https://bugzilla.redhat.com/show_bug.cgi?id=2231209 --- Comment #3 from Spike <SpikeFedora@xxxxxxxxx> --- Thanks a lot Petr for the very detailed review! Updated spec and SRPM file can be found here: https://spike.fedorapeople.org/openvpn-otp/openvpn-otp.spec https://spike.fedorapeople.org/openvpn-otp/openvpn-otp-1.0%5e20230731git47f8ccf-1.fc38.src.rpm (In reply to Petr Pisar from comment #2) > FIX: Follow a version scheme for snapshots > <https://docs.fedoraproject.org/en-US/packaging-guidelines/Versioning/ Updated the version form the "Traditional versioning" scheme to the current one. > TODO: Spell "Authentication" with a lower case "a". Done. > FATAL: Distribute APSL-2.0 license text <https://opensource.apple.com/apsl/> > with the sources and within the binary RPM package. This is required by > APSL-2.0 license and an upstream not doing it violates the license. Also > report it to the upstream. APSL-2.0.txt was added. Opened upstream issue: https://github.com/evgeny-gridasov/openvpn-otp/issues/46 > FIX: Extract Apache-1.0 text from src/base64.h and package it in a binary > package as required by the license. Apache-1.0.txt was added. > FATAL: Distribute Apache-2.0 license text > <https://www.apache.org/licenses/LICENSE-2.0> with the sources and within > the binary RPM package. This requires by Apache-2.0 license and an upstream > not doing it violates the license. Also report it to the upstream. Apache-2.0.txt was added. Opened upstream issue: https://github.com/evgeny-gridasov/openvpn-otp/issues/47 > FIX: Correct License tag to "GPL-1.0-or-later AND Apache-2.0 AND Apache-1.0 > AND APSL-2.0". Source code does not mention which GPL version to apply, > hence with in compliance with the GPL-3.0 text, any version can be used. Done. > FIX: Build-require "bash" (autogen.sh:1). > FIX: Build-require "coreutils" (autogen.sh:2). > FIX: Build-require "autoconf" (autogen.sh:3). > FIX: Build-require "automake" (configure.ac:3). Done. > TODO: Constrain "openssl-devel" build-dependency with ">= 1.1.0" > (configure.ac:39). Done. > FIX: Build-require "make" (openvpn-otp.spec:30). Done. > TODO: Report to upstream that the codes uses functions (e.g. HMAC_CTX_new()) > deprecated in OpenSSL 3.0. Upstream issue was opened: https://github.com/evgeny-gridasov/openvpn-otp/issues/48 -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2231209 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202231209%23c3 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
