https://bugzilla.redhat.com/show_bug.cgi?id=2442346
Ben Beasley <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|[email protected] |[email protected] CC| |[email protected], | |[email protected] Flags| |fedora-review? Status|NEW |ASSIGNED --- Comment #3 from Ben Beasley <[email protected]> --- Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated The spec file is exactly as generated by rust2rpm with no configuration file, except for rpmautospec macro expansion; this greatly simplifies the review. Issues: ======= - Package does not contain duplicates in %files. Note: warning: File listed twice: /usr/share/cargo/registry/unsend-0.2.1/CHANGELOG.md See: https://docs.fedoraproject.org/en-US/packaging- guidelines/#_duplicate_files OK: not a serious problem; due to reasonable design decisions in rust2rpm. ---- From LICENSE-THIRD-PARTY, > unsend is partially derived from smol by Stjepan Glavina and contributors, > which is > licensed under the MIT License or the Apache 2.0 license. Both license > notices are > replicated below. It seems to me that if there is enough content from smol to replicate its license texts, then this should also be reflected in the license expression. I suggested this upstream in https://github.com/notgull/unsend/pull/13, and it can be implemented downstream by something like this in rust2rpm.toml: [package] cargo-toml-patch-comments = [ """ Add terms for code derived from smol to the overall SPDX expression: https://github.com/notgull/unsend/pull/13 """, ] and then using "rust2rpm -p" to replace license = "LGPL-3.0-or-later OR MPL-2.0" with license = "(LGPL-3.0-or-later OR MPL-2.0) AND (MIT OR Apache-2.0)" ---- The “Patron License 1.0.0,” LICENSE-PATRON.md, hasn’t been reviewed by Fedora Legal, but it’s pretty obvious that it’s not a free-software license and that it would be deemed not-allowed. This is OK since it is just one of three options. Not only that, but it’s already not present in the SPDX expression, which complies with > The normal rule in Fedora is that if a license grant is representable by an > OR expression that includes an allowed license and a license that is not > allowed, only the allowed license should be included in a spec file License > tag. from https://docs.fedoraproject.org/en-US/legal/spdx/#_spdx_license_expressions_in_fedora_license_data. Still, I think it would be even better to avoid shipping the inapplicable license file LICENSE-PATRON.md in the binary RPMs, and to remove references to it. Upstream actually dropped the Patron License option in a later, unreleased commit, so you can even cite it. Something like this in rust2rpm.toml: [[package.extra-patches]] number = 10 file = "unsend-0.2.1-remove-patron-license.patch" comments = [ """ Remove the (apparently non-free) Patron license: based on unreleased upstream commit https://github.com/notgull/unsend/commit/c407efdc1526cea6aa13ba1a7427c2c80bab6cfa """, ] and then unsend-0.2.1-remove-patron-license.patch has to be a little bit different from https://github.com/notgull/unsend/commit/c407efdc1526cea6aa13ba1a7427c2c80bab6cfa.patch in order to apply successfully to the released crate. I’ll upload a suggested patch. ===== MUST items ===== Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. However, see Issues regarding the non-free Patron License option. [!]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated", "GNU Lesser General Public License, Version 3", "*No copyright* Mozilla Public License 2.0", "*No copyright* Apache License 2.0 and/or MIT License", "*No copyright* GNU Lesser General Public License", "*No copyright* GNU Lesser General Public License, Version 3". 15 files have unknown license. Detailed output of licensecheck in /home/ben/fedora/review/2442346-rust- unsend/licensecheck.txt See Issues regarding licenses from smol in the SPDX expression. [x]: License file installed when any subpackage combination is installed. [-]: If the package is under multiple licenses, the licensing breakdown must be documented in the spec. [x]: %build honors applicable compiler flags or justifies otherwise. [x]: Package contains no bundled libraries or specifies bundled libraries with Provides: bundled(<libname>) if unbundling is not possible. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [x]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Package is not known to require an ExcludeArch tag. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: No rpmlint messages. [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: The License field must be a valid SPDX expression. [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 0 bytes in 0 files. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [-]: Fully versioned dependency in subpackages if applicable. Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in rust- unsend-devel , rust-unsend+default-devel , rust-unsend+alloc-devel , rust-unsend+async-task-devel , rust-unsend+atomic-waker-devel , rust- unsend+concurrent-queue-devel , rust-unsend+executor-devel , rust- unsend+futures-lite-devel , rust-unsend+slab-devel , rust-unsend+std- devel [x]: Package functions as described. (tests pass) [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. [x]: Package should compile and build into binary rpms on all supported architectures. https://koji.fedoraproject.org/koji/taskinfo?taskID=142884351 [x]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [!]: Spec file according to URL is the same as in SRPM. Note: Spec file as given by url is not the same as in SRPM (see attached diff). See: (this test has no URL) [x]: Rpmlint is run on all installed packages. Note: No rpmlint messages. Rpmlint ------- Checking: rust-unsend-devel-0.2.1-1.fc45.noarch.rpm rust-unsend+default-devel-0.2.1-1.fc45.noarch.rpm rust-unsend+alloc-devel-0.2.1-1.fc45.noarch.rpm rust-unsend+async-task-devel-0.2.1-1.fc45.noarch.rpm rust-unsend+atomic-waker-devel-0.2.1-1.fc45.noarch.rpm rust-unsend+concurrent-queue-devel-0.2.1-1.fc45.noarch.rpm rust-unsend+executor-devel-0.2.1-1.fc45.noarch.rpm rust-unsend+futures-lite-devel-0.2.1-1.fc45.noarch.rpm rust-unsend+slab-devel-0.2.1-1.fc45.noarch.rpm rust-unsend+std-devel-0.2.1-1.fc45.noarch.rpm rust-unsend-0.2.1-1.fc45.src.rpm ============================ rpmlint session starts ============================ rpmlint: 2.8.0 configuration: /usr/lib/python3.14/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml rpmlintrc: [PosixPath('/tmp/tmpkrjumlaf')] checks: 32, packages: 11 11 packages and 0 specfiles checked; 0 errors, 0 warnings, 61 filtered, 0 badness; has taken 0.3 s Rpmlint (installed packages) ---------------------------- ============================ rpmlint session starts ============================ rpmlint: 2.8.0 configuration: /usr/lib/python3.14/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 32, packages: 10 10 packages and 0 specfiles checked; 0 errors, 0 warnings, 57 filtered, 0 badness; has taken 0.0 s Source checksums ---------------- https://crates.io/api/v1/crates/unsend/0.2.1/download#/unsend-0.2.1.crate : CHECKSUM(SHA256) this package : a53ed0f41cab22aa8d4aee9d2357a1b21cb365537d7349066c76fcd67bc3121d CHECKSUM(SHA256) upstream package : a53ed0f41cab22aa8d4aee9d2357a1b21cb365537d7349066c76fcd67bc3121d Requires -------- rust-unsend-devel (rpmlib, GLIBC filtered): (crate(pin-project-lite/default) >= 0.2.9 with crate(pin-project-lite/default) < 0.3.0~) cargo rust rust-unsend+default-devel (rpmlib, GLIBC filtered): cargo crate(unsend) crate(unsend/executor) crate(unsend/std) rust-unsend+alloc-devel (rpmlib, GLIBC filtered): cargo crate(unsend) rust-unsend+async-task-devel (rpmlib, GLIBC filtered): (crate(async-task) >= 4.4.0 with crate(async-task) < 5.0.0~) cargo crate(unsend) rust-unsend+atomic-waker-devel (rpmlib, GLIBC filtered): (crate(atomic-waker/default) >= 1.1.1 with crate(atomic-waker/default) < 2.0.0~) cargo crate(unsend) rust-unsend+concurrent-queue-devel (rpmlib, GLIBC filtered): (crate(concurrent-queue) >= 2.2.0 with crate(concurrent-queue) < 3.0.0~) cargo crate(unsend) rust-unsend+executor-devel (rpmlib, GLIBC filtered): cargo crate(unsend) crate(unsend/alloc) crate(unsend/async-task) crate(unsend/atomic-waker) crate(unsend/concurrent-queue) crate(unsend/futures-lite) crate(unsend/slab) rust-unsend+futures-lite-devel (rpmlib, GLIBC filtered): (crate(futures-lite) >= 1.13.0 with crate(futures-lite) < 2.0.0~) cargo crate(unsend) rust-unsend+slab-devel (rpmlib, GLIBC filtered): (crate(slab) >= 0.4.8 with crate(slab) < 0.5.0~) cargo crate(unsend) rust-unsend+std-devel (rpmlib, GLIBC filtered): cargo crate(unsend) crate(unsend/alloc) Provides -------- rust-unsend-devel: crate(unsend) rust-unsend-devel rust-unsend+default-devel: crate(unsend/default) rust-unsend+default-devel rust-unsend+alloc-devel: crate(unsend/alloc) rust-unsend+alloc-devel rust-unsend+async-task-devel: crate(unsend/async-task) rust-unsend+async-task-devel rust-unsend+atomic-waker-devel: crate(unsend/atomic-waker) rust-unsend+atomic-waker-devel rust-unsend+concurrent-queue-devel: crate(unsend/concurrent-queue) rust-unsend+concurrent-queue-devel rust-unsend+executor-devel: crate(unsend/executor) rust-unsend+executor-devel rust-unsend+futures-lite-devel: crate(unsend/futures-lite) rust-unsend+futures-lite-devel rust-unsend+slab-devel: crate(unsend/slab) rust-unsend+slab-devel rust-unsend+std-devel: crate(unsend/std) rust-unsend+std-devel Diff spec file in url and in SRPM --------------------------------- --- /home/ben/fedora/review/2442346-rust-unsend/srpm/rust-unsend.spec 2026-03-01 07:12:08.121965332 +0000 +++ /home/ben/fedora/review/2442346-rust-unsend/srpm-unpacked/rust-unsend.spec 2026-02-24 00:00:00.000000000 +0000 @@ -1,2 +1,12 @@ +## START: Set by rpmautospec +## (rpmautospec version 0.8.3) +## RPMAUTOSPEC: autorelease, autochangelog +%define autorelease(e:s:pb:n) %{?-p:0.}%{lua: + release_number = 1; + base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}")); + print(release_number + base_release_number - 1); +}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}} +## END: Set by rpmautospec + # Generated by rust2rpm 28 %bcond check 1 @@ -168,3 +178,6 @@ %changelog -%autochangelog +## START: Generated by rpmautospec +* Tue Feb 24 2026 Andreas Schneider <[email protected]> - 0.2.1-1 +- Initial package version 0.2.1 +## END: Generated by rpmautospec Generated by fedora-review 0.11.0 (05c5b26) last change: 2025-11-29 Command line :/usr/bin/fedora-review -b 2442346 Buildroot used: fedora-rawhide-x86_64 Active plugins: Generic, Shell-api Disabled plugins: PHP, Java, R, Ocaml, Python, fonts, Haskell, Perl, C/C++, SugarActivity Disabled flags: EXARCH, EPEL6, EPEL7, DISTTAG, BATCH -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2442346 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202442346%23c3 -- _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
