https://bugzilla.redhat.com/show_bug.cgi?id=2248784 blinxen <h-k-81@xxxxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |h-k-81@xxxxxxxxxxx Assignee|nobody@xxxxxxxxxxxxxxxxx |h-k-81@xxxxxxxxxxx Doc Type|--- |If docs needed, set a value Status|NEW |ASSIGNED Flags| |fedora-review? --- Comment #3 from blinxen <h-k-81@xxxxxxxxxxx> --- Taking this review General comments: - Package was generated with rust2rpm - Some tests were skipped because of missing files --> OK - Some dependencies were manually updated to the latest version --> OK but maybe consider patching this upstream - I assume Questions: - Why is the SPDX license list data updated? Looking at upstream, it seems the file is 4 years old. Should this be reported? - What is the license under which the license list is published? I could not find any information about that (looked in https://github.com/spdx/license-list-data and https://github.com/spdx/license-list-XML). Problems: - False requires on `/usr/bin/bash`, excluding `scripts` should probably fix this Full review: Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed ===== MUST items ===== C/C++: [-]: Provides: bundled(gnulib) in place as required. Note: Sources not installed [x]: Package does not contain kernel modules. [x]: Header files in -devel subpackage, if present. [x]: Package does not contain any libtool archives (.la) [x]: Package contains no static executables. [x]: Rpath absent or only used for internal libs. Generic: [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. Note: Using prebuilt packages [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. No licenses found. Please check the source files for licenses manually. [x]: License file installed when any subpackage combination is installed. [x]: If the package is under multiple licenses, the licensing breakdown must be documented in the spec. [x]: %build honors applicable compiler flags or justifies otherwise. [!]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [x]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Useful -debuginfo package or justification otherwise. [x]: Package is not known to require an ExcludeArch tag. [-]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 73246 bytes in 5 files. [x]: Package complies to the Packaging Guidelines [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: The License field must be a valid SPDX expression. [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [x]: Reviewer should test that the package builds in mock. [x]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [x]: Fully versioned dependency in subpackages if applicable. Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in cargo- deny , rust-cargo-deny-devel , rust-cargo-deny+default-devel , rust- cargo-deny+native-certs-devel [?]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [!]: Patches link to upstream bugs/comments/lists or are otherwise justified. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. [x]: Package should compile and build into binary rpms on all supported architectures. [!]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: No rpmlint messages. [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. Rpmlint ------- Checking: cargo-deny-0.14.3-1.fc40.aarch64.rpm rust-cargo-deny-devel-0.14.3-1.fc40.noarch.rpm rust-cargo-deny+default-devel-0.14.3-1.fc40.noarch.rpm rust-cargo-deny+native-certs-devel-0.14.3-1.fc40.noarch.rpm rust-cargo-deny-debugsource-0.14.3-1.fc40.aarch64.rpm rust-cargo-deny-0.14.3-1.fc40.src.rpm ============================ rpmlint session starts ============================ rpmlint: 2.4.0 configuration: /usr/lib/python3.11/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml rpmlintrc: [PosixPath('/tmp/tmpsd9rvj_t')] checks: 31, packages: 6 cargo-deny.aarch64: W: no-manual-page-for-binary cargo-deny rust-cargo-deny+default-devel.noarch: W: no-documentation rust-cargo-deny+native-certs-devel.noarch: W: no-documentation 6 packages and 0 specfiles checked; 0 errors, 3 warnings, 0 badness; has taken 0.5 s Rpmlint (installed packages) ---------------------------- (none): E: there is no installed rpm "rust-cargo-deny-devel". (none): E: there is no installed rpm "rust-cargo-deny+native-certs-devel". (none): E: there is no installed rpm "rust-cargo-deny+default-devel". (none): E: there is no installed rpm "cargo-deny". (none): E: there is no installed rpm "rust-cargo-deny-debugsource". There are no files to process nor additional arguments. Nothing to do, aborting. ============================ rpmlint session starts ============================ rpmlint: 2.4.0 configuration: /usr/lib/python3.12/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 31, packages: 5 0 packages and 0 specfiles checked; 0 errors, 0 warnings, 0 badness; has taken 0.0 s Source checksums ---------------- https://crates.io/api/v1/crates/cargo-deny/0.14.3/download#/cargo-deny-0.14.3.crate : CHECKSUM(SHA256) this package : 60deefd7de37636520d2d0b6ea167f84b934d2bd557ee3c079b36f87614be5cd CHECKSUM(SHA256) upstream package : 60deefd7de37636520d2d0b6ea167f84b934d2bd557ee3c079b36f87614be5cd Requires -------- cargo-deny (rpmlib, GLIBC filtered): ld-linux-aarch64.so.1()(64bit) libc.so.6()(64bit) libgcc_s.so.1()(64bit) libgcc_s.so.1(GCC_3.0)(64bit) libgcc_s.so.1(GCC_3.3)(64bit) libgcc_s.so.1(GCC_4.2.0)(64bit) libm.so.6()(64bit) libzstd.so.1()(64bit) rtld(GNU_HASH) rust-cargo-deny-devel (rpmlib, GLIBC filtered): (crate(anyhow/default) >= 1.0.0 with crate(anyhow/default) < 2.0.0~) (crate(askalono/default) >= 0.4.0 with crate(askalono/default) < 0.5.0~) (crate(bitvec/alloc) >= 1.0.0 with crate(bitvec/alloc) < 2.0.0~) (crate(bitvec/default) >= 1.0.0 with crate(bitvec/default) < 2.0.0~) (crate(camino/default) >= 1.1.0 with crate(camino/default) < 2.0.0~) (crate(clap/default) >= 4.3.0 with crate(clap/default) < 5.0.0~) (crate(clap/derive) >= 4.3.0 with crate(clap/derive) < 5.0.0~) (crate(clap/env) >= 4.3.0 with crate(clap/env) < 5.0.0~) (crate(codespan-reporting/default) >= 0.11.0 with crate(codespan-reporting/default) < 0.12.0~) (crate(codespan/default) >= 0.11.0 with crate(codespan/default) < 0.12.0~) (crate(crossbeam/default) >= 0.8.0 with crate(crossbeam/default) < 0.9.0~) (crate(fern/default) >= 0.6.0 with crate(fern/default) < 0.7.0~) (crate(gix) >= 0.55.0 with crate(gix) < 0.56.0~) (crate(gix/blocking-http-transport-reqwest) >= 0.55.0 with crate(gix/blocking-http-transport-reqwest) < 0.56.0~) (crate(gix/blocking-network-client) >= 0.55.0 with crate(gix/blocking-network-client) < 0.56.0~) (crate(gix/interrupt) >= 0.55.0 with crate(gix/interrupt) < 0.56.0~) (crate(gix/reqwest-for-configuration-only) >= 0.55.0 with crate(gix/reqwest-for-configuration-only) < 0.56.0~) (crate(gix/worktree-mutation) >= 0.55.0 with crate(gix/worktree-mutation) < 0.56.0~) (crate(globset/default) >= 0.4.0 with crate(globset/default) < 0.5.0~) (crate(goblin) >= 0.7.0 with crate(goblin) < 0.8.0~) (crate(goblin/elf32) >= 0.7.0 with crate(goblin/elf32) < 0.8.0~) (crate(goblin/elf64) >= 0.7.0 with crate(goblin/elf64) < 0.8.0~) (crate(goblin/mach32) >= 0.7.0 with crate(goblin/mach32) < 0.8.0~) (crate(goblin/mach64) >= 0.7.0 with crate(goblin/mach64) < 0.8.0~) (crate(goblin/pe32) >= 0.7.0 with crate(goblin/pe32) < 0.8.0~) (crate(goblin/pe64) >= 