https://bugzilla.redhat.com/show_bug.cgi?id=1882547 --- Comment #2 from Petr Pisar <ppisar@xxxxxxxxxx> --- URL and Source addresses are usable. Ok. TODO: Source0 URL differs from the one listed on the releases page <https://github.com/mtrojnar/osslsigncode/archive/2.0.tar.gz>. I'd prefer to have them the same. Source0 archive (SHA-256: 5a60e0a4b3e0b4d655317b2f12a810211c50242138322b16e7e01c6fbb89d92f) is original. Ok. Summary is Ok. Description verified from README.md. Ok. License verified from: osslsigncode.c: GPLv3+ with OpenSSL exception autogen.sh: BSD LICENSE.txt: GPLv3+ with OpenSSL exception COPYING.txt: GPLv3 text License is Ok. TODO: I recommend listing ./configure --with-curl --with-gsf options explicitly instead of relying on an autodetection. FIX: Build-require autoconf (osslsigncode.spec:29). FIX: Build-require make (osslsigncode.spec:31). FIX: Build-require coreutils (configure.ac:45). FIX: Build-require sed (configure.ac:48). TODO: Constrain 'pkgconfig(libcrypto)' dependency with '>= 1.1.0' (configure.ac:96). TODO: Remove 'pkgconfig(openssl)' dependency (its not used if 'pkgconfig(libcrypto) >= 1.1.0' is available. TODO: Constrain 'pkgconfig(libcurl)' dependency with '>= 7.12.0' (configure.ac:114). TODO: Perform upstream tests. You can install mingw32-gcc and /usr/bin/keytool, then comile a trivial C program with i686-w64-mingw32-gcc to produce a PE executable, then rename it to tests/putty.exe, slightly patch tests/testsign.sh not to delete putty.exe, and finaly execute tests/testsign.sh. Distribution compiler and linker flags are respected. Ok. $ rpmlint osslsigncode.spec ../SRPMS/osslsigncode-2.0-2.fc34.src.rpm ../RPMS/x86_64/osslsigncode-* sh: /usr/bin/python2: No such file or directory osslsigncode.src: W: spelling-error %description -l en_US signtool -> sign tool, sign-tool, signatory osslsigncode.src: W: spelling-error %description -l en_US exe -> ex, exes, exec osslsigncode.src: W: spelling-error %description -l en_US timestamping -> time stamping, time-stamping, times tamping osslsigncode.src: W: spelling-error %description -l en_US cURL -> curl, URL, c URL osslsigncode.x86_64: W: spelling-error %description -l en_US signtool -> sign tool, sign-tool, signatory osslsigncode.x86_64: W: spelling-error %description -l en_US exe -> ex, exes, exec osslsigncode.x86_64: W: spelling-error %description -l en_US timestamping -> time stamping, time-stamping, times tamping osslsigncode.x86_64: W: spelling-error %description -l en_US cURL -> curl, URL, c URL osslsigncode.x86_64: W: incoherent-version-in-changelog 2.0-1 ['2.0-2.fc34', '2.0-2'] osslsigncode.x86_64: W: no-manual-page-for-binary osslsigncode 4 packages and 1 specfiles checked; 0 errors, 10 warnings. FIX: The latest changelog entry does not version-release strig of the package. $ rpm -q -lv -p ../RPMS/x86_64/osslsigncode-2.0-2.fc34.x86_64.rpm -rwxr-xr-x 1 root root 77880 Oct 9 16:48 /usr/bin/osslsigncode drwxr-xr-x 2 root root 0 Oct 9 16:48 /usr/lib/.build-id drwxr-xr-x 2 root root 0 Oct 9 16:48 /usr/lib/.build-id/3a lrwxrwxrwx 1 root root 32 Oct 9 16:48 /usr/lib/.build-id/3a/7f2f1b34696d85dee09c3f73c5b3545f14a2cf -> ../../../../usr/bin/osslsigncode drwxr-xr-x 2 root root 0 Oct 9 16:48 /usr/share/doc/osslsigncode -rw-r--r-- 1 root root 3158 Dec 4 2018 /usr/share/doc/osslsigncode/CHANGELOG.md -rw-r--r-- 1 root root 4945 Dec 4 2018 /usr/share/doc/osslsigncode/README.md -rw-r--r-- 1 root root 2852 Dec 4 2018 /usr/share/doc/osslsigncode/README.unauthblob.md -rw-r--r-- 1 root root 251 Dec 4 2018 /usr/share/doc/osslsigncode/TODO.md drwxr-xr-x 2 root root 0 Oct 9 16:48 /usr/share/licenses/osslsigncode -rw-r--r-- 1 root root 35147 Dec 4 2018 /usr/share/licenses/osslsigncode/COPYING.txt -rw-r--r-- 1 root root 1506 Dec 4 2018 /usr/share/licenses/osslsigncode/LICENSE.txt The permissions and file layout are Ok. $ rpm -q --requires -p ../RPMS/x86_64/osslsigncode-2.0-2.fc34.x86_64.rpm |sort -f |uniq -c 1 libc.so.6()(64bit) 1 libc.so.6(GLIBC_2.14)(64bit) 1 libc.so.6(GLIBC_2.2.5)(64bit) 1 libc.so.6(GLIBC_2.3)(64bit) 1 libc.so.6(GLIBC_2.3.4)(64bit) 1 libc.so.6(GLIBC_2.4)(64bit) 1 libcrypto.so.1.1()(64bit) 1 libcrypto.so.1.1(OPENSSL_1_1_0)(64bit) 1 libcurl.so.4()(64bit) 1 libglib-2.0.so.0()(64bit) 1 libgobject-2.0.so.0()(64bit) 1 libgsf-1.so.114()(64bit) 1 rpmlib(CompressedFileNames) <= 3.0.4-1 1 rpmlib(FileDigests) <= 4.6.0-1 1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 1 rpmlib(PayloadIsZstd) <= 5.4.18-1 1 rtld(GNU_HASH) Binary requires are Ok. $ rpm -q --provides -p ../RPMS/x86_64/osslsigncode-2.0-2.fc34.x86_64.rpm |sort -f |uniq -c 1 osslsigncode = 2.0-2.fc34 1 osslsigncode(x86-64) = 2.0-2.fc34 Binary provides are Ok. $ resolvedeps rawhide ../RPMS/x86_64/osslsigncode-2.0-2.fc34.x86_64.rpm Binary dependencies are resolvable. Ok. The package build in F34 (https://koji.fedoraproject.org/koji/taskinfo?taskID=53083946). Ok. Otherwise the package is in line with Fedora packaging guidelines. Please correct the 'FIX' items, consider fixing 'TODO' items, and provide a new spec file. Resolution: Package NOT approved. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
