https://bugzilla.redhat.com/show_bug.cgi?id=2258366

--- Comment #2 from Sergio Basto sergio@serjux.com --- *** Bug 1981982 has been marked as a duplicate of this bug. ***

https://bugzilla.redhat.com/show_bug.cgi?id=2258366

Arthur Bols arthur@bols.dev changed:

What |Removed |Added ---------------------------------------------------------------------------- Flags| |fedora-review? Status|NEW |ASSIGNED CC| |arthur@bols.dev Doc Type|--- |If docs needed, set a value Assignee|nobody@fedoraproject.org |arthur@bols.dev

--- Comment #4 from Arthur Bols arthur@bols.dev --- I've never packaged or reviewed a Java package, so I'm completely going off the packaging guidelines. Please correct and explain if you disagree. :)

Package Review ==============

Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated

Suggestions: ============

- Use %autorelease and %autochangelog macros

Issues: =======

- Incorrect License 'BSD' (also not SPDX) I can't find any files licensed as BSD. A quick look using the licensecheck tool shows the following licenses:

GPL-2, GPL-2.0-or-later, LGPL-2.1, Apache-2.0, Apache-2.0 and/or LGPL-2.1, GPL, MIT

Some of these files are maybe not included in the binary rpm, so those licenses may be omitted.

- ExclusiveArch: %{java_arches} This is required for architecture-dependend java packages. You can also remove the `ExcludeArch:` as `%{java_arches}` only contains 64-bit arches.

- The License field must be a valid SPDX expression. Note: Not a valid SPDX expression 'BSD'. It seems that you are using the old Fedora license abbreviations. Try `license-fedora2spdx' for converting it to SPDX. See: https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_1

- Spec file could use some cleanup Many useless comments

- pom.xml file not installed See: https://docs.fedoraproject.org/en-US/packaging-guidelines/Java/#_maven_pom_x...

- bundled(bouncycastle) and bundled(json_simple) Bundled libraries are not allowed: https://docs.fedoraproject.org/en-US/packaging-guidelines/Java/#_pre_built_d...

- Patches link to upstream bugs/comments/lists or are otherwise justified. Are all patches Fedora specific or can you upstream some of them?

- rpmlint warning class-path-in-manifest /usr/share/java/biglybt/BiglyBT.jar

- Package must own all directories that it creates. Note: Directories without known owners: /usr/share/application-registry

Is this still used in newer gnome versions? I suggest removing the biglybt.applications file

===== MUST items =====

Generic: [!]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [!]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated", "GNU General Public License, Version 2", "*No copyright* Apache License 2.0", "GNU General Public License v2.0 or later", "GNU General Public License v2.0 or later [obsolete FSF postal address (Temple Place)]", "*No copyright* GNU General Public License v2.0 or later [obsolete FSF postal address (Temple Place)]", "MIT License", "GNU Lesser General Public License, Version 2.1", "GNU General Public License v2.0 or later and/or Public domain", "*No copyright* GNU General Public License v2.0 or later", "GNU General Public License", "*No copyright* GNU General Public License, Version 2 [obsolete FSF postal address (Temple Place)]", "GNU General Public License v2.0 only [obsolete FSF postal address (Temple Place)]", "GNU General Public License, Version 2 [obsolete FSF postal address (Temple Place)]". 1091 files have unknown license. Detailed output of licensecheck in /home/arthur/fedora- review/2258366-biglybt/licensecheck.txt [x]: License file installed when any subpackage combination is installed. [x]: Package requires other packages for directories it uses. Note: No known owner of /usr/share/application-registry, /usr/share/javadoc, /usr/share/java [!]: Package must own all directories that it creates. Note: Directories without known owners: /usr/share/application- registry

[-]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Package is not known to require an ExcludeArch tag. [-]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 13231 bytes in 3 files. [!]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Package contains desktop file if it is a GUI application. [x]: Package installs a %{name}.desktop using desktop-file-install or desktop-file-validate if there is such a file. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local