0.7.0 with crate(goblin/pe64) < 0.8.0~) (crate(home/default) >= 0.5.0 with crate(home/default) < 0.6.0~) (crate(krates/default) >= 0.15.0 with crate(krates/default) < 0.16.0~) (crate(krates/targets) >= 0.15.0 with crate(krates/targets) < 0.16.0~) (crate(log/default) >= 0.4.0 with crate(log/default) < 0.5.0~) (crate(nu-ansi-term/default) >= 0.49.0 with crate(nu-ansi-term/default) < 0.50.0~) (crate(parking_lot/default) >= 0.12.0 with crate(parking_lot/default) < 0.13.0~) (crate(rayon/default) >= 1.4.0 with crate(rayon/default) < 2.0.0~) (crate(reqwest) >= 0.11.0 with crate(reqwest) < 0.12.0~) (crate(ring/default) >= 0.17.0 with crate(ring/default) < 0.18.0~) (crate(rustsec) >= 0.28.0 with crate(rustsec) < 0.29.0~) (crate(semver/default) >= 1.0.0 with crate(semver/default) < 2.0.0~) (crate(serde/default) >= 1.0.0 with crate(serde/default) < 2.0.0~) (crate(serde/derive) >= 1.0.0 with crate(serde/derive) < 2.0.0~) (crate(serde_json/default) >= 1.0.0 with crate(serde_json/default) < 2.0.0~) (crate(smallvec/default) >= 1.9.0 with crate(smallvec/default) < 2.0.0~) (crate(spdx/default) >= 0.10.0 with crate(spdx/default) < 0.11.0~) (crate(strum/default) >= 0.25.0 with crate(strum/default) < 0.26.0~) (crate(strum/derive) >= 0.25.0 with crate(strum/derive) < 0.26.0~) (crate(tame-index) >= 0.7.0 with crate(tame-index) < 0.8.0~) (crate(tame-index/git) >= 0.7.0 with crate(tame-index/git) < 0.8.0~) (crate(tame-index/sparse) >= 0.7.0 with crate(tame-index/sparse) < 0.8.0~) (crate(time) >= 0.3.0 with crate(time) < 0.4.0~) (crate(time/formatting) >= 0.3.0 with crate(time/formatting) < 0.4.0~) (crate(time/macros) >= 0.3.0 with crate(time/macros) < 0.4.0~) (crate(toml/default) >= 0.8.0 with crate(toml/default) < 0.9.0~) (crate(twox-hash) >= 1.5.0 with crate(twox-hash) < 2.0.0~) (crate(url/default) >= 2.1.0 with crate(url/default) < 3.0.0~) (crate(walkdir/default) >= 2.3.0 with crate(walkdir/default) < 3.0.0~) /usr/bin/bash cargo rust rust-cargo-deny+default-devel (rpmlib, GLIBC filtered): (crate(reqwest/rustls-tls-webpki-roots) >= 0.11.0 with crate(reqwest/rustls-tls-webpki-roots) < 0.12.0~) (crate(tame-index/default) >= 0.7.0 with crate(tame-index/default) < 0.8.0~) cargo crate(cargo-deny) rust-cargo-deny+native-certs-devel (rpmlib, GLIBC filtered): (crate(reqwest/rustls-tls-native-roots) >= 0.11.0 with crate(reqwest/rustls-tls-native-roots) < 0.12.0~) (crate(tame-index/native-certs) >= 0.7.0 with crate(tame-index/native-certs) < 0.8.0~) cargo crate(cargo-deny) rust-cargo-deny-debugsource (rpmlib, GLIBC filtered): Provides -------- cargo-deny: bundled(spdx-license-list-data) cargo-deny cargo-deny(aarch-64) rust-cargo-deny-devel: crate(cargo-deny) rust-cargo-deny-devel rust-cargo-deny+default-devel: crate(cargo-deny/default) rust-cargo-deny+default-devel rust-cargo-deny+native-certs-devel: crate(cargo-deny/native-certs) rust-cargo-deny+native-certs-devel rust-cargo-deny-debugsource: rust-cargo-deny-debugsource rust-cargo-deny-debugsource(aarch-64) Generated by fedora-review 0.10.0 (e79b66b) last change: 2023-07-24 Command line :/usr/bin/fedora-review --no-colors --prebuilt --rpm-spec --name rust-cargo-deny --mock-config /var/lib/copr-rpmbuild/results/configs/child.cfg Buildroot used: fedora-rawhide-aarch64 Active plugins: Generic, C/C++, Shell-api Disabled plugins: Java, Haskell, Perl, fonts, Python, SugarActivity, R, PHP, Ocaml Disabled flags: EXARCH, EPEL6, EPEL7, DISTTAG, BATCH -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2248784 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202248784%23c3 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue