https://bugzilla.redhat.com/show_bug.cgi?id=1672601
Bug ID: 1672601 Summary: Review Request: rubygem-bcrypt_pbkdf - OpenBSD's bcrypt_pdkfd (a variant of PBKDF2 with bcrypt-based PRF) Product: Fedora Version: rawhide Hardware: All OS: Linux Status: NEW Component: Package Review Severity: medium Priority: medium Assignee: nobody@fedoraproject.org Reporter: pvalena@redhat.com QA Contact: extras-qa@fedoraproject.org CC: package-review@lists.fedoraproject.org Target Milestone: --- Classification: Fedora
Spec URL: https://copr-be.cloud.fedoraproject.org/results/pvalena/rubygems/fedora-rawh... SRPM URL: https://copr-be.cloud.fedoraproject.org/results/pvalena/rubygems/fedora-rawh... Description: This gem implements bcrypt_pdkfd (a variant of PBKDF2 with bcrypt-based PRF). Fedora Account System Username: pvalena
COPR build: https://copr.fedorainfracloud.org/coprs/pvalena/rubygems/build/854266/ Koji build: https://koji.fedoraproject.org/koji/taskinfo?taskID=32541593
https://bugzilla.redhat.com/show_bug.cgi?id=1672601
Robert-André Mauchin zebob.m@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED CC| |zebob.m@gmail.com Assignee|nobody@fedoraproject.org |zebob.m@gmail.com Flags| |fedora-review?
--- Comment #1 from Robert-André Mauchin zebob.m@gmail.com --- - Source0 should be a URL
Source0: https://rubygems.org/downloads/%%7Bgem_name%7D-%%7Bversion%7D.gem
- Some of the code is ASD and ISC: add it to the license field and add a comment explaining the license breakdown:
BSD 2-clause "Simplified" License --------------------------------- bcrypt_pbkdf-1.0.0/ext/mri/hash_sha512.c
BSD 4-clause "Original" or "Old" License ---------------------------------------- bcrypt_pbkdf-1.0.0/ext/mri/blf.h bcrypt_pbkdf-1.0.0/ext/mri/blowfish.c
ISC License ----------- bcrypt_pbkdf-1.0.0/ext/mri/bcrypt_pbkdf.c
Package Review ==============
Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed
===== MUST items =====
C/C++: [-]: Provides: bundled(gnulib) in place as required. Note: Sources not installed [x]: Package does not contain kernel modules. [x]: Package contains no static executables. [x]: Development (unversioned) .so files in -devel subpackage, if present. Note: Unversioned so-files in private %_libdir subdirectory (see attachment). Verify they are not in ld path. [x]: If your application is a C or C++ application you must list a BuildRequires against gcc, gcc-c++ or clang. [x]: Header files in -devel subpackage, if present. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs.
Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [!]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "BSD 4-clause "Original" or "Old" License", "BSD 2-clause "Simplified" License", "Expat License", "Unknown or generated", "ISC License". 18 files have unknown license. Detailed output of licensecheck in /home/bob/packaging/review/rubygem-bcrypt_pbkdf /review-rubygem-bcrypt_pbkdf/licensecheck.txt [x]: License file installed when any subpackage combination is installed. [x]: %build honors applicable compiler flags or justifies otherwise. [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. Note: rm -rf %{buildroot} present but not required [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [-]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Useful -debuginfo package or justification otherwise. [x]: Package is not known to require an ExcludeArch tag. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: Package requires other packages for directories it uses. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 0 bytes in 0 files. [x]: Packages must not store files under /srv, /opt or /usr/local
Ruby: [x]: Platform dependent files must all go under %{gem_extdir_mri}, platform independent under %{gem_dir}. [x]: Gem package must not define a non-gem subpackage [x]: Macro %{gem_extdir} is deprecated. [x]: Gem package is named rubygem-%{gem_name} [x]: Package contains BuildRequires: rubygems-devel. [x]: Gem package must define %{gem_name} macro. [x]: Package does not contain Requires: ruby(abi).
