[Bug 916405] Review Request: php-Assetic - Asset Management for PHP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Product: Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=916405

--- Comment #8 from Shawn Iwinski <shawn.iwinski@xxxxxxxxx> ---
Spec changes:
https://github.com/siwinski/rpms/commit/51dc9bc48668a4482d16b49e300c34cd2ecc99b8


SPEC URL: http://siwinski.fedorapeople.org/rpmbuild/SPECS/php-Assetic.spec

SRPM URL:
http://siwinski.fedorapeople.org/rpmbuild/SRPMS/php-Assetic-1.1.0-0.2.alpha4.fc18.src.rpm



(In reply to comment #7)
> No blocker, but
> 
> [!]: Latest version is packaged.
> 	1.0.4 is tagged.

Drupal 8 (future package I am working on) requires version 1.1.*.  I just
updated the package from v1.1.0-alpha3 to v1.1.0-alpha4.


> Why do you take a github snapshot, when upstream properly tag each release
> and provides a tarball ?
> 
> From guidelines https://fedoraproject.org/wiki/Packaging:SourceURL#Github
> 	"If the upstream does create tarballs you should use them as tarballs
> 	provide an easier trail for people auditing the packages."
> 
> Ex : https://github.com/kriswallsmith/assetic/archive/v1.1.0-alpha4.tar.gz

>From the same guidelines:
"For a number of reasons (immutability, availability, uniqueness), you must use
the full commit revision hash when referring to the sources.

The full 40-character hash can be copied from the github web interface at
​https://github.com/$OWNER/$PROJECT/tags or by cloning the repository and using
git rev-parse $TAG"

I read that as we must use the full commit hash for sources rather than the
tag.


> [!]: Requires correct, justified where necessary.
> 	Where do you find info about the twig / symfony min / max version ?

>From the composer.json file --
https://github.com/kriswallsmith/assetic/blob/v1.1.0-alpha4/composer.json

"symfony/process": ">=2.1.0,<2.3-dev"
"twig/twig": ">=1.6.0,<2.0"

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=c5Kh7ZeFUb&a=cc_unsubscribe
_______________________________________________
package-review mailing list
package-review@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/package-review
[Index of Archives]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]