Java: [x]: Bundled jar/class files should be removed before build [x]: Packages have proper BuildRequires/Requires on javapackages-tools (jpackage-utils) Note: Maven packages do not need to (Build)Require jpackage-utils. It is pulled in by maven-local [x]: Javadoc documentation files are generated and included in -javadoc subpackage [x]: Javadoc subpackages should not have Requires: javapackages-tools (jpackage-utils) [x]: Javadocs are placed in %{_javadocdir}/%{name} (no -%{version} symlink)

Maven: [!]: If package contains pom.xml files install it (including metadata) even when building with ant [x]: Maven packages should use new style packaging [x]: Old add_to_maven_depmap macro is not being used

===== SHOULD items =====

Generic: [!]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [!]: Final provides and requires are sane (see attachments). [?]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [!]: Patches link to upstream bugs/comments/lists or are otherwise justified. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. [?]: Package should compile and build into binary rpms on all supported architectures. [-]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Fully versioned dependency in subpackages if applicable. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified.

Java: [x]: Package uses upstream build method (ant/maven/etc.) [x]: Packages are noarch unless they use JNI

===== EXTRA items =====

Generic: [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Spec file according to URL is the same as in SRPM.

Rpmlint ------- Checking: biglybt-3.5.0.0-1.fc41.noarch.rpm biglybt-javadoc-3.5.0.0-1.fc41.noarch.rpm biglybt-3.5.0.0-1.fc41.src.rpm =================================================================================================================== rpmlint session starts =================================================================================================================== rpmlint: 2.5.0 configuration: /usr/lib/python3.12/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml rpmlintrc: [PosixPath('/tmp/tmp9cz27ogl')] checks: 32, packages: 3

biglybt-javadoc.noarch: W: package-with-huge-docs 99% biglybt.spec:120: W: macro-in-comment %{buildroot} biglybt.spec:120: W: macro-in-comment %{_bindir} biglybt.noarch: W: class-path-in-manifest /usr/share/java/biglybt/BiglyBT.jar ============================================================================= 3 packages and 0 specfiles checked; 0 errors, 4 warnings, 11 filtered, 0 badness; has taken 5.8 s ==============================================================================

Rpmlint (installed packages) ---------------------------- ============================ rpmlint session starts ============================ rpmlint: 2.5.0 configuration: /usr/lib/python3.12/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 32, packages: 2

biglybt-javadoc.noarch: W: package-with-huge-docs 99% biglybt.noarch: W: class-path-in-manifest /usr/share/java/biglybt/BiglyBT.jar 2 packages and 0 specfiles checked; 0 errors, 2 warnings, 7 filtered, 0 badness; has taken 5.2 s

Source checksums ---------------- https://github.com/BiglySoftware/BiglyBT/archive/v3.5.0.0/BiglyBT-3.5.0.0.ta... : CHECKSUM(SHA256) this package : 71637043a8bb33243857f2e743aa2bf5091418656067d552992f75893a99a870 CHECKSUM(SHA256) upstream package : 71637043a8bb33243857f2e743aa2bf5091418656067d552992f75893a99a870

Requires -------- biglybt (rpmlib, GLIBC filtered): /usr/bin/bash mvn(org.apache.commons:commons-cli) mvn(org.apache.commons:commons-lang3) mvn(org.eclipse.swt:org.eclipse.swt)

biglybt-javadoc (rpmlib, GLIBC filtered): javapackages-filesystem

Provides -------- biglybt: application() application(biglybt.desktop) biglybt bundled(bouncycastle) bundled(json_simple) mimehandler(application/x-biglybt) mimehandler(application/x-bittorrent) mimehandler(x-scheme-handler/biglybt) mimehandler(x-scheme-handler/magnet)

biglybt-javadoc: biglybt-javadoc

Generated by fedora-review 0.10.0 (e79b66b) last change: 2023-07-24 Command line :/usr/bin/fedora-review -b 2258366 Buildroot used: fedora-rawhide-x86_64 Active plugins: Shell-api, Java, Generic Disabled plugins: PHP, fonts, Perl, Ocaml, Python, SugarActivity, C/C++, Haskell, R Disabled flags: EXARCH, EPEL6, EPEL7, DISTTAG, BATCH

