https://bugzilla.redhat.com/show_bug.cgi?id=970285 --- Comment #9 from gil cattaneo <puntogil@xxxxxxxxx> --- (In reply to Jerry James from comment #7) > Package Review > ============== > > Issues: > 1. Most of the sources are covered under ASL 2.0, but note that > core/src/main/java/org/apache/shiro/codec/H64.java says that the > apr_md5_encode() routine uses FreeBSD crypt() code, which is covered by > the > Beerware license (https://fedoraproject.org/wiki/Licensing/Beerware). > Should the license be "ASL 2.0 and Beerware"? Done > 2. The top-level NOTICE file says: > > Certain parts (StringUtils etc.) of the source code for this > product was copied for simplicity and to reduce dependencies > from the source code developed by the Spring Framework Project > (http://www.springframework.org). > > Do you know the extent to which such copying was done? Unfortunately these are older versions of SF, the code in question has also undergone changes that make it impractical to use the original classes > Does this package need to unbundle some code, or add a bundled(foo) tag? Done > 3. This is a SHOULD, not a MUST, but some files could keep their timestamps > that currently don't. For example, this line in %install: > > sed 's/\r//' -i LICENSE RELEASE-NOTES > > could be done like this instead to preserve timestamps: > > for fil in LICENSE RELEASE-NOTES; do > sed 's/\r//' -i.orig $fil > touch -r $fil.orig $fil > rm -f $fil.orig > done Fixed > 4. Speaking of that, README also has the wrong end-of-line encoding. Done Spec URL: http://gil.fedorapeople.org/shiro.spec SRPM URL: http://gil.fedorapeople.org/shiro-1.2.4-2.fc22.src.rpm -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review