[Bug 1673393] Review Request: nodejs-antora-cli - The command line interface for Antora

bugzilla Mon, 04 Mar 2019 13:42:54 -0800

https://bugzilla.redhat.com/show_bug.cgi?id=1673393




--- Comment #5 from Robert-André Mauchin <zebo...@gmail.com> ---
I was told the bundled thingie are automated by nodejs-packaging.


 - Use

Source0:        antora-cli-%{version}.tgz
Source1:        antora-cli-tarball.sh

 - You need to take into account all the licenses of the modules you bundle:

*No copyright* BSD 3-clause "New" or "Revised" License
------------------------------------------------------
package/node_modules/sprintf-js/bower.json
package/node_modules/sprintf-js/package.json

*No copyright* Expat License
----------------------------
package/node_modules/minimist/LICENSE
package/node_modules/moment/README.md

Apache License (v2.0)
---------------------
package/node_modules/convict/LICENSE

BSD 2-clause "Simplified" License
---------------------------------
package/node_modules/esprima/LICENSE.BSD
package/node_modules/esprima/bin/esparse.js
package/node_modules/esprima/bin/esvalidate.js

BSD 3-clause "New" or "Revised" License
---------------------------------------
package/node_modules/sprintf-js/LICENSE

Expat License
-------------
package/node_modules/argparse/LICENSE
package/node_modules/camelcase-keys/license
package/node_modules/camelcase/license
package/node_modules/commander/LICENSE
package/node_modules/convict/node_modules/json5/LICENSE.md
package/node_modules/decamelize/license
package/node_modules/depd/LICENSE
package/node_modules/js-yaml/LICENSE
package/node_modules/json5/LICENSE.md
package/node_modules/lodash.clonedeep/LICENSE
package/node_modules/lodash.clonedeep/index.js
package/node_modules/map-obj/license
package/node_modules/moment/LICENSE
package/node_modules/quick-lru/license
package/node_modules/validator/LICENSE
package/node_modules/validator/validator.js
package/node_modules/validator/validator.min.js

ISC License
-----------
package/node_modules/@iarna/toml/LICENSE
package/node_modules/yargs-parser/LICENSE.txt

Mozilla Public License (v2.0)
-----------------------------
package/README.md
package/node_modules/@antora/playbook-builder/README.md

Public domain
-------------
package/node_modules/deep-freeze/LICENSE
package/node_modules/deep-freeze/readme.markdown


 Add the to the License: field and add a comment explaining the license
breakdown.

 - You should own %{nodejs_sitelib}/@%{npm_org}

%dir %{nodejs_sitelib}/@%{npm_org}

 - Test fails:

BUILDSTDERR: ++
/builddir/build/BUILDROOT/nodejs-antora-cli-2.0.0-2.fc31.x86_64//usr/bin/antora
--version
BUILDSTDERR: /var/tmp/rpm-tmp.EBuEQ7: line 32:
/builddir/build/BUILDROOT/nodejs-antora-cli-2.0.0-2.fc31.x86_64//usr/bin/antora:
No such file or directory
FAIL
+ [[ '' == 2.0.0 ]]
+ echo FAIL
+ exit 0

 It seems it's because the symlink point to an invalid location:

nodejs-antora-cli.noarch: W: dangling-relative-symlink /usr/bin/antora
../lib/node_modules/antora/@cli/bin/antora

 It should be:

ln -sf ../lib/node_modules/@%{npm_org}/%{org_subpkg}/bin/antora
%{buildroot}%{_bindir}/antora

 → Notice the @ placement

 - Remove the dot at the end of the summary:

nodejs-antora-cli.src: W: summary-ended-with-dot C The command line interface
for Antora.