===== SHOULD items =====
Generic: [-]: Avoid bundling fonts in non-fonts packages. Note: Package contains font files [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [-]: Fully versioned dependency in subpackages if applicable. Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in rubygem- bcrypt_pbkdf-doc , rubygem-bcrypt_pbkdf-debuginfo , rubygem- bcrypt_pbkdf-debugsource [?]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [-]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: Package should compile and build into binary rpms on all supported architectures. [x]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified.
Ruby: [!]: Gem should use %gem_install macro. [x]: Gem package should exclude cached Gem. [x]: gems should not require rubygems package [x]: Specfile should use macros from rubygem-devel package. [x]: Test suite should not be run by rake. [x]: Test suite of the library should be run.
===== EXTRA items =====
Generic: [x]: Rpmlint is run on debuginfo package(s). Note: There are rpmlint messages (see attachment). [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Spec file according to URL is the same as in SRPM.
Rpmlint ------- Checking: rubygem-bcrypt_pbkdf-1.0.0-1.fc30.x86_64.rpm rubygem-bcrypt_pbkdf-doc-1.0.0-1.fc30.noarch.rpm rubygem-bcrypt_pbkdf-debuginfo-1.0.0-1.fc30.x86_64.rpm rubygem-bcrypt_pbkdf-debugsource-1.0.0-1.fc30.x86_64.rpm rubygem-bcrypt_pbkdf-1.0.0-1.fc30.src.rpm rubygem-bcrypt_pbkdf.x86_64: W: spelling-error Summary(en_US) bcrypt -> crypt, b crypt rubygem-bcrypt_pbkdf.x86_64: W: spelling-error Summary(en_US) pdkfd rubygem-bcrypt_pbkdf.x86_64: W: spelling-error %description -l en_US bcrypt -> crypt, b crypt rubygem-bcrypt_pbkdf.x86_64: W: spelling-error %description -l en_US pdkfd rubygem-bcrypt_pbkdf.x86_64: W: no-documentation rubygem-bcrypt_pbkdf.x86_64: E: zero-length /usr/lib64/gems/ruby/bcrypt_pbkdf-1.0.0/gem.build_complete rubygem-bcrypt_pbkdf-doc.noarch: W: spelling-error Summary(en_US) bcrypt -> crypt, b crypt rubygem-bcrypt_pbkdf-doc.noarch: W: spelling-error Summary(en_US) pbkdf rubygem-bcrypt_pbkdf-doc.noarch: W: spelling-error %description -l en_US bcrypt -> crypt, b crypt rubygem-bcrypt_pbkdf-doc.noarch: W: spelling-error %description -l en_US pbkdf rubygem-bcrypt_pbkdf-debuginfo.x86_64: W: spelling-error Summary(en_US) bcrypt -> crypt, b crypt rubygem-bcrypt_pbkdf-debuginfo.x86_64: W: spelling-error Summary(en_US) pbkdf rubygem-bcrypt_pbkdf-debuginfo.x86_64: W: spelling-error %description -l en_US bcrypt -> crypt, b crypt rubygem-bcrypt_pbkdf-debuginfo.x86_64: W: spelling-error %description -l en_US pbkdf rubygem-bcrypt_pbkdf-debugsource.x86_64: W: spelling-error Summary(en_US) bcrypt -> crypt, b crypt rubygem-bcrypt_pbkdf-debugsource.x86_64: W: spelling-error Summary(en_US) pbkdf rubygem-bcrypt_pbkdf-debugsource.x86_64: W: spelling-error %description -l en_US bcrypt -> crypt, b crypt rubygem-bcrypt_pbkdf-debugsource.x86_64: W: spelling-error %description -l en_US pbkdf rubygem-bcrypt_pbkdf.src: W: spelling-error Summary(en_US) bcrypt -> crypt, b crypt rubygem-bcrypt_pbkdf.src: W: spelling-error Summary(en_US) pdkfd rubygem-bcrypt_pbkdf.src: W: spelling-error %description -l en_US bcrypt -> crypt, b crypt rubygem-bcrypt_pbkdf.src: W: spelling-error %description -l en_US pdkfd 5 packages and 0 specfiles checked; 1 errors, 21 warnings.
