https://bugzilla.redhat.com/show_bug.cgi?id=1778390
Bug ID: 1778390 Summary: Review Request: apache-sshd - Apache SSHD Product: Fedora Version: rawhide Hardware: All OS: Linux Status: NEW Component: Package Review Severity: medium Priority: medium Assignee: nobody@fedoraproject.org Reporter: mat.booth@redhat.com QA Contact: extras-qa@fedoraproject.org CC: package-review@lists.fedoraproject.org Target Milestone: --- Classification: Fedora
Spec URL: https://fedorapeople.org/~mbooth/reviews/apache-sshd.spec SRPM URL: https://fedorapeople.org/~mbooth/reviews/apache-sshd-2.2.0-2.fc31.src.rpm
Description: Apache SSHD is a 100% pure java library to support the SSH protocols on both the client and server side.
Fedora Account System Username: mbooth
Rawhide scratch build: https://koji.fedoraproject.org/koji/taskinfo?taskID=39403213
This is a re-review for unretirement of a retired package. Accompanying releng bug is here: https://pagure.io/releng/issue/9066
https://bugzilla.redhat.com/show_bug.cgi?id=1778390
Fabio Valentini decathorpe@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |decathorpe@gmail.com
--- Comment #1 from Fabio Valentini decathorpe@gmail.com --- Hey Mat,
According to the wiki [0], package re-reviews are only necessary after 8 weeks of retirement, and this package was retired on Oct 13, which was only 7 weeks ago. So I think you can request unretirement with releng without having to go through a re-review.
But if a re-review is really necessary, I can review the package for you :)
[0]: https://fedoraproject.org/wiki/Orphaned_package_that_need_new_maintainers#Cl...
https://bugzilla.redhat.com/show_bug.cgi?id=1778390
--- Comment #2 from Mat Booth mat.booth@redhat.com --- (In reply to Fabio Valentini from comment #1)
Hey Mat,
According to the wiki [0], package re-reviews are only necessary after 8 weeks of retirement, and this package was retired on Oct 13, which was only 7 weeks ago. So I think you can request unretirement with releng without having to go through a re-review.
But if a re-review is really necessary, I can review the package for you :)
Orphaned_package_that_need_new_maintainers#Claiming_Ownership_of_a_Retired_Pa ckage
Oh! I didn't realise I could skip the review. TBH this review package is almost identical to the package in F30 and should have no rpmlint complaints -- a review should be pretty quick job if you wanted to review it :-)
https://bugzilla.redhat.com/show_bug.cgi?id=1778390
Mat Booth mat.booth@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1766626
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1766626 [Bug 1766626] BR on jgit is conditionalised
https://bugzilla.redhat.com/show_bug.cgi?id=1778390
--- Comment #3 from Mat Booth mat.booth@redhat.com --- I asked to proceed with unretirement on the releng ticket. I will leave this bug open just in case we pass the 8 week mark while we are waiting.
https://bugzilla.redhat.com/show_bug.cgi?id=1778390
Miro Hrončok mhroncok@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mhroncok@redhat.com
--- Comment #4 from Miro Hrončok mhroncok@redhat.com ---
I will leave this bug open just in case we pass the 8 week mark while we are waiting.
I think that the date you requested the unretirement counts. I.e. if releng doesn't unretire the package in couple weeks, it's not your fault and no re-review is needed. At least that how I always understood the policy. Do you think it needs clarifying?
https://bugzilla.redhat.com/show_bug.cgi?id=1778390
--- Comment #5 from Miro Hrončok mhroncok@redhat.com --- I see assembly/src/main/legal/licenses/jbcrypt.txt listed as %license. Is jbcrypt bundled?
https://bugzilla.redhat.com/show_bug.cgi?id=1778390
--- Comment #6 from Mat Booth mat.booth@redhat.com --- (In reply to Miro Hrončok from comment #5)
I see assembly/src/main/legal/licenses/jbcrypt.txt listed as %license. Is jbcrypt bundled?
See the comment attached to the License directive:
# One file has ISC licensing: # sshd-common/src/main/java/org/apache/sshd/common/config/keys/loader/openssh/kdf/BCrypt.java License: ASL 2.0 and ISC
It is one file taken from jbcrypt, with modifications specific for Apache SSHd project.
https://bugzilla.redhat.com/show_bug.cgi?id=1778390
Mat Booth mat.booth@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |RAWHIDE Last Closed| |2019-12-02 10:58:02
--- Comment #7 from Mat Booth mat.booth@redhat.com --- (In reply to Miro Hrončok from comment #4)
I will leave this bug open just in case we pass the 8 week mark while we are waiting.
I think that the date you requested the unretirement counts. I.e. if releng doesn't unretire the package in couple weeks, it's not your fault and no re-review is needed. At least that how I always understood the policy. Do you think it needs clarifying?
I don't know -- I did not actually read the policy myself :-o However it looks as though releng has already acted so I will close this bug. I am still happy to receive feedback on the package however and will make any changes accordingly.
package-review@lists.fedoraproject.org