https://bugzilla.redhat.com/show_bug.cgi?id=2237756 --- Comment #4 from blinxen <h-k-81@xxxxxxxxxxx> --- > hex *is* packaged, the dev-dependency in this crate is just outdated (v0.3 vs. v0.4 in Fedora). > hex v0.3 is at this point over 5 years old, the upstream project should definitely update. > I don't think there's been many breaking API changes between v0.3 and v0.4, you might be able to just bump the dependency. Patching `Cargo.toml` to v0.4 seemed to work and all tests pass. Thanks for the hint :D Will also create a PR upstream soon. > rustc-hex has been deprecated for years, and it also appears to be an entirely unused dependency > You should just be able to remove it. I removed it alongside `criterion` > The project contains copies / modified copies of two other projects (rust standard library, fast-hex): > fast-hex appears to be licensed MIT as well, so this should be OK > rust standard library is MIT OR Apache-2.0, which is not reflected in crate metadata (and the Apache-2.0 license text is not included) > I'm not sure if the crate saying "I'm taking rust standard library code and choose to just apply the MIT" is OK. > Either way, you would at least need to mark the files in the LICENSE-THIRD-PARTY folder as %license. I have added both license files with the `%license` directive. However I don't think upstream has to use or specify Apache-2.0 in the crate metadata because the source code is released under Apache-2.0 or MIT. So picking just one should be fine. No? Links to the uploaded files: Spec URL: https://blinxen.fedorapeople.org/rust-faster-hex/rust-faster-hex.spec SRPM URL: https://blinxen.fedorapeople.org/rust-faster-hex/rust-faster-hex-0.8.1-1.fc40.src.rpm -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2237756 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202237756%23c4 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
