Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: jpoker - A jQuery user interface to play on poker-network based servers https://bugzilla.redhat.com/show_bug.cgi?id=403801 tibbs@xxxxxxxxxxx changed: What |Removed |Added ---------------------------------------------------------------------------- Flag|fedora-review? |fedora-review+ ------- Additional Comments From tibbs@xxxxxxxxxxx 2007-12-03 19:37 EST ------- There's not really all that much to this. In fact, I'm not really clear on what it's supposed to do; I guess the expectation is that you're running the web server on the same machines as the poker-network server, because this offers no choice of server or even any way to configure the server it connects to (proxy.php seems to hardcode http://127.0.0.1:19382). Is it safe to have this enabled and exposed to the world by default? The upstream web site indicates this is some sort of jquery plugin, but the package bundles jquery itself. I guess it would be super-pointless to cook up some method for sharing an 80K javascript library between packages, but I don't relish the thought of a security issue cropping up in a little library that's embedded in a bunch of places. I guess you could do it with symlinks. I'm a bit confused about the License: tag. I see parts which are GPLv2+: proxy.php tables.html index.html jquery.jpoker.js tournaments.html and parts which are dual-licensed MIT and an unknown GPL version: jquery.js jquery-tablesorter.js but I don't see what's licensed as BSD. So to me it looks more like "License: GPLv2+ and (MIT or GPL+)" is closer to the truth, but maybe I'm missing something. It's funny how COPYING and GPL-LICENSE.txt both contain the GPL, but one is re-intended and is missing a single comma at the end of the copyright line and the entire "How to Apply" section. The only thing that really troubles me is the License: tag, which should be trivial to double-check and fix if necessary before you check in. Review: * source files match upstream: e587b27fbb0b7ac6569d5850375513d661e5bd759671d14137ec91ccc8bdec38 jpoker-1.0.6.tar.gz * package meets naming and versioning guidelines. * specfile is properly named, is cleanly written and uses macros consistently. * summary is OK. * description is OK. * dist tag is present. * build root is OK. ? license field matches the actual license. * license is open source-compatible. * license text included in package. * latest version is being packaged. * BuildRequires are proper (none) * %clean is present. * package builds in mock (rawhide, x86_64). * package installs properly * rpmlint is silent. * final provides and requires are sane: jpoker = 1.0.6-1.fc9 = httpd php * %check is not present; no test suite upstream. Seems to work as far as I can figure it out. * owns the directories it creates. * doesn't own any directories it shouldn't. * no duplicates in %files. * file permissions are appropriate. * no scriptlets present. * code, not content. * documentation is small, so no -docs subpackage is necessary. * %docs are not necessary for the proper functioning of the package. APPROVED; please just double check License: before you check in. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review