Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=784156 --- Comment #15 from Steven Dake <sdake@xxxxxxxxxx> 2012-02-18 19:16:46 EST --- (In reply to comment #13) > (In reply to comment #11) > > Gal > > > > couple comments inline > > > > > > (In reply to comment #9) > > > I've been asked to publish a full review report. > > > > > > [PASS] MUST: rpmlint must be run on the source rpm and all binary rpms the > > > build produces. The output should be posted in the review. > > > > > > > The review process requires that the output of rpmlint on all binaries and > > source rpm files be posted in the review. > > > > > [PASS] MUST: The package must be named according to the Package Naming > > > Guidelines. > > > > > > [PASS] MUST: The spec file name must match the base package %{name}, in the > > > format %{name}.spec unless your package has an exemption. > > > > > > [PASS] MUST: The package must meet the Packaging Guidelines. > > > > > > [PASS] MUST: The package must be licensed with a Fedora approved license and > > > meet the Licensing Guidelines. > > > > > > [PASS] MUST: The License field in the package spec file must match the actual > > > license. > > > > > > [PASS] MUST: If (and only if) the source package includes the text of the > > > license(s) in its own file, then that file, containing the text of the > > > license(s) for the package must be included in %doc. > > > > > > > This is only done for the main package. It should be done for every package > > (devel, plugin-*, so this requirement FAILS. > > > > from > http://fedoraproject.org/wiki/Packaging:LicensingGuidelines#Subpackage_Licensing: > "If a subpackage is dependent (either implicitly or explicitly) upon a base > package (where a base package is defined as a resulting binary package from the > same source RPM which contains the appropriate license texts as %doc), it is > not necessary for that subpackage to also include those license texts as %doc." > > The -devel package is depending on the main uwsgi package, and all -plugin > packages depend on -plugin-common, which depends on the main uwsgi package. > Thanks your right - learning experience for everyone ;) > > > [PASS] MUST: The spec file must be written in American English. > > > > > > [PASS] MUST: The spec file for the package MUST be legible. > > > > > > [PASS] MUST: The sources used to build the package must match the upstream > > > source, as provided in the spec URL. Reviewers should use md5sum for this task. > > > If no upstream URL can be specified for this package, please see the Source URL > > > Guidelines for how to deal with this. > > > > > > > Typically you would show the sha256sum in the review. For example: > > [root@beast SOURCES]# sha256sum uwsgi-1.0.2.1.tar.gz > > 78280b57a970db7842e4481f8b00f13d011f27b340c869dc1ad28d564d716439 > > uwsgi-1.0.2.1.tar.gz > > [root@beast SPECS]# wget > > http://projects.unbit.it/downloads/uwsgi-1.0.2.1.tar.gz > > --2012-02-14 09:06:35-- > > http://projects.unbit.it/downloads/uwsgi-1.0.2.1.tar.gz > > Resolving projects.unbit.it... 81.174.68.52 > > Connecting to projects.unbit.it|81.174.68.52|:80... connected. > > HTTP request sent, awaiting response... 200 OK > > Length: 465250 (454K) [application/x-gzip] > > Saving to: “uwsgi-1.0.2.1.tar.gz” > > > > 100%[======================================>] 465,250 93.5K/s in 5.9s > > > > 2012-02-14 09:06:41 (76.9 KB/s) - “uwsgi-1.0.2.1.tar.gz” saved [465250/465250] > > > > [root@beast SPECS]# sha256sum uwsgi-1.0.2.1.tar.gz > > 78280b57a970db7842e4481f8b00f13d011f27b340c869dc1ad28d564d716439 > > uwsgi-1.0.2.1.tar.gz > > > > > > > [PASS] MUST: The package MUST successfully compile and build into binary rpms > > > on at least one primary architecture. > > > > > > [IRRELEVANT] MUST: If the package does not successfully compile, build or work > > > on an architecture, then those architectures should be listed in the spec in > > > ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in > > > bugzilla, describing the reason that the package does not compile/build/work on > > > that architecture. The bug number MUST be placed in a comment, next to the > > > corresponding ExcludeArch line. > > > > > > [PASS] MUST: All build dependencies must be listed in BuildRequires, except for > > > any that are listed in the exceptions section of the Packaging Guidelines ; > > > inclusion of those as BuildRequires is