https://bugzilla.redhat.com/show_bug.cgi?id=2307668 --- Comment #5 from Ankur Sinha (FranciscoD) <sanjay.ankur@xxxxxxxxx> --- Thanks for the review Fabio, (In reply to Fabio Valentini from comment #4) > Three minor things: > > - Why include so many pre-import changelog entries? They might be useful for > you (as the submitter of the review), but not really for the package itself, > especially after importing. I use a git repo for WIP packages, so these get included by rpmautospec. They are indeed very useful for me, but I drop them before the import. > - Please don't use `sed` for patching Cargo.toml. > The only *supported* way of patching Cargo.toml is with `rust2rpm -p` - all > other methods are not guaranteed to give you valid spec files. > Additionally, for many fellow packagers (me included) sed is just a bit too > magical, and a patch is much much easier to read. Cool, updated. > - Open-ended dependency version ranges like >=0.5.0 are *really* bad in the > Rust ecosystem context, and should be avoided if possible. > For example, If you know that something is compatible with versions 0.3, > 0.4, 0.5 of one of its dependencies, don't use ">=0.3" (because an update to > 0.6 could very well break everything!), use a closed range like ">=0.3,<0.6" > instead - it signals to packagers that you need to *check* for compatibility > and *explicitly* mark it as compatible. So, in this specific case, upstream pins a couple of deps to versions that are older than the versions of the deps we have in Fedora. Is pinning to old versions a common occurrence in the ecosystem too, and how should one handle this? The package builds with the version in Fedora, so I've tweaked the version pin to it for the moment. https://github.com/yoshidan/google-cloud-rust/blob/main/storage/Cargo.toml#L54 -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2307668 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202307668%23c5 -- _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
