[Bug 1448557] Review Request: hidviz - A tool for in-depth analysis of USB HID devices communication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.redhat.com/show_bug.cgi?id=1448557

Jaroslav Škarvada <jskarvad@xxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|needinfo?(jskarvad@redhat.c |
                   |om)                         |



--- Comment #17 from Jaroslav Škarvada <jskarvad@xxxxxxxxxx> ---
(In reply to Zdenek Dohnal from comment #16)
Thanks for the review, comments follow inline.

> Issues:
> =======
> - All build dependencies are listed in BuildRequires, except for any that
>   are listed in the exceptions section of Packaging Guidelines.
>   Note: These BR are not needed: gcc-c++
>   See: http://fedoraproject.org/wiki/Packaging/Guidelines#Exceptions_2

Incorrect, this was changed, all deps have to be explicitly listed, there are
no exceptions.
https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2

> - .so files must be either versioned and then be in -libs subpackage and
> that subpackage must have %post+%postun scriplets with '/sbin/ldconfig' and
> . Or unversioned .so files must be in -devel subpackage.

This is non public library, it doesn't need to be versioned, but versioning
would be nice.

https://fedoraproject.org/wiki/Packaging:Guidelines#Downstream_.so_name_versioning

> - missing licenses in spec - there must be all licenses used in package

IMHO there is no license conflict, the resulting package can be released under
GPLv3+ as upstream states.

> - package must own directories - /usr/share/icons/hicolor/128x128/apps,
>   /usr/share/icons/hicolor/128x128

I think it should be owned by filesystem, but I am going to fix it.

> - libhidx_server_daemon must be in %{_libexecdir}/%{name} directory - if
> daemon is meant to run by system rather than by user

This is not mandatory:
"Packagers are highly encouraged to store libexecdir files in a
package-specific subdirectory..."

https://fedoraproject.org/wiki/Packaging:Guidelines#Libexecdir

It will be nice to have it in subdir, please file RFE upstream (or I can do
it).

> - you should use %{name} instead hidviz in paths

Really minor and depends on personal taste.

> - package contains *daemon executable - could it run as service in systemd?

It is not meant to to be run as a system service.

> - convert function can be in %install scriptlet - I think it makes more sense
>   to have it in same place with 'install' command

It depends on the point of view, it's creating source file which is not
currently present in the tarball. But it's minor, I can change it.

> 
> 
> ===== MUST items =====
> 
> C/C++:
> [x]: Package does not contain kernel modules.
> [x]: Package contains no static executables.
> [!]: Development (unversioned) .so files in -devel subpackage, if present.
>      Note: Unversioned so-files in private %_libdir subdirectory (see
>      attachment). Verify they are not in ld path.
> - .so files must be either versioned and then package must have %post+%postun
>   scriplets with '/sbin/ldconfig'. Or .so files must be in -devel subpackage.
>

Comment above.

> [x]: Header files in -devel subpackage, if present.
> [x]: Package does not contain any libtool archives (.la)
> [x]: Rpath absent or only used for internal libs.
> 
> Generic:
> [!]: Package is licensed with an open-source compatible license and meets
>      other legal requirements as defined in the legal section of Packaging
>      Guidelines.
> - missing licenses in spec - there must be all licenses used in package
> 
> [!]: License field in the package spec file matches the actual license.
>      Note: Checking patched sources after %prep for licenses. Licenses
>      found: "BSD (3 clause)", "MIT/X11 (BSD like)", "Apache (v2.0) GPL (v3
>      or later)", "GPL (v3 or later)", "Unknown or generated". 30 files have
>      unknown license. Detailed output of licensecheck in
>      /home/zdohnal/repo_upstream/hidviz/review-hidviz/licensecheck.txt
> - missing licenses in spec - there must be all licenses used in package
> 

Comment above.

> [x]: License file installed when any subpackage combination is installed.
> [!]: Package must own all directories that it creates.
>      Note: Directories without known owners: /usr/share/icons/hicolor,
>      /usr/share/icons/hicolor/128x128/apps,
>      /usr/share/icons/hicolor/128x128

Comment above, but I am goint to change it.

> [x]: %build honors applicable compiler flags or justifies otherwise.
> [x]: Package contains no bundled libraries without FPC exception.
> [x]: Changelog in prescribed format.
> [x]: Sources contain only permissible code or content.
> [!]: Development files must be in a -devel package
> - it can be false positive - it depends on purpose of *.so files

Yup, false positive, comment above.

