https://bugzilla.redhat.com/show_bug.cgi?id=2235768 Neal Gompa <ngompa13@xxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ngompa13@xxxxxxxxx --- Comment #9 from Neal Gompa <ngompa13@xxxxxxxxx> --- Spec review notes of my own: * Why clang? Could you build this with gcc? Most of our auto-hardening features are active with GCC. It also might fix the LTO issue. > BuildRequires: openssl-devel If you intend to force OpenSSL 3.x, you should make sure that's specified here, especially so that if it's backported to EPEL, it'll link to the right library. I noticed that your configure.ac doesn't use pkg_check_modules for OpenSSL. You might want to consider changing to that, so that using "pkgconfig(openssl)" would be accurate and work well in situations where this is being backported to distributions with different openssl versions available in parallel at build time. In libobjfwtls, you have: > Requires: openssl%{_isa} >= 3.0.0 If this links to the libraries normally, you don't need this and it should be dropped. RPM does automatic dependency tracking for linked libraries at the soname level. In the file lists for library packages, you have entries like the following: > %{_libdir}/libobjfw.so.* This isn't allowed. Library versions need to be tracked in the spec file. Cf. https://docs.fedoraproject.org/en-US/packaging-guidelines/#_listing_shared_library_files You can see an example of how I handled this in pkgconf: https://src.fedoraproject.org/rpms/pkgconf/blob/rawhide/f/pkgconf.spec -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2235768 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202235768%23c9 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue