https://bugzilla.redhat.com/show_bug.cgi?id=2293766
Bug ID: 2293766 Summary: Review Request: syncstar - Guest operated service for creating bootable USB storage devices at any community conference kiosk Product: Fedora Version: rawhide Hardware: All OS: Linux Status: NEW Component: Package Review Severity: medium Priority: medium Assignee: nobody@fedoraproject.org Reporter: akashdeep.dhar@gmail.com QA Contact: extras-qa@fedoraproject.org CC: package-review@lists.fedoraproject.org Target Milestone: --- Classification: Fedora
Spec URL: https://raw.githubusercontent.com/gridhead/syncstar/main/syncstar.spec SRPM URL: https://github.com/gridhead/syncstar/releases/download/0.1.0/syncstar-0.1.0a... Description: Guest operated service for creating bootable USB storage devices at any community conference kiosk Fedora Account System Username: t0xic0der
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
Fedora Review Service fedora-review-bot@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- URL| |https://github.com/gridhead | |/%{pack}
--- Comment #1 from Fedora Review Service fedora-review-bot@fedoraproject.org --- Copr build: https://copr.fedorainfracloud.org/coprs/build/7650270 (succeeded)
Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-rev...
Found issues:
- Upstream MD5sum check error, diff is in /var/lib/copr-rpmbuild/results/syncstar/diff.txt Read more: https://docs.fedoraproject.org/en-US/packaging-guidelines/SourceURL/
Please know that there can be false-positives.
--- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service
If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string.
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
Akashdeep Dhar akashdeep.dhar@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(jkadlcik@redhat.c | |om) CC| |jkadlcik@redhat.com Doc Type|--- |If docs needed, set a value
--- Comment #2 from Akashdeep Dhar akashdeep.dhar@gmail.com --- @jkadlcik@redhat.com I am not sure if I understood the issue properly but for what it is worth - my specfile makes use of pyproject-rpm-macros and hence the `Source0` has value `%{pypi_source}` corresponding to the PyPI release of the stated version. A part of my confusion also hails from not being able to see the diff file that you have linked here. Thanks for the help in advance!
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
Jakub Kadlčík jkadlcik@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(jkadlcik@redhat.c | |om) |
--- Comment #3 from Jakub Kadlčík jkadlcik@redhat.com --- Hello Akashdeep,
A part of my confusion also hails from not being able to see the diff file that you have linked here.
Totally understandable. We already merged a fix in the Copr code, it will be available on a next release.
Here is how you can reproduce the problem:
# This is your SRPM URL from Comment 0 wget https://github.com/gridhead/syncstar/releases/download/0.1.0/syncstar-0.1.0a...
# Extract it rpm2cpio syncstar-0.1.0a3-1.fc40.src.rpm | cpio -i
# Download the tarball from PyPI curl https://files.pythonhosted.org/packages/be/e1/f6d881d3b233a9ed9f2d97b7ad91bb...
upstream.tar.gz
# Compare the tarballs ls -l upstream.tar.gz syncstar-0.1.0a3.tar.gz
The two tarballs clearly differ because they have different filesize. Not sure what exactly is different in them.
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
--- Comment #4 from Akashdeep Dhar akashdeep.dhar@gmail.com --- @jkadlcik@redhat.com I am afraid the sizes will be different due to the compression applied on the static assets of the package.
I have HTML files, JavaScript files, SVG files, CSS files etc. in the codebase. I suspect that is what must have happened here.
Please check the assets from the most recent build on COPR.
Tarball URL: https://files.pythonhosted.org/packages/be/e1/f6d881d3b233a9ed9f2d97b7ad91bb... Spec URL: https://download.copr.fedorainfracloud.org/results/t0xic0der/syncstar/fedora... SRPM URL: https://download.copr.fedorainfracloud.org/results/t0xic0der/syncstar/fedora... Description: Guest operated service for creating bootable USB storage devices at any community conference kiosk Fedora Account System Username: t0xic0der
[fedora-review-service-build] - Is this how I can invoke another automatic check?
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
--- Comment #5 from Fedora Review Service fedora-review-bot@fedoraproject.org --- Created attachment 2038205 --> https://bugzilla.redhat.com/attachment.cgi?id=2038205&action=edit The .spec file difference from Copr build 7650270 to 7664538
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
Fedora Review Service fedora-review-bot@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |AutomationTriaged
--- Comment #6 from Fedora Review Service fedora-review-bot@fedoraproject.org --- Copr build: https://copr.fedorainfracloud.org/coprs/build/7664538 (succeeded)
Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-rev...
Please take a look if any issues were found.
--- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service
If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string.
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
--- Comment #7 from Jakub Kadlčík jkadlcik@redhat.com ---
Is this how I can invoke another automatic check?
Exactly. Or by pasting your new Spec URL and SRPM URL.
Please check the assets from the most recent build on COPR.
The fedora-review isn't complaining anymore so the tarballs should match now.
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
--- Comment #8 from Akashdeep Dhar akashdeep.dhar@gmail.com --- Cool. Thanks for the approval, @jkadlcik@redhat.com!
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
James Richardson jamricha@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jamricha@redhat.com Flags| |fedora-review+
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
Ankur Sinha (FranciscoD) sanjay.ankur@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |sanjay.ankur@gmail.com Flags| |needinfo?(jamricha@redhat.c | |om)
--- Comment #9 from Ankur Sinha (FranciscoD) sanjay.ankur@gmail.com --- Hi @jamricha@redhat.com : did you intend to set the fedora-review flag here? (I don't see any comments related to a review).
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
James Richardson jamricha@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flags|fedora-review+ | |needinfo?(jamricha@redhat.c | |om) |
--- Comment #10 from James Richardson jamricha@redhat.com --- Hi @sanjay.ankur@gmail.com : I was looking at this for a colleague and must have saved before entering the review comment, my mistake
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
--- Comment #11 from Jakub Kadlčík jkadlcik@redhat.com --- Hello Akashdeep, overall the package looks good, there are just a few minor issues.
%global desc Guest operated service for creating bootable USB storage devices at any community conference kiosk
The package description should be wrapped to 80 characters per line https://docs.fedoraproject.org/en-US/packaging-guidelines/#_summary_and_desc...
Summary: %{desc}
Ideally, a summary != description.
MIT License
syncstar-0.1.0a3-build/syncstar-0.1.0a3/syncstar/frontend/static/css3/bs.min.css syncstar-0.1.0a3-build/syncstar-0.1.0a3/syncstar/frontend/static/jscn/bs.min.js
The licensecheck.txt mentions these two files with the MIT license. I'm not sure if the package license should then be "AGPL-3.0-or-later AND MIT" or not.
%changelog
The changelog is meant for tracking the package changes, not upstream changes
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
--- Comment #12 from Akashdeep Dhar akashdeep.dhar@gmail.com --- Hello @jkadlcik@redhat.com,
The package description should be wrapped to 80 characters per line https://docs.fedoraproject.org/en-US/packaging-guidelines/#_summary_and_desc...
I will shorten the description.
Ideally, a summary != description.
I will probably use the current longer description as the summary here but worst-case scenario, I will still prefer to have the same string in both places.
The licensecheck.txt mentions these two files with the MIT license. I'm not sure if the package license should then be "AGPL-3.0-or-later AND MIT" or not.
I'm not sure here either as my license-fu is weak, but I think that the MIT license is permissive enough to be compatible with the AGPL-3.0-or-later license.
The changelog is meant for tracking the package changes, not upstream changes
Fair. I will remove the larger units from the changelog section and include a link to the upstream GitHub release where folks can see the release if needed.
Thanks for the review, @jkadlcik@redhat.com!
https://bugzilla.redhat.com/show_bug.cgi?id=2293766
Nils Philippsen nphilipp@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |nphilipp@redhat.com
--- Comment #13 from Nils Philippsen nphilipp@redhat.com --- Just came across this open tab 😀, so here are my 2¢:
(In reply to Akashdeep Dhar from comment #12)
Ideally, a summary != description.
I will probably use the current longer description as the summary here but worst-case scenario, I will still prefer to have the same string in both places.
As per https://docs.fedoraproject.org/en-US/packaging-guidelines/#_summary_and_desc... 😉: “The summary should be a short and concise description of the package. The description expands upon this.”
How about (wrap to 80 chars):
--- 8< --- Summary: Service to create bootable USB storage media ... %description SyncStar lets ordinary users install bootable operating systems onto USB storage media. It is intended to be deployed on kiosk appliances, for instance to offer this service to conference guests. --- >8 ---
The licensecheck.txt mentions these two files with the MIT license. I'm not sure if the package license should then be "AGPL-3.0-or-later AND MIT" or not.
I'm not sure here either as my license-fu is weak, but I think that the MIT license is permissive enough to be compatible with the AGPL-3.0-or-later license.
Here’s what https://docs.fedoraproject.org/en-US/legal/license-field/#_basic_rule has to say: “… Unless your package includes multiple binary subpackages and you opt to specify subpackage-specific License: tags, the Preamble License: tag expression should be an enumeration of all licenses found in the source code of the package, but excluding any licenses that cover material in the source code that is not copied into the binary RPM(s), either verbatim or transformed in some way (for example, by compilation). …”
I understand this to mean that it should be “AGPL-3.0-or-later AND MIT”.
package-review@lists.fedoraproject.org