Product: Fedora Version: rawhide Component: Package Review

Sergio Basto sergio@serjux.com has canceled Package Review package-review@lists.fedoraproject.org's request for Arthur Bols arthur@bols.dev's needinfo: Bug 2258366: Review Request: biglybt - A feature filled, open source, ad-free, BitTorrent client https://bugzilla.redhat.com/show_bug.cgi?id=2258366

--- Comment #6 from Sergio Basto sergio@serjux.com --- Spec URL: https://sergiomb.fedorapeople.org/biglybt/biglybt.spec SRPM URL: https://sergiomb.fedorapeople.org/biglybt/biglybt-3.7.0.0-2.fc41.src.rpm

https://bugzilla.redhat.com/show_bug.cgi?id=2258366

--- Comment #8 from Fedora Review Service fedora-review-bot@fedoraproject.org --- Copr build: https://copr.fedorainfracloud.org/coprs/build/8700886 (succeeded)

Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-rev...

Found issues:

- License file ADDITIONAL_LICENSE_INFO is not marked as %license Read more: https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuideline... - Not a valid SPDX expression 'BSD'. It seems that you are using the old Fedora license abbreviations. Try `license-fedora2spdx' for converting it to SPDX. Read more: https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_1

Please know that there can be false-positives.

--- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service

If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string.

https://bugzilla.redhat.com/show_bug.cgi?id=2258366

--- Comment #10 from Fedora Review Service fedora-review-bot@fedoraproject.org --- Created attachment 2077920 --> https://bugzilla.redhat.com/attachment.cgi?id=2077920&action=edit The .spec file difference from Copr build 8700886 to 8702216

https://bugzilla.redhat.com/show_bug.cgi?id=2258366

--- Comment #12 from Sergio Basto sergio@serjux.com --- Spec URL: https://sergiomb.fedorapeople.org/biglybt/biglybt.spec SRPM URL: https://sergiomb.fedorapeople.org/biglybt/biglybt-3.7.0.0-2.fc41.src.rpm

More fix in Licenses

https://bugzilla.redhat.com/show_bug.cgi?id=2258366

Fedora Review Service fedora-review-bot@fedoraproject.org changed:

What |Removed |Added ---------------------------------------------------------------------------- Keywords| |AutomationTriaged

--- Comment #14 from Fedora Review Service fedora-review-bot@fedoraproject.org --- Copr build: https://copr.fedorainfracloud.org/coprs/build/8702371 (succeeded)

Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-rev...

Please take a look if any issues were found.

--- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service

If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string.

https://bugzilla.redhat.com/show_bug.cgi?id=2258366

--- Comment #16 from Fedora Review Service fedora-review-bot@fedoraproject.org --- Created attachment 2078108 --> https://bugzilla.redhat.com/attachment.cgi?id=2078108&action=edit The .spec file difference from Copr build 8702371 to 8707222

https://bugzilla.redhat.com/show_bug.cgi?id=2258366

--- Comment #18 from Sergio Basto sergio@serjux.com --- Spec URL: https://sergiomb.fedorapeople.org/biglybt/biglybt.spec SRPM URL: https://sergiomb.fedorapeople.org/biglybt/biglybt-3.8.0.0-2.fc41.src.rpm

Use apache.commons.text , final spec version

https://bugzilla.redhat.com/show_bug.cgi?id=2258366

--- Comment #20 from Fedora Review Service fedora-review-bot@fedoraproject.org --- Copr build: https://copr.fedorainfracloud.org/coprs/build/8718292 (succeeded)

Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-rev...

Found issues:

- License file LICENSE.html is not marked as %license Read more: https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuideline...

Please know that there can be false-positives.

--- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service

If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string.

https://bugzilla.redhat.com/show_bug.cgi?id=2258366

--- Comment #22 from Fedora Review Service fedora-review-bot@fedoraproject.org --- Created attachment 2084575 --> https://bugzilla.redhat.com/attachment.cgi?id=2084575&action=edit The .spec file difference from Copr build 8718292 to 8896338

https://bugzilla.redhat.com/show_bug.cgi?id=2258366

Sergio Basto sergio@serjux.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |CLOSED Resolution|--- |WONTFIX Last Closed| |2025-05-10 20:07:44