Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: maven2-2.0.4-10jpp.3 - Java project management and project comprehension tool https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232719 ------- Additional Comments From mwringe@xxxxxxxxxx 2007-03-16 20:32 EST ------- MUST: * package is named appropriately - match upstream tarball or project name OK, upstream just calls it Maven, but this pacakge needs to be named differently due to it being incompatible with the older maven1 project. - try to match previous incarnations in other distributions/packagers for consistency OK - specfile should be %{name}.spec OK - non-numeric characters should only be used in Release (ie. cvs or something) - for non-numerics (pre-release, CVS snapshots, etc.), see http://fedoraproject.org/wiki/Packaging/NamingGuidelines#PackageRelease - if case sensitivity is requested by upstream or you feel it should be not just lowercase, do so; otherwise, use all lower case for the name * is it legal for Fedora to distribute this? - OSI-approved OK, license is Apache - not a kernel module OK - not shareware OK - is it covered by patents? Not that I am aware of - it *probably* shouldn't be an emulator OK - no binary firmware OK * license field matches the actual license. OK, it appears that all the sources are Apache licensed * license is open source-compatible. - use acronyms for licences where common * specfile name matches %{name} OK * verify source and patches (md5sum matches upstream, know what the patches do) - if upstream doesn't release source drops, put *clear* instructions on how to generate the the source drop; ie. # svn export blah/tag blah # tar cjf blah-version-src.tar.bz2 blah X no instructions on how to recreate m2_jar_repo.tar.gz X no instructions on how to recreate m2_jar_repo.tar.gz * skim the summary and description for typos, etc. OK * correct buildroot - should be: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) OK * if %{?dist} is used, it should be in that form (note the ? and % locations) OK * license text included in package and marked with %doc X license missing from packages: maven2 and the plugin packages * keep old changelog entries; use judgement when removing (too old? useless?) OK * packages meets FHS (http://www.pathname.com/fhs/) OK, they seem to put everything in the right places * rpmlint on <this package>.srpm gives no output rpmlint maven2-2.0.4-10jpp.3.src.rpm W: maven2 non-standard-group Development/Build Tools OK.The group warning can be ignored * changelog should be in the proper format OK * Packager, Vendor, and Distribution tags should not be used OK * use License and not Copyright OK * Summary tag should not end in a period OK * if possible, replace PreReq with Requires(pre) and/or Requires(post) OK * specfile is legible OK. For the length and complexity, it is very well laid out * package successfully compiles and builds on at least x86 * BuildRequires are proper - builds in mock will flush out problems here OK, builds in mock - the following packages don't need to be listed in BuildRequires: bash bzip2 coreutils cpio diffutils fedora-release (and/or redhat-release) gcc gcc-c++ gzip make patch perl redhat-rpm-config rpm-build sed tar unzip which OK * summary should be a short and concise description of the package OK * description expands upon summary (don't include installation instructions) X the main package's description does, but the plugins description is just the summary. * make sure description lines are <= 80 characters OK * specfile written in American English OK * make a -doc sub-package if necessary - see http://fedoraproject.org/wiki/Packaging/Guidelines#head-9bbfa57478f0460c6160947a6bf795249488182b OK, javadoc and manual subprojects for main maven2 package. Should there be javadocs for the plugins? * packages including libraries should exclude static libraries if possible * don't use rpath OK * config files should usually be marked with %config(noreplace) X Doesn't maven2 have any config files? * GUI apps should contain .desktop files OK, not a GUI app * should the package contain a -devel sub-package? OK, I don't think it should have one * use macros appropriately and consistently - ie. %{buildroot} and %{optflags} vs. $RPM_BUILD_ROOT and $RPM_OPT_FLAGS OK * don't use %makeinstall OK * locale data handling correct (find_lang) - if translations included, add BR: gettext and use %find_lang %{name} at the end of %install * consider using cp -p to preserve timestamps X the -p is not used anywhere in %prep section * split Requires(pre,post) into two separate lines OK * package should probably not be relocatable OK * package contains code - see http://fedoraproject.org/wiki/Packaging/Guidelines#CodeVsContent - in general, there should be no offensive content OK * package should own all directories and files * there should be no %files duplicates * file permissions should be okay; %defattrs should be present OK * %clean should be present OK * %doc files should not affect runtime * if it is a web apps, it should be in /usr/share/%{name} and *not* /var/www * verify the final provides and requires of the binary RPMs * run rpmlint on the binary RPMs maven2-2.0.4-10jpp.3.fc7.x86_64.rpm W: maven2 non-standard-group Development/Build Tools Ok, can ignore group warnings W: maven2 incoherent-version-in-changelog 2.0.4-10jpp.3 0:2.0.4-10jpp.3.fc7 X is this caused by the epoch or the dist? W: maven2 no-documentation X Shouldn't there be at least some licensing documentation? W: maven2 dangling-symlink /usr/share/java/maven2/plugins /usr/share/maven2/plugins W: maven2 symlink-should-be-relative /usr/share/java/maven2/plugins /usr/share/maven2/plugins W: maven2 dangling-symlink /usr/share/maven2/repository/JPP /usr/share/java W: maven2 symlink-should-be-relative /usr/share/maven2/repository/JPP /usr/share/java W: maven2 symlink-should-be-relative /usr/share/java/maven2/poms /usr/share/maven2/poms X Can the above symlinks be fixed? W: maven2 non-conffile-in-etc /etc/maven/fragments/maven2 X this should be marked as a conf file (%conf) W: maven2 dangerous-command-in-%preun rm X can this command be removed? W: maven2 uncompressed-zip /usr/share/java/maven2/empty-dep.jar I would say this is safe to ignore maven2-debuginfo-2.0.4-10jpp.3.fc7.x86_64.rpm maven2-javadoc-2.0.4-10jpp.3.fc7.x86_64.rpm W: maven2-javadoc non-standard-group Development/Documentation OK, group warnings can be ignored maven2-manual-2.0.4-10jpp.3.fc7.x86_64.rpm W: maven2-manual non-standard-group Development/Documentation OK, group warnings can be ignored Due to the large size of the rpmlint output, I will be attaching as a separate file for the plugins. Notes of interest: - the groups warnings can be ignored - Shouldn't these plugins have license docs somewhere? SHOULD: * package should include license text in the package and mark it with %doc X licenses missing from file set * package should build on i386 OK * package should build in mock OK -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug, or are watching the QA contact. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review