https://bugzilla.redhat.com/show_bug.cgi?id=2440262
--- Comment #15 from Tyler Fanelli <[email protected]> --- Thanks, I've addressed your comments. (In reply to Ben Beasley from comment #12) > Hmm, this doesn’t seem to be published on crates.io; > https://crates.io/crates/krun-awsnitro-eif-ctl doesn’t exist. Crate > libraries *MUST* be packaged from crates.io sources, > https://docs.fedoraproject.org/en-US/packaging-guidelines/Rust/ > #_package_sources. > > On the other hand, your spec file shows you’re only packaging the tool, > krun-awsnitro-eif-ctl, with no -devel binary package providing a crate > library interface, so you can still package this under non-crate project > guidelines. > I've done so, and modified the spec file as necessary. The package guidelines state: "Packages for Rust crates from crates.io MUST use rust-$crate as the name of the source package (where $crate is the name of the project on crates.io)." So I'm assuming if the package does *not* come from crates.io (like in this case), it should drop the "rust-" prefix. I've dropped the prefix. > > I’m surprised to see that a manual “BuildRequires: openssl-devel” is > required, rather than the dependency being brought in via something like the > openssl or native-tls crates, but I haven’t looked at the source code to > understand whether this is justified. I used an old spec file as a base for this one, and that required openssl-devel. I've removed that BuildRequire. > > This is a bit of a red flag: > > Source0: %{name}-%{version}.tar.gz > > Normally, this should be a link to an archive hosted on an upstream forge or > VCS interface, or on an official upstream download page. In the rare cases > where that’s not possible, there should be a comment explaining where the > source code archive comes from and how to reproduce it. In this case, it > looks like you have probably written this package specifically for inclusion > in Fedora, which is just fine. It’s still a bit weird for, if I understand > correctly, the archive uploaded to Fedora’s lookaside cache to be the sole > public “upstream” release process. Fixed to point to the upstream release. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2440262 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202440262%23c15 -- _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
