this? %{_libdir}/%name doesn't appear to be owned by any package although it is used by a variety of packages. A recommendation on what package should own this directory would be helpful for the packager as well. > [PASS] MUST: A Fedora package must not list a file more than once in the spec > file's %files listings. (Notable exception: license texts in specific > situations) > > [PASS] MUST: Permissions on files must be set properly. Executables should be > set with executable permissions, for example. > > [PASS] MUST: Each package must consistently use macros. > > [PASS] MUST: The package must contain code, or permissable content. > > [IRRELEVANT] MUST: Large documentation files must go in a -doc subpackage. (The > definition of large is left up to the packager's best judgement, but is not > restricted to size. Large can refer to either size or quantity). [18] > MUST: If a package includes something as %doc, it must not affect the runtime > of the application. To summarize: If it is in %doc, the program must run > properly if it is not present. > > [IRRELEVANT] MUST: Static libraries must be in a -static package. > > [PASS] MUST: Development files must be in a -devel package. [20] > MUST: In the vast majority of cases, devel packages must require the base > package using a fully versioned dependency: Requires: %{name}%{?_isa} = > %{version}-%{release} > > [PASS] MUST: Packages must NOT contain any .la libtool archives, these must be > removed in the spec if they are built. > > [IRRELEVANT] MUST: Packages containing GUI applications must include a > %{name}.desktop file, and that file must be properly installed with > desktop-file-install in the %install section. If you feel that your packaged > GUI application does not need a .desktop file, you must put a comment in the > spec file with your explanation. > > [PASS] MUST: Packages must not own files or directories already owned by other > packages. The rule of thumb here is that the first package to be installed > should own the files or directories that other packages may rely upon. This > means, for example, that no package in Fedora should ever share ownership with > any of the files or directories owned by the filesystem or man package. If you > feel that you have a good reason to own a file or directory that another > package owns, then please present that at package review time. [23] > > [PASS] MUST: All filenames in rpm packages must be valid UTF-8. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review