 - Fix shebang → /usr/bin/node

nodejs-antora-cli.noarch: E: wrong-script-interpreter
/usr/lib/node_modules/@antora/cli/lib/cli.js /usr/bin/env node
nodejs-antora-cli.noarch: E: non-executable-script
/usr/lib/node_modules/@antora/cli/lib/cli.js 644 /usr/bin/env node





Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed


===== MUST items =====

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[!]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses
     found: "Public domain", "*No copyright* Expat License", "Unknown or
     generated", "BSD 2-clause "Simplified" License", "ISC License",
     "Apache License (v2.0)", "*No copyright* Mozilla Public License
     (v2.0)", "Expat License", "BSD 3-clause "New" or "Revised" License",
     "Mozilla Public License (v2.0)", "*No copyright* BSD 3-clause "New" or
     "Revised" License". 644 files have unknown license. Detailed output of
     licensecheck in /home/bob/packaging/review/nodejs-antora-cli/review-
     nodejs-antora-cli/licensecheck.txt
[!]: Package requires other packages for directories it uses.
     Note: No known owner of /usr/lib/node_modules/@antora
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
     names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Package is not known to require an ExcludeArch tag.
[-]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 10240 bytes in 1 files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

===== SHOULD items =====

Generic:
[-]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[?]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[!]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
     files.
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: SourceX is a working URL.
[x]: Package should compile and build into binary rpms on all supported
     architectures.
[x]: Spec use %global instead of %define unless justified.

===== EXTRA items =====

Generic:
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).
[x]: Spec file according to URL is the same as in SRPM.


Rpmlint
-------
Checking: nodejs-antora-cli-2.0.0-2.fc31.noarch.rpm
          nodejs-antora-cli-2.0.0-2.fc31.src.rpm
nodejs-antora-cli.noarch: W: summary-ended-with-dot C The command line
interface for Antora.
nodejs-antora-cli.noarch: W: only-non-binary-in-usr-lib
nodejs-antora-cli.noarch: W: dangling-relative-symlink /usr/bin/antora
../lib/node_modules/antora/@cli/bin/antora
nodejs-antora-cli.noarch: E: wrong-script-interpreter
/usr/lib/node_modules/@antora/cli/lib/cli.js /usr/bin/env node
nodejs-antora-cli.noarch: E: non-executable-script
/usr/lib/node_modules/@antora/cli/lib/cli.js 644 /usr/bin/env node
nodejs-antora-cli.noarch: W: hidden-file-or-dir
/usr/lib/node_modules/@antora/cli/node_modules/.bin
nodejs-antora-cli.noarch: W: hidden-file-or-dir
/usr/lib/node_modules/@antora/cli/node_modules/.bin
nodejs-antora-cli.noarch: W: hidden-file-or-dir
/usr/lib/node_modules/@antora/cli/node_modules/convict/node_modules/.bin
nodejs-antora-cli.noarch: W: hidden-file-or-dir
/usr/lib/node_modules/@antora/cli/node_modules/convict/node_modules/.bin
nodejs-antora-cli.noarch: W: hidden-file-or-dir
/usr/lib/node_modules/@antora/cli/node_modules/deep-freeze/.travis.yml
nodejs-antora-cli.noarch: W: hidden-file-or-dir
/usr/lib/node_modules/@antora/cli/node_modules/minimist/.travis.yml
nodejs-antora-cli.noarch: W: hidden-file-or-dir
/usr/lib/node_modules/@antora/cli/node_modules/sprintf-js/.npmignore
nodejs-antora-cli.noarch: W: no-manual-page-for-binary antora
nodejs-antora-cli.src: W: summary-ended-with-dot C The command line interface
for Antora.
nodejs-antora-cli.src:10: E: hardcoded-library-path in
%{_prefix}/lib/node_modules/@%{npm_org}/%{org_subpkg}/.*$
nodejs-antora-cli.src:53: W: macro-in-comment %{nodejs_symlink_deps}
nodejs-antora-cli.src: W: invalid-url Source0: antora-cli-2.0.0.tgz
2 packages and 0 specfiles checked; 3 errors, 14 warnings.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/package-review@lists.fedoraproject.org

[Bug 1673393] Review Request: nodejs-antora-cli - The command line interface for Antora

Reply via email to