> 
> [x]: Package uses nothing in %doc for runtime.
> [!]: Package consistently uses macros (instead of hard-coded directory
>      names).
> - you should use %{name} instead hidviz in paths
>
This check is mostly meant not to use /usr/lib64 instead of %libdir, etc. But I
can change it.

> [x]: Package is named according to the Package Naming Guidelines.
> [x]: Package does not generate any conflict.
> [!]: Package obeys FHS, except libexecdir and /usr/target.
> - libhidx_server_daemon must be in %{_libexecdir}%{name} directory
>
IMHO there is no FHS opinion about libexecdir. AFAIK there is no *must*
anywhere, also comment above.

> [-]: If the package is a rename of another package, proper Obsoletes and
>      Provides are present.
> [x]: Requires correct, justified where necessary.
> [x]: Spec file is legible and written in American English.
> [!]: Package contains systemd file(s) if in need.
> - package contains *daemon executable - could it run as service in systemd?
> 
No, there is no service. The deamon is used only when the GUI is run to split
non privileged GUI from the privileged core, because you cannot run privileged
GUI in Wayland.

> [x]: gtk-update-icon-cache is invoked in %postun and %posttrans if package
>      contains icons.
>      Note: icons in hidviz
> [x]: Useful -debuginfo package or justification otherwise.
> [x]: Package is not known to require an ExcludeArch tag.
> [x]: Large documentation must go in a -doc subpackage. Large could be size
>      (~1MB) or number of files.
>      Note: Documentation size is 10240 bytes in 1 files.
> [!]: Package complies to the Packaging Guidelines
> - problems mentioned above
> 
> [x]: Package successfully compiles and builds into binary rpms on at least
>      one supported primary architecture.
> [x]: Package installs properly.
> [x]: Rpmlint is run on all rpms the build produces.
>      Note: There are rpmlint messages (see attachment).
> [x]: If (and only if) the source package includes the text of the
>      license(s) in its own file, then that file, containing the text of the
>      license(s) for the package is included in %license.
> [x]: Package requires other packages for directories it uses.
> [x]: Package does not own files or directories owned by other packages.
> [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
> [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
>      beginning of %install.
> [x]: Macros in Summary, %description expandable at SRPM build time.
> [x]: Package contains desktop file if it is a GUI application.
> [x]: Package installs a %{name}.desktop using desktop-file-install or
>      desktop-file-validate if there is such a file.
> [x]: Dist tag is present.
> [x]: Package does not contain duplicates in %files.
> [x]: Permissions on files are set properly.
> [x]: Package use %makeinstall only when make install DESTDIR=... doesn't
>      work.
> [x]: Package is named using only allowed ASCII characters.
> [x]: Package does not use a name that already exists.
> [x]: Package is not relocatable.
> [x]: Sources used to build the package match the upstream source, as
>      provided in the spec URL.
> [x]: Spec file name must match the spec package %{name}, in the format
>      %{name}.spec.
> [x]: File names are valid UTF-8.
> [x]: Packages must not store files under /srv, /opt or /usr/local
> 
> ===== SHOULD items =====
> 
> Generic:
> [-]: If the source package does not include license text(s) as a separate
>      file from upstream, the packager SHOULD query upstream to include it.
> [x]: Final provides and requires are sane (see attachments).
> [!]: Fully versioned dependency in subpackages if applicable.
>      Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in hidviz-
>      debuginfo

