https://bugzilla.redhat.com/show_bug.cgi?id=1228924
--- Comment #2 from Jerry James <loganje...@gmail.com> ---
Package Review
==============
Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
Issues:
=======
- Almost the entire distribution is GPLv2+, but libtools/sjson.h is GPLv3+,
which makes the binary package GPLv3+ as well.
- The package uses two directories that it does not own:
%{_libdir}/girepository-1.0
%{_datadir}/gir-1.0
The package needs to either own those directories or Requires: some package
that owns them.
- The build runs in quiet mode, which makes verifying the compiler flags
hard. Please consider either configuring with --disable-silent-rules,
or building with make V=1.
- You can save time building a static archive and then deleting it in %install
by passing --disable-static to %configure.
- The build log shows two complaints from the debuginfo generator:
cpio: megatools-1.9.95/sjson.c: Cannot stat: No such file or directory
cpio: megatools-1.9.95/sjson.gen.c: Cannot stat: No such file or directory
You can get slightly better debuginfo by adding this to the end of %install:
ln -s libtools/sjson.gen.c .
Unfortunately, the original sjson.c does not appear to be available.
- rpmlint finds binary-or-shlib-defines-rpath problems with the binaries,
which apparently means the "find ... chrpath" invocation in %install didn't
work. I don't know why not, but these approaches work:
https://fedoraproject.org/wiki/Packaging:Guidelines#Removing_Rpath
But see the next item.
- The unused-direct-shlib-dependency problems can usually be fixed by adding
-Wl,--as-needed to LDFLAGS. Unfortunately, libtool cleverly reorders link
flags and puts -Wl,--as-needed *after* the extraneous libraries, rendering
it useless. I do this after %configure in several of my packages to solve
both the previous problem and this one:
# Get rid of undesirable hardcoded runpaths; workarouond libtool reordering
# -Wl,--as-needed after all the libraries.
sed -e 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' \
-e 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' \
-e 's|CC="\(g.*\)"|CC="\1 -Wl,--as-needed"|' \
-i libtool
That still leaves a direct unused dependency from the library on
libpthread.so.0, so apparently the library does not need to be linked with
the -pthread option.
- Since TODO is an empty file, there is not much point including it in %doc.
- Consider adding a %check script. I see a couple of binaries in tests
(test-aes and test-rsa), as well as a handful of scripts.
===== MUST items =====
C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[!]: Rpath absent or only used for internal libs.
Note: See rpmlint output
[x]: Header files in -devel subpackage, if present.
[x]: ldconfig called in %post and %postun if required.
[x]: Package does not contain any libtool archives (.la)
[x]: Development (unversioned) .so files in -devel subpackage, if present.
Generic:
[x]: Package is licensed with an open-source compatible license and meets
other legal requirements as defined in the legal section of Packaging
Guidelines.
[!]: License field in the package spec file matches the actual license.
Note: Checking patched sources after %prep for licenses. Licenses
found: "GPL (v2 or later)", "GPL (v3 or later)", "Unknown or
generated". 13 files have unknown license. Detailed output of
licensecheck in /home/jamesjer/1228924-megatools/licensecheck.txt
[x]: License file installed when any subpackage combination is installed.
[!]: Package must own all directories that it creates.
Note: Directories without known owners: /usr/lib64/girepository-1.0,
/usr/share/gir-1.0
[x]: %build honors applicable compiler flags or justifies otherwise.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[x]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Useful -debuginfo package or justification otherwise.
[x]: Package is not known to require an ExcludeArch tag.
[x]: Large documentation must go in a -doc subpackage. Large could be size
(~1MB) or number of files.
Note: Documentation size is 40960 bytes in 5 files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
Note: There are rpmlint messages (see attachment).
[x]: Package requires other packages for directories it uses.
[x]: Package does not own files or directories owned by other packages.
[x]: All build dependencies are listed in BuildRequires, except for any
that are listed in the exceptions section of Packaging Guidelines.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
%{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local
===== SHOULD items =====
Generic:
[x]: If the source package does not include license text(s) as a separate
file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[?]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[x]: Scriptlets must be sane, if used.
[x]: Description and summary sections in the package spec file contains
translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
architectures.
[!]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
files.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
$RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Fully versioned dependency in subpackages if applicable.
[x]: Uses parallel make %{?_smp_mflags} macro.
[x]: The placement of pkgconfig(.pc) files are correct.
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.
===== EXTRA items =====
Generic:
[x]: Rpmlint is run on debuginfo package(s).
Note: No rpmlint messages.
[x]: Rpmlint is run on all installed packages.
Note: There are rpmlint messages (see attachment).
[x]: Large data in /usr/share should live in a noarch subpackage if package
is arched.