optional. Apply common sense. > > > > > > [IRRELEVANT] MUST: The spec file MUST handle locales properly. This is done by > > > using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden. > > > > > > [IRRELEVANT] MUST: Every binary RPM package (or subpackage) which stores shared > > > library files (not just symlinks) in any of the dynamic linker's default paths, > > > must call ldconfig in %post and %postun. > > > > rather then irrelevant, NA (not applicable) makes more sense here. > > > > > > [PASS] MUST: Packages must NOT bundle copies of system libraries. > > > > > > [IRRELEVANT] MUST: If the package is designed to be relocatable, the packager > > > must state this fact in the request for review, along with the rationalization > > > for relocation of that specific package. Without this, use of Prefix: /usr is > > > considered a blocker. > > > > > > [PASS] MUST: A package must own all directories that it creates. If it does not > > > create a directory that it uses, then it should require a package which does > > > create that directory. > > > > > > > are you sure about this? %{_libdir}/%name doesn't appear to be owned by any > > package although it is used by a variety of packages. A recommendation on what > > package should own this directory would be helpful for the packager as well. > > > > I'm a bit confused here, I agree %{_libdir}/%{name} should be owned by some > package (most likely -plugins-common) but I am not sure how to include that dir > and *not* including the rest of the .so files within. If I do this in the spec: > > %files -n %{name}-plugin-common > %doc ChangeLog LICENSE README > %{_libdir}/%{name} > %{_libdir}/%{name}/cache_plugin.so > %{_libdir}/%{name}/cgi_plugin.so > %{_libdir}/%{name}/rpc_plugin.so > %{_libdir}/%{name}/ugreen_plugin.so > > It includes %{_libdir}/%{name} and *.so right in the first entry. Any clues how > to do this? > try %dir %{_libdir}/%name > > > [PASS] MUST: A Fedora package must not list a file more than once in the spec > > > file's %files listings. (Notable exception: license texts in specific > > > situations) > > > > > > [PASS] MUST: Permissions on files must be set properly. Executables should be > > > set with executable permissions, for example. > > > > > > [PASS] MUST: Each package must consistently use macros. > > > > > > [PASS] MUST: The package must contain code, or permissable content. > > > > > > [IRRELEVANT] MUST: Large documentation files must go in a -doc subpackage. (The > > > definition of large is left up to the packager's best judgement, but is not > > > restricted to size. Large can refer to either size or quantity). [18] > > > MUST: If a package includes something as %doc, it must not affect the runtime > > > of the application. To summarize: If it is in %doc, the program must run > > > properly if it is not present. > > > > > > [IRRELEVANT] MUST: Static libraries must be in a -static package. > > > > > > [PASS] MUST: Development files must be in a -devel package. [20] > > > MUST: In the vast majority of cases, devel packages must require the base > > > package using a fully versioned dependency: Requires: %{name}%{?_isa} = > > > %{version}-%{release} > > > > > > [PASS] MUST: Packages must NOT contain any .la libtool archives, these must be > > > removed in the spec if they are built. > > > > > > [IRRELEVANT] MUST: Packages containing GUI applications must include a > > > %{name}.desktop file, and that file must be properly installed with > > > desktop-file-install in the %install section. If you feel that your packaged > > > GUI application does not need a .desktop file, you must put a comment in the > > > spec file with your explanation. > > > > > > [PASS] MUST: Packages must not own files or directories already owned by other > > > packages. The rule of thumb here is that the first package to be installed > > > should own the files or directories that other packages may rely upon. This > > > means, for example, that no package in Fedora should ever share ownership with > > > any of the files or directories owned by the filesystem or man package. If you > > > feel that you have a good reason to own a file or directory that another > > > package owns, then please present that at package review time. [23] > > > > > > [PASS] MUST: All filenames in rpm packages must be valid UTF-8. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review