False positive

> [x]: Package functions as described.
> [x]: Latest version is packaged.
> [x]: Package does not include license text files separate from upstream.
> [x]: Patches link to upstream bugs/comments/lists or are otherwise
>      justified.
> [x]: Description and summary sections in the package spec file contains
>      translations for supported Non-English languages, if available.
> [x]: Package should compile and build into binary rpms on all supported
>      architectures.
> [-]: %check is present and all tests pass.
> [x]: Packages should try to preserve timestamps of original installed
>      files.
> [x]: Reviewer should test that the package builds in mock.
> [x]: Buildroot is not present
> [x]: Package has no %clean section with rm -rf %{buildroot} (or
>      $RPM_BUILD_ROOT)
> [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
> [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
> [x]: Uses parallel make %{?_smp_mflags} macro.
> [x]: Sources can be downloaded from URI in Source: tag
> [x]: SourceX is a working URL.
> [x]: Spec use %global instead of %define unless justified.
> 
> ===== EXTRA items =====
> 
> Generic:
> [x]: Rpmlint is run on debuginfo package(s).
>      Note: No rpmlint messages.
> [x]: Rpmlint is run on all installed packages.
>      Note: There are rpmlint messages (see attachment).
> [x]: Large data in /usr/share should live in a noarch subpackage if package
>      is arched.
> [x]: Spec file according to URL is the same as in SRPM.
> 
> 
> Rpmlint
> -------
> Checking: hidviz-0.1.4-1.fc25.x86_64.rpm
>           hidviz-debuginfo-0.1.4-1.fc25.x86_64.rpm
>           hidviz-0.1.4-1.fc25.src.rpm
> hidviz.x86_64: W: no-manual-page-for-binary hidviz
> 3 packages and 0 specfiles checked; 0 errors, 1 warnings.
> 
> 
> 
> 
> Rpmlint (debuginfo)
> -------------------
> Checking: hidviz-debuginfo-0.1.4-1.fc25.x86_64.rpm
> 1 packages and 0 specfiles checked; 0 errors, 0 warnings.
> 
> 
> 
> 
> 
> Rpmlint (installed packages)
> ----------------------------
> hidviz.x86_64: W: no-manual-page-for-binary hidviz
> 2 packages and 0 specfiles checked; 0 errors, 1 warnings.
> 
> 
> 
> Requires
> --------
> hidviz-debuginfo (rpmlib, GLIBC filtered):
> 
> hidviz (rpmlib, GLIBC filtered):
>     /bin/sh
>     ld-linux-x86-64.so.2()(64bit)
>     libQt5Core.so.5()(64bit)
>     libQt5Core.so.5(Qt_5)(64bit)
>     libQt5Core.so.5(Qt_5.7)(64bit)
>     libQt5Gui.so.5()(64bit)
>     libQt5Gui.so.5(Qt_5)(64bit)
>     libQt5Widgets.so.5()(64bit)
>     libQt5Widgets.so.5(Qt_5)(64bit)
>     libc.so.6()(64bit)
>     libgcc_s.so.1()(64bit)
>     libgcc_s.so.1(GCC_3.0)(64bit)
>     libhidx.so()(64bit)
>     libhidx_server.so()(64bit)
>     libm.so.6()(64bit)
>     libprotobuf.so.9()(64bit)
>     libpthread.so.0()(64bit)
>     libstdc++.so.6()(64bit)
>     libstdc++.so.6(CXXABI_1.3)(64bit)
>     libstdc++.so.6(CXXABI_1.3.1)(64bit)
>     libstdc++.so.6(CXXABI_1.3.2)(64bit)
>     libstdc++.so.6(CXXABI_1.3.3)(64bit)
>     libstdc++.so.6(CXXABI_1.3.5)(64bit)
>     libstdc++.so.6(CXXABI_1.3.9)(64bit)
>     libusb-1.0.so.0()(64bit)
>     rtld(GNU_HASH)
> 
> 
> 
> Provides
> --------
> hidviz-debuginfo:
>     hidviz-debuginfo
>     hidviz-debuginfo(x86-64)
> 
> hidviz:
>     application()
>     application(hidviz.desktop)
>     hidviz
>     hidviz(x86-64)
>     libhidx.so()(64bit)
>     libhidx_server.so()(64bit)
> 
> 
> 
> Unversioned so-files
> --------------------
> hidviz: /usr/lib64/hidviz/libhidx.so
> hidviz: /usr/lib64/hidviz/libhidx_server.so
> 
> Source checksums
> ----------------
> http://hidviz.org/releases/hidviz-0.1.4.tar.gz :
>   CHECKSUM(SHA256) this package     :
> a68f5626b184c76cc54bd60735b6fbe715d86958f9a4ef3147b30b9bb8dbff9b
>   CHECKSUM(SHA256) upstream package :
> a68f5626b184c76cc54bd60735b6fbe715d86958f9a4ef3147b30b9bb8dbff9b
> 
> 
> Generated by fedora-review 0.6.1 (f03e4e7) last change: 2016-05-02
> Command line :/usr/bin/fedora-review -n hidviz
> Buildroot used: fedora-25-x86_64
> Active plugins: Generic, Shell-api, C/C++
> Disabled plugins: Java, Python, fonts, SugarActivity, Ocaml, Perl, Haskell,
> R, PHP
> Disabled flags: EXARCH, DISTTAG, EPEL5, BATCH, EPEL6

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite Conditions]     [KDE Users]

  Powered by Linux