https://bugzilla.redhat.com/show_bug.cgi?id=2012612 --- Comment #1 from Petr Pisar <ppisar@xxxxxxxxxx> --- URL and Source addresses are Ok. TODO: I recommend you replace search.cpan.org URLs with metacpan.org. search.cpan.org is deprecated and redirects to MetaCPAN: https://metacpan.org/dist/Authen-ModAuthPubTkt https://cpan.metacpan.org/authors/id/A/AG/AGORDON/Authen-ModAuthPubTkt-%{version}.tar.gz Source0 archive (SHA512: 4e99ee35f8c33f03182831478b2d00e184fd5f21e6c3f6413298479c9e127e584ec38abd9af328c764bb87c101b1490b38d7c60f684624df0159f4644b2875b0) is original. Ok. Summary verified from lib/Authen/ModAuthPubTkt.pm. Ok. Description verified from lib/Authen/ModAuthPubTkt.pm. FIX: Replace "verify" with "verifies" in the description text. TODO: You can also remove spaces between the "https://neon1.net/mod_auth_pubtkt/"; address and the surrounding parentheses. License verified from README, lib/Authen/ModAuthPubTkt.pm: "Apache License, same as the rest of mod_auth_pubtkt". That license <https://github.com/manuelkasper/mod_auth_pubtkt/blob/master/LICENSE> is "ASL 1.0". License verified from META.json, Makefile.PL: perl_5. That is "GPL+ or Artistic". FIX: Change the License tag to "ASL 1.0 and (GPL+ or Artistic)". TODO: Please ask the software author for a clarification: The perl_5 in Makefile.PL is probably unintended. The "same as the rest of mod_auth_pubtkt" should be replaced with a license name. I cannot know which if the copies of mod_auth_pubtkt on the Internet the author refers to. FATAL: ASL 1.0 license requires a copy of the license provided with the sources: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. [...] * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the Apache Group * for use in the Apache HTTP server project (http://www.apache.org/)." The software violates the license. FIX: Report it to the author and wait for a new release you could package, or copy that license text as Source1 file in this package. I will continue in this review once the license issue is fixed. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2012612 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
