https://bugzilla.redhat.com/show_bug.cgi?id=2033294 Fabio Valentini <decathorpe@xxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |decathorpe@xxxxxxxxx Assignee|scorreia@xxxxxxxxxx |decathorpe@xxxxxxxxx --- Comment #1 from Fabio Valentini <decathorpe@xxxxxxxxx> --- Quick comments from Rust SIG POV: 1. looks like you generated this .spec file with an old version of rust2rpm. Please use rust2rpm 20. 2. The comment about bundled / vendored rust dependencies ("Use bundled deps as we don't ship the exact right versions for all the required rust libraries") contradicts what is actually happening. IIUC the conditionals below make the package only use the vendor tarball on RHEL (where no rust libraries are packaged *at all*), but still use only system Rust libraries on Fedora. 3. The chosen package version format is a bit weird: %{crate_version}~20211216gd5a31912 Where do the components after "%{crate_version}" come from? Is this a git snapshot? From which git repository? Please follow the guidelines for snapshot versioning: https://docs.fedoraproject.org/en-US/packaging-guidelines/Versioning/#_snapshots The preferred format in Fedora seems to be something like 0.1.0~20211216.gitgd5a31912. 4. The URL is wrong. This crate is not published on crates.io. You should probably use https://github.com/keylime/rust-keylime 5. The Source0 does not reference an upstream. Where did you get that .crate file? The .spec file does not say. If it is a git snapshot from GitHub, use the documented Source URLs for GitHub snapshots: https://docs.fedoraproject.org/en-US/packaging-guidelines/SourceURL/#_commit_revision In particular, you should define %commit / %shortcommit / %commitdate at the top of the .spec file and reference those variables by macro in the rest of the .spec file (in particular, inside "Version", and "%prep"). 6. How is the Source1 file generated? The .spec file does not say. Is it "cargo vendor" from inside the expanded tarball? 7. I think %cargo_generate_buildrequires is only required if you *don'*t use vendor tarball? 8. The name for the package is wrong. Since it is not published on crates.io, it must follow the Naming Guidelines: https://docs.fedoraproject.org/en-US/packaging-guidelines/Rust/#_package_naming https://docs.fedoraproject.org/en-US/packaging-guidelines/Naming/ In particular, this means it cannot use the "rust-" prefix, so that it does not collide with the crates.io namespace (that is mapped to rust-$crate in Fedora). Some clarifications for the Rust package naming guidelines are currently under review and should get merged soon: https://pagure.io/packaging-committee/pull-request/1124 Hope this helps. -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2033294 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
