https://bugzilla.redhat.com/show_bug.cgi?id=1778530 --- Comment #2 from Gary Buhrmaster <gary.buhrmaster@xxxxxxxxx> --- (In reply to Daiki Ueno from comment #1) > Thank you for working on this; please find below the review. Thanks for your review (sorry for taking so long to reply, life happens). Comments inline follow: > Issues: > ======= > - ldconfig not called in %post and %postun for Fedora 28 and later. Accepted/Completed - My only (weak) defense is that the existing ldconfig %post/%postun was a legacy of starting this before the new file trigger support was in place. I should have seen it (I did in other packages I maintain). > - Development (unversioned) .so files in -devel subpackage, if present. > ... > -> I think this is okay, as it's a runtime library that applications > (e.g. OpenSSH) use. Acknowledged, will remain. > - Static libraries in -static or -devel subpackage, providing -devel if > present. > .... > -> Please remove .a files in %build or %install. Accepted/Completed (.a files removed in %install) > - fido2-tools should have a fully versioned dependency on libfido2. Accepted/Completed (requirements updated) > I'm also not sure if this explicit naming is ok; I would rather > use libfido2-tools. I selected the name to be compatible with the debian packages that upstream provides. My initial thought was name compatibility was likely desirable to try to minimize unnecessary distro differences. If you prefer libfido2-tools I can make that change, but I have not for this spec update. I await further feedback. > - It would be good to bundle the gpg signature and verify it at %prep. Currently the project does not sign releases. I have opened an issue with the project requesting that they do include signatures for future releases. As there is currently not a verifiable project release key, as I understand the packaging guidelines, this is not currently required. ---- In addition to the requested changes, a new rpm requirement (that was self-identified as missing) of u2f-hidraw-policy was added to the package to help udev properly set permissions on u2f keys at insert. Current spec/SRPMs: Spec URL: https://copr-be.cloud.fedoraproject.org/results/gtb/libfido2/fedora-31-x86_64/01129329-libfido2/libfido2.spec SRPM URL: https://copr-be.cloud.fedoraproject.org/results/gtb/libfido2/fedora-31-x86_64/01129329-libfido2/libfido2-1.3.0-2.fc31.src.rpm -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