[x]: Spec file according to URL is the same as in SRPM.
Rpmlint
-------
Checking: megatools-1.9.95-1.fc23.x86_64.rpm
megatools-devel-1.9.95-1.fc23.x86_64.rpm
megatools-1.9.95-1.fc23.src.rpm
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megals
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megadl
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megadf
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megaput
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megafs
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megaget
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megamkdir
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megareg
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megacopy
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megarm
['/usr/lib64']
megatools.x86_64: E: zero-length /usr/share/doc/megatools/TODO
megatools-devel.x86_64: W: only-non-binary-in-usr-lib
megatools-devel.x86_64: W: no-documentation
megatools.src: W: spelling-error %description -l en_US megareg -> mega reg,
mega-reg, megastar
3 packages and 0 specfiles checked; 11 errors, 3 warnings.
Rpmlint (debuginfo)
-------------------
Checking: megatools-debuginfo-1.9.95-1.fc23.x86_64.rpm
1 packages and 0 specfiles checked; 0 errors, 0 warnings.
Rpmlint (installed packages)
----------------------------
megatools-devel.x86_64: W: only-non-binary-in-usr-lib
megatools-devel.x86_64: W: no-documentation
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megals
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megadl
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megadf
['/usr/lib64']
megatools.x86_64: W: unused-direct-shlib-dependency /usr/lib64/libmega.so.0.0.0
/lib64/libssl.so.10
megatools.x86_64: W: unused-direct-shlib-dependency /usr/lib64/libmega.so.0.0.0
/lib64/libcurl.so.4
megatools.x86_64: W: unused-direct-shlib-dependency /usr/lib64/libmega.so.0.0.0
/lib64/libpthread.so.0
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megaput
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megafs
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megaget
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megamkdir
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megareg
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megacopy
['/usr/lib64']
megatools.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/megarm
['/usr/lib64']
megatools.x86_64: E: zero-length /usr/share/doc/megatools/TODO
3 packages and 0 specfiles checked; 11 errors, 5 warnings.
Requires
--------
megatools-devel (rpmlib, GLIBC filtered):
/usr/bin/pkg-config
libmega.so.0()(64bit)
megatools(x86-64)
pkgconfig(gio-2.0)
pkgconfig(libcurl)
pkgconfig(openssl)
megatools (rpmlib, GLIBC filtered):
/sbin/ldconfig
libc.so.6()(64bit)
libcrypto.so.10()(64bit)
libcrypto.so.10(libcrypto.so.10)(64bit)
libcurl.so.4()(64bit)
libfuse.so.2()(64bit)
libfuse.so.2(FUSE_2.6)(64bit)
libgcc_s.so.1()(64bit)
libgcc_s.so.1(GCC_3.0)(64bit)
libgcc_s.so.1(GCC_3.3.1)(64bit)
libgio-2.0.so.0()(64bit)
libglib-2.0.so.0()(64bit)
libgobject-2.0.so.0()(64bit)
libmega.so.0()(64bit)
libpthread.so.0()(64bit)
libssl.so.10()(64bit)
libssl.so.10(libssl.so.10)(64bit)
rtld(GNU_HASH)
Provides
--------
megatools-devel:
megatools-devel
megatools-devel(x86-64)
pkgconfig(libmega)
megatools:
libmega.so.0()(64bit)
megatools
megatools(x86-64)
Source checksums
----------------
http://megatools.megous.com/builds/megatools-1.9.95.tar.gz :
CHECKSUM(SHA256) this package :
a46a560c8769b40f073fd27b321d6b89f8ac0f0ca73e6ed83047c2619fe6b437
CHECKSUM(SHA256) upstream package :
a46a560c8769b40f073fd27b321d6b89f8ac0f0ca73e6ed83047c2619fe6b437
http://megatools.megous.com/builds/megatools-1.9.95.tar.gz.asc :
CHECKSUM(SHA256) this package :
e001e7e0319229d03acb7ce08257f128b75cd59ddb4817cc6f7d3e5ac0c4fc00
CHECKSUM(SHA256) upstream package :
e001e7e0319229d03acb7ce08257f128b75cd59ddb4817cc6f7d3e5ac0c4fc00
Generated by fedora-review 0.6.0 (3c5c9d7) last change: 2015-05-20
Command line :/usr/bin/fedora-review -b 1228924 -m fedora-rawhide-x86_64
Buildroot used: fedora-rawhide-x86_64
Active plugins: Generic, Shell-api, C/C++
Disabled plugins: Java, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R,
PHP, Ruby
Disabled flags: EXARCH, DISTTAG, EPEL5, BATCH, EPEL6
--
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list
package-review@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-review