Product: Fedora Version: rawhide Component: Package Review
Package Review package-review@lists.fedoraproject.org has canceled Package Review package-review@lists.fedoraproject.org's request for Robert-André Mauchin 🐧 zebob.m@gmail.com's needinfo: Bug 1672601: Review Request: rubygem-bcrypt_pbkdf - OpenBSD's bcrypt_pdkfd (a variant of PBKDF2 with bcrypt-based PRF) https://bugzilla.redhat.com/show_bug.cgi?id=1672601
--- Comment #3 from Package Review package-review@lists.fedoraproject.org --- This is an automatic action taken by review-stats script.
The ticket reviewer failed to clear the NEEDINFO flag in a month. As per https://fedoraproject.org/wiki/Policy_for_stalled_package_reviews we reset the status and the assignee of this ticket.
https://bugzilla.redhat.com/show_bug.cgi?id=1672601
Pavel Valena pvalena@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Comment|0 |updated
--- Comment #0 has been edited ---
Spec URL: https://raw.githubusercontent.com/fedora-distgit/rubygem-bcrypt_pbkdf/rawhid... SRPM URL: https://raw.githubusercontent.com/fedora-distgit/rubygem-bcrypt_pbkdf/rawhid... Description: This gem implements bcrypt_pdkfd (a variant of PBKDF2 with bcrypt-based PRF). Fedora Account System Username: pvalena
COPR build: https://copr.fedorainfracloud.org/coprs/build/2336156 Koji scratch-build: https://koji.fedoraproject.org/koji/taskinfo?taskID=72312098
https://bugzilla.redhat.com/show_bug.cgi?id=1672601
--- Comment #4 from Pavel Valena pvalena@redhat.com --- I've fixed the Spec file and updated links in Description.
https://bugzilla.redhat.com/show_bug.cgi?id=1672601
Pavel Valena pvalena@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Comment|0 |updated
--- Comment #0 has been edited ---
Spec URL: https://raw.githubusercontent.com/fedora-distgit/rubygem-bcrypt_pbkdf/rawhid... SRPM URL: https://raw.githubusercontent.com/fedora-distgit/rubygem-bcrypt_pbkdf/rawhid... Description: This gem implements bcrypt_pdkfd (a variant of PBKDF2 with bcrypt-based PRF). Fedora Account System Username: pvalena
COPR build: https://copr.fedorainfracloud.org/coprs/build/2340844 Koji scratch-build: https://koji.fedoraproject.org/koji/taskinfo?taskID=72405887
https://bugzilla.redhat.com/show_bug.cgi?id=1672601
Pavel Valena pvalena@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flags| |fedora-review?
https://bugzilla.redhat.com/show_bug.cgi?id=1672601
Pavel Valena pvalena@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flags|fedora-review? |
https://bugzilla.redhat.com/show_bug.cgi?id=1672601
Robert-André Mauchin 🐧 zebob.m@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |POST Assignee|nobody@fedoraproject.org |zebob.m@gmail.com Flags| |fedora-review+
--- Comment #5 from Robert-André Mauchin 🐧 zebob.m@gmail.com --- Package approved.
https://bugzilla.redhat.com/show_bug.cgi?id=1672601
--- Comment #6 from Pavel Valena pvalena@redhat.com --- Thanks!
https://bugzilla.redhat.com/show_bug.cgi?id=1672601
--- Comment #7 from Gwyn Ciesla gwync@protonmail.com --- (fedscm-admin): The Pagure repository was created at https://src.fedoraproject.org/rpms/rubygem-bcrypt_pbkdf
https://bugzilla.redhat.com/show_bug.cgi?id=1672601
Pavel Valena pvalena@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |RAWHIDE Status|POST |CLOSED Fixed In Version| |rubygem-bcrypt_pbkdf-1.1.0- | |1.fc35 Last Closed| |2021-07-31 08:29:59
package-review@lists.fedoraproject.org