https://bugzilla.redhat.com/show_bug.cgi?id=1821120 --- Comment #5 from Lyes Saadi <fedora@xxxxxxx> --- That's... That's weird indeed... Let's just skip that... You should continue to use the github-generated tarball. It's only a SHOULD item. You may ask the maintainer to provide a valid signature for the github-generated tarball instead of an arbitrary one. And preferably to host his public key in an appropriate place as well. Either way, could you please provide a new spec file with an updated "Provide" to reflect the bundling of JSMN (and associated SRPM)? I won't be able to accept the review right now though, this is my first time reviewing a package, and I have some issues regarding my Bugzilla permissions related to this infrastructure issue: https://pagure.io/fedora-infrastructure/issue/8628#comment-642931 (that's why I haven't assigned this bug to myself...). -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
