https://bugzilla.redhat.com/show_bug.cgi?id=2250690 --- Comment #10 from Irina Boverman <iboverma@xxxxxxxxxx> --- Things To Check On Review There are many many things to check for a review. This list is provided to assist new reviewers in identifying areas that they should look for, but is by no means complete. Reviewers should use their own good judgement when reviewing packages. The items listed fall into two categories: SHOULD and MUST. MUST: rpmlint must be run on the source rpm and all binary rpms the build produces. The output should be posted in the review.footnote:[Packaging Guidelines: Use rpmlint] See attached files. MUST: The package must be named according to the Package Naming Guidelines . YES. MUST: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption. footnote:[Packaging Guidelines: Spec File Naming] . YES. MUST: The package must meet the Packaging Guidelines . IN PROGRESS. MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines . YES. MUST: The License field in the package spec file must match the actual license. footnote:[Licensing Guidelines: Valid License Short Names] YES. MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %license.footnote:[Licensing Guidelines: License Text] YES. MUST: The spec file must be written in American English. footnote:[Packaging Guidelines: Summary and description] YES. MUST: The spec file for the package MUST be legible. footnote:[Packaging Guidelines: Spec Legibility] YES. MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use sha256sum for this task as it is used by the sources file once imported into git. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this. NO, THERE IS NO UPSTREAM RELEASE VERSION 2.5.0. MUST: The package MUST successfully compile and build into binary rpms on at least one primary architecture. footnote:[Packaging Guidelines: Architecture Support] YES. MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line. footnote:[Packaging Guidelines: Architecture Build Failures] YES MUST: All build dependencies must be listed in BuildRequires. footnote:[Packaging Guidelines: Build-Time Dependencies (BuildRequires)] YES. MUST: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.footnote:[Packaging Guidelines: Handling Locale Files] N/A. MUST: Packages must NOT bundle copies of system libraries.footnote:[Packaging Guidelines: Bundling and Duplication of System Libraries] YES MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker. footnote:[Packaging Guidelines: Relocatable Packages] YES MUST: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. footnote:[Packaging Guidelines: File And Directory Ownership] YES MUST: A Fedora package must not list a file more than once in the spec file’s %files listings. (Notable exception: license texts in specific situations)footnote:[Packaging Guidelines: Duplicate Files] YES MUST: Permissions on files must be set properly. Executables should be set with executable permissions, for example. footnote:[Packaging Guidelines: File Permissions] YES MUST: Each package must consistently use macros. footnote:[Packaging Guidelines: Macros] YES MUST: The package must contain code, or permissible content. footnote:[What Can Be Packaged] YES MUST: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager’s best judgement, but is not restricted to size. Large can refer to either size or quantity). footnote:[Packaging Guidelines: Documentation] YES MUST: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. footnote:[Packaging Guidelines: Documentation] YES MUST: Static libraries must be in a -static package. footnote:[Packaging Guidelines: Packaging Static Libraries] N/A MUST: Development files must be in a -devel package. footnote:[Packaging Guidelines: Devel Packages] N/A MUST: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name}%{?_isa} = %{version}-%{release} footnote:[Packaging Guidelines: Requiring Base Package] N/A MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.footnote:[Packaging Guidelines: Packaging Static Libraries] YES MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation. footnote:[Packaging Guidelines: Desktop files] N/A MUST: Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. footnote:[Packaging Guidelines: File and Directory Ownership] YES MUST: All filenames in rpm packages must be valid UTF-8. footnote:[Packaging Guidelines: Non-ASCII Filenames] YES MUST: Packages being added to the distribution MUST NOT depend on any packages which have been marked as being deprecated. footnote:[Deprecating Packages] YES SHOULD: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. footnote:[Licensing Guidelines: License Text] YES SHOULD: The reviewer should test that the package builds in mock. footnote:[Using Mock to test package builds] ??? SHOULD: The package should compile and build into binary rpms on all supported architectures. footnote:[Packaging Guidelines: Architecture Support] NO ExcludeArch: i686 SHOULD: The reviewer should test that the package functions as described. A package should not segfault instead of running, for example. NO SHOULD: If scriptlets are used, those scriptlets must be sane. This is vague, and left up to the reviewers judgement to determine sanity. footnote:[Packaging Guidelines: Scriptlets] YES SHOULD: Usually, subpackages other than devel should require the base package using a fully versioned dependency. footnote:[Packaging Guidelines: Requiring Base Package] YES SHOULD: The placement of pkgconfig(.pc) files depends on their usecase, and this is usually for development purposes, so should be placed in a -devel pkg. A reasonable exception is that the main pkg itself is a devel tool not installed in a user runtime, e.g. gcc or gdb. footnote:[Packaging Guidelines: Pkgconfig Files] ??? SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself. footnote:[Packaging Guidelines: File and Directory Dependencies] ??? SHOULD: your package should contain man pages for binaries/scripts. If it doesn’t, work with upstream to add them where they make sense.footnote:[Packaging Guidelines: Manpages] YES -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2250690 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202250690%23c10 -- _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
