[Bug 1868845] Review Request: xcb-imdkit - Input method development support for xcb

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.redhat.com/show_bug.cgi?id=1868845



--- Comment #3 from Qiyu Yan <yanqiyu01@xxxxxxxxx> ---
(In reply to Andy Mender from comment #1)
> Koji build: https://koji.fedoraproject.org/koji/taskinfo?taskID=49309699
> 
> > License:    LGPLv2
> 
> licensecheck picked up a couple of files with a different license:
> xcb-imdkit/src/xlibi18n/XlcPubI.h: NTP License (legal disclaimer)
> xcb-imdkit/src/xlibi18n/XlcPublic.h: NTP License (legal disclaimer)
> xcb-imdkit/src/xlibi18n/lcCT.c: NTP License (legal disclaimer)
> xcb-imdkit/src/xlibi18n/lcCharSet.c: NTP License (legal disclaimer)
> xcb-imdkit/src/xlibi18n/lcUTF8.c: NTP License (legal disclaimer)
> 
> Here's the text of the license for reference:
> https://opensource.org/licenses/NTP
> 
> I checked the files and indeed the license comments in them match the NTP
> license. The problem is that NTP is not an official license tag:
> https://fedoraproject.org/wiki/Licensing:
> Main?rd=Licensing#Software_License_List
> 
> I will contact Fedora Legal to get some feedback on this. Upstream should
> also be informed, I think, since they do not mention the NTP license in the
> README. They mention the BSD license, but licensecheck didn't pick up any
> BSD-licensed files.
> 
> > BuildRequires:  cmake, extra-cmake-modules
> > BuildRequires:  gcc-c++
> > BuildRequires:  libxcb-devel, xcb-util-devel, xcb-util-keysyms-devel
> 
> Could you split these into separate lines and sort them alphabetically?
> Also, could you check whether it's possible to use the "pkgconfig(foo)"
> format for the -devel packages?
> 
> > %files
> > %license LICENSES/LGPL-2.1-only.txt
> > %doc README.md
> > %{_libdir}/*.so.*
> 
> I would be more explicit in the final line, like this:
> %{_libdir}/lib%{name}.so.*
> 
> You can also use "%{_libdir}/lib%{name}.so.0*" so that soname bumps across
> package updates are captured more easily.
> 
> > %files devel
> > %{_includedir}/xcb-imdkit
> > %{_libdir}/cmake/XCBImdkit
> > %{_libdir}/*.so
> 
> Same here - "%{_libdir}/lib%{name}.so" instead of "%{_libdir}/*.so"
Above are fixed
> 
> The full review matrix:
> Package Review
> ==============
> 
> Legend:
> [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
> [ ] = Manual review needed
> 
> 
> 
> ===== MUST items =====
> 
> C/C++:
> [x]: Package does not contain kernel modules.
> [x]: Package contains no static executables.
> [x]: If your application is a C or C++ application you must list a
>      BuildRequires against gcc, gcc-c++ or clang.
> [x]: Header files in -devel subpackage, if present.
> [x]: ldconfig not called in %post and %postun for Fedora 28 and later.
> [x]: Package does not contain any libtool archives (.la)
> [x]: Rpath absent or only used for internal libs.
> [x]: Development (unversioned) .so files in -devel subpackage, if present.
> 
> Generic:
> [x]: Package successfully compiles and builds into binary rpms on at least
>      one supported primary architecture.
>      Note: Using prebuilt packages
> [x]: Package is licensed with an open-source compatible license and meets
>      other legal requirements as defined in the legal section of Packaging
>      Guidelines.
>      Review: Theoretically yes, but the NTP license doesn't have a dedicated
>      license tag.
> [!]: License field in the package spec file matches the actual license.
>      Note: Checking patched sources after %prep for licenses. Licenses
>      found: "Unknown or generated", "NTP License (legal disclaimer)",
>      "Expat License GNU Lesser General Public License". 87 files have
>      unknown license. Detailed output of licensecheck in
>      /home/amender/rpmbuild/SPECS/xcb-imdkit/xcb-imdkit/licensecheck.txt
>      Review: see comment above.
> [x]: License file installed when any subpackage combination is installed.
> [x]: %build honors applicable compiler flags or justifies otherwise.
> [x]: Package contains no bundled libraries without FPC exception.
> [?]: Changelog in prescribed format.
>      Review: Not sure about this. rpmlint complains 
>      and package uses commit hashes for versioning.
This is because %forgemeta did something tricky, the snapshot date generated
can be different. Anyway, changed to 20200811, should silent the warning.
> [x]: Sources contain only permissible code or content.
>      Review: Yes, but see comments about licenses.
> [-]: Package contains desktop file if it is a GUI application.
> [x]: Development files must be in a -devel package
> [?]: Package uses nothing in %doc for runtime.
> [x]: Package consistently uses macros (instead of hard-coded directory
>      names).
> [x]: Package is named according to the Package Naming Guidelines.
> [x]: Package does not generate any conflict.
> [x]: Package obeys FHS, except libexecdir and /usr/target.
> [-]: If the package is a rename of another package, proper Obsoletes and
>      Provides are present.
> [x]: Requires correct, justified where necessary.
> [x]: Spec file is legible and written in American English.
> [-]: Package contains systemd file(s) if in need.
> [x]: Useful -debuginfo package or justification otherwise.
> [x]: Package is not known to require an ExcludeArch tag.
> [-]: Large documentation must go in a -doc subpackage. Large could be size
>      (~1MB) or number of files.
>      Note: Documentation size is 10240 bytes in 1 files.
> [x]: Package complies to the Packaging Guidelines
> [x]: Package installs properly.
> [x]: Rpmlint is run on all rpms the build produces.
>      Note: There are rpmlint messages (see attachment).
> [x]: If (and only if) the source package includes the text of the
>      license(s) in its own file, then that file, containing the text of the
>      license(s) for the package is included in %license.
> [x]: Package requires other packages for directories it uses.
> [x]: Package must own all directories that it creates.
> [x]: Package does not own files or directories owned by other packages.
> [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
> [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
>      beginning of %install.
> [x]: Macros in Summary, %description expandable at SRPM build time.
> [x]: Dist tag is present.
> [x]: Package does not contain duplicates in %files.
> [x]: Permissions on files are set properly.
> [x]: Package must not depend on deprecated() packages.
> [x]: Package use %makeinstall only when make install DESTDIR=... doesn't
>      work.
> [x]: Package is named using only allowed ASCII characters.
> [x]: Package does not use a name that already exists.
> [x]: Package is not relocatable.
> [x]: Sources used to build the package match the upstream source, as
>      provided in the spec URL.
> [x]: Spec file name must match the spec package %{name}, in the format
>      %{name}.spec.
> [x]: File names are valid UTF-8.
> [x]: Packages must not store files under /srv, /opt or /usr/local
> 
> ===== SHOULD items =====
> 
> Generic:
> [x]: Reviewer should test that the package builds in mock.
>      Review: Tested in mock and in Koji.
> [-]: If the source package does not include license text(s) as a separate
>      file from upstream, the packager SHOULD query upstream to include it.
> [x]: Final provides and requires are sane (see attachments).
> [x]: Fully versioned dependency in subpackages if applicable.
>      Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in xcb-
>      imdkit-devel
>      Review: Not true - the Requires line is there.
> [?]: Package functions as described.
> [x]: Latest version is packaged.
> [x]: Package does not include license text files separate from upstream.
> [-]: Sources are verified with gpgverify first in %prep if upstream
>      publishes signatures.
>      Note: gpgverify is not used.
> [x]: Description and summary sections in the package spec file contains
>      translations for supported Non-English languages, if available.
> [x]: Package should compile and build into binary rpms on all supported
>      architectures.
>      Review: Tested in Koji.
> [x]: %check is present and all tests pass.
> [x]: Packages should try to preserve timestamps of original installed
>      files.
> [x]: Buildroot is not present
> [x]: Package has no %clean section with rm -rf %{buildroot} (or
>      $RPM_BUILD_ROOT)
> [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
> [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
> [x]: The placement of pkgconfig(.pc) files are correct.
> [x]: Sources can be downloaded from URI in Source: tag
> [x]: SourceX is a working URL.
> [x]: Spec use %global instead of %define unless justified.
> 
> ===== EXTRA items =====
> 
> Generic:
> [x]: Rpmlint is run on debuginfo package(s).
>      Note: No rpmlint messages.
> [x]: Rpmlint is run on all installed packages.
>      Note: No rpmlint messages.
> [x]: Large data in /usr/share should live in a noarch subpackage if package
>      is arched.
> 
> 
> Rpmlint
> -------
> Checking: xcb-imdkit-0-0.1.20200811gitd6609a7.fc33.x86_64.rpm
>           xcb-imdkit-devel-0-0.1.20200811gitd6609a7.fc33.x86_64.rpm
>           xcb-imdkit-debuginfo-0-0.1.20200811gitd6609a7.fc33.x86_64.rpm
>           xcb-imdkit-debugsource-0-0.1.20200811gitd6609a7.fc33.x86_64.rpm
>           xcb-imdkit-0-0.1.20200811gitd6609a7.fc33.src.rpm
> xcb-imdkit.x86_64: W: spelling-error %description -l en_US xim -> mix, xi,
> xis
> xcb-imdkit.x86_64: W: incoherent-version-in-changelog
> 0-0.1.20200812gitd6609a7 ['0-0.1.20200811gitd6609a7.fc33',
> '0-0.1.20200811gitd6609a7']
> xcb-imdkit-devel.x86_64: W: description-shorter-than-summary
> xcb-imdkit-devel.x86_64: W: no-documentation
> xcb-imdkit.src: W: spelling-error %description -l en_US xim -> mix, xi, xis
> 5 packages and 0 specfiles checked; 0 errors, 5 warnings.
> 
> 
> 
> 
> Rpmlint (debuginfo)
> -------------------
> Checking: xcb-imdkit-debuginfo-0-0.1.20200811gitd6609a7.fc33.x86_64.rpm
> 1 packages and 0 specfiles checked; 0 errors, 0 warnings.
> 
> 
> 
> 
> 
> Rpmlint (installed packages)
> ----------------------------
> (none): E: no installed packages by name xcb-imdkit-devel
> (none): E: no installed packages by name xcb-imdkit-debugsource
> (none): E: no installed packages by name xcb-imdkit
> (none): E: no installed packages by name xcb-imdkit-debuginfo
> 0 packages and 0 specfiles checked; 0 errors, 0 warnings.
> 
> 
> 
> Source checksums
> ----------------
> https://github.com/fcitx/xcb-imdkit/archive/
> d6609a72465cf7e0479aea075a4d2e5d7ca018eb/xcb-imdkit-
> d6609a72465cf7e0479aea075a4d2e5d7ca018eb.tar.gz :
>   CHECKSUM(SHA256) this package     :
> f0878788d35407842d3cf0f33be9b50671a92365c61118d383cd700f8153d8f8
>   CHECKSUM(SHA256) upstream package :
> f0878788d35407842d3cf0f33be9b50671a92365c61118d383cd700f8153d8f8
> 
> 
> Requires
> --------
> xcb-imdkit (rpmlib, GLIBC filtered):
>     libc.so.6()(64bit)
>     libxcb-util.so.1()(64bit)
>     libxcb.so.1()(64bit)
>     rtld(GNU_HASH)
> 
> xcb-imdkit-devel (rpmlib, GLIBC filtered):
>     /usr/bin/pkg-config
>     cmake-filesystem(x86-64)
>     libxcb-imdkit.so.0()(64bit)
>     pkgconfig(xcb)
>     pkgconfig(xcb-util)
>     xcb-imdkit(x86-64)
> 
> xcb-imdkit-debuginfo (rpmlib, GLIBC filtered):
> 
> xcb-imdkit-debugsource (rpmlib, GLIBC filtered):
> 
> 
> 
> Provides
> --------
> xcb-imdkit:
>     libxcb-imdkit.so.0()(64bit)
>     xcb-imdkit
>     xcb-imdkit(x86-64)
> 
> xcb-imdkit-devel:
>     cmake(XCBImdkit)
>     cmake(xcbimdkit)
>     pkgconfig(xcb-imdkit)
>     xcb-imdkit-devel
>     xcb-imdkit-devel(x86-64)
> 
> xcb-imdkit-debuginfo:
>     debuginfo(build-id)
>     xcb-imdkit-debuginfo
>     xcb-imdkit-debuginfo(x86-64)
> 
> xcb-imdkit-debugsource:
>     xcb-imdkit-debugsource
>     xcb-imdkit-debugsource(x86-64)


-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite Conditions]     [KDE Users]

  Powered by Linux