I've recently submitted my first package here:
I need some pointer to figure out how to solve a few issues highlighted
by the reviewer. There's a lot of information in Fedora wiki, but it's
quite overwhelming. I've read a lot, but cannot find the information I
The problems still to be solved are:
[!]: Package does not own files or directories owned by other packages.
Note: Dirs in package are owned also by:
efivar-libs, gd, gc, libtomcrypt, gdbm, gpgme,
[!]: %build honors applicable compiler flags or justifies otherwise.
[!]: Package contains no bundled libraries without FPC exception.
[!]: Package complies to the Packaging Guidelines
BTW, rpmlint does not spot these errors.
So I've tried fedora-review and run this command in my RPM package
fedora-review --define DISTTAG=fc27 -p -n extractpdfmark
and I see that above problems are set to "manual review needed". So the
errors were spotted by the reviewer, not by any tool.
Back to above problems, the errors related to the libraries are
probably about the .build-id directory, but I cannot figure out what
should I do.
$ rpm -ql x86_64/extractpdfmark-1.0.2-1.fc27.x86_64.rpm
Thanks in advance
Meeting started by geppetto at 17:00:41 UTC. The full logs are
* Roll Call (geppetto, 17:00:41)
* Schedule (geppetto, 17:05:07)
* #654 glibc file triggers (geppetto, 17:07:34)
* ACTION: Policy changes due to glibc file triggers from the ticket
(+1:5, 0:0, -1:0) (geppetto, 17:15:03)
* #702 C/C++ guidelines should say using clang needs an exception
* Policy already says to use GCC if it's possible, which seems strong
enough. (geppetto, 17:20:34)
* #733 'users and groups' should link to prealloc. list (geppetto,
* Open Floor (geppetto, 17:25:55)
* LINK: https://pagure.io/packaging-committee/issue/725 (tibbs,
Meeting ended at 18:00:03 UTC.
* Policy changes due to glibc file triggers from the ticket (+1:5, 0:0,
Action Items, by person
* Policy changes due to glibc file triggers from the ticket (+1:5,
People Present (lines said)
* tibbs (87)
* geppetto (62)
* mbooth (18)
* limburgher (16)
* zodbot (12)
* Rathann|Mobile (9)
Generated by `MeetBot`_ 0.1.4
.. _`MeetBot`: http://wiki.debian.org/MeetBot
De: "Owen Taylor"
> I'm embarrassed to admit that before I sent my mail I carefully read over
> ... the old PackageDrafts/Go :-( My only excuse is that it was in my
> browser history.
NP, that gave you some context on where Fedora is today.
> Having actually read the relevant parts of "More Go Packaging", the
> explanation of compat packages and notification procedures does make the
> intended operation clearer,
Thank you. Do not hesitate to improve the wording in the wiki, or post suggestions here, if you have ideas on how to make it clearer, simpler or more efficient
> though the social and technical barrier to a
> packager new to Fedora will still be high if packaging their target package
> requires creating a compat package and fixing multiple other packages.
Unfortunately, packaging something in Go is still going to be harder than packaging software in another language in the near term :( I'd love to find more magic bullets.
> I still worry that Fedora is not big enough to move the status-quo in the
> Go world - to get the point where Go programs require github.com/foo/bar >=
> .2.3 and actually have been tested with a multiple versions in that range,
> not exactly the one vendored version shipped with the program.
That's a legitimate worry, yes. However given container and cloud people are massively adopting Go, that critical cloud software is now mostly written in Go, I don't think Fedora can afford to pass on Go and still stay relevant server-side. That's even more true for Fedora downstreams and Fedora's main sponsor.
So I guess it all boils down to strategic choices for Fedora and Red Hat: invest in Go packaging, even if it *is* painful, or pass, and lose relevance server-side in the near future. Red Hat certainly has the assets, with Openshift and Coreos, to influence the Go world in a Fedora-positive way. I don't know if it will choose, or manage, to leverage them. It can not fail to notice the many Go projects that propose their software as Ubuntu Docker images today. It can not fail to notice that Jakub and Jan, with all their qualities, are a tad overworked and not really sufficient to pull Fedora Go forward the required amount. The Go ecosystem has just grown too big. Lastly, I understand the temptation to let Fedora and RHEL slip in favor of product lines more profitable in the near term.
On my employer's side we *do* wish to stay relevant in a Cloud world. My Go contributions are an attempt to partner with the Fedora Centos and RHEL communities on that. If the partnership does not bear fruits, and Fedora/Centos/RHEL do not move in a direction we can use, we'll have to invest elsewhere. I'd regret it but this proposal and the spec dump that will follow are just too much work to do on one's free time. And employer time requires results.
> I haven't had time to read through the entire proposal, but it certainly
> looks like a major step forward!
Please finish reading it and propose all the fixes and comments and improvements you want! Your experience is appreciated.
----- Original Message -----
> From: "Owen Taylor" <otaylor(a)redhat.com>
> To: "Development discussions related to Fedora" <devel(a)lists.fedoraproject.org>
> Cc: golang(a)lists.fedoraproject.org, "Discussion of RPM packaging standards and practices for Fedora"
> Sent: Wednesday, January 31, 2018 6:50:21 PM
> Subject: Re: <DKIM> [Fedora-packaging] Re: Proposed Fedora packaging guideline: More Go packaging
> Hi Nicolas,
> Is there a guide for Fedora packagers about how to handle unbundling for
> golang packages? The draft guidelines don't seem to go into any details.
> I've looked at packaging a few golang packages unbundled, and have
> immediately run into:
> A) lots of unpackaged dependencies
> B) dependencies that are packaged in Fedora with different, often much older
> A) is a pretty known quantity for any type of package, but I found B) more
> intimidating. It seems like to package the new package, I have to get the
> maintainer of the library to upgrade the version, and someone needs to
> rebuild everything that depends on the rebuilt library and test that the
> rebuilt packages work.
> Some tutorial showing a practical example of packaging a golang package for
> the first time I think would be very helpful.
Unfortunately this is how the situation stand thanks to the wide spread use of vendoring and generally no release and API stability in Go projects. You have to package all not packaged deps and work with other maintainers(which mostly means with Jan Chaloupka, cc'ed) to get other already packaged deps to commonly acceptable version/commit level, although it might not be even possible thanks to API breaks between commits. So you have to stick to bundling in some cases, if you really want to package that project.
> On Wed, Jan 31, 2018 at 5:30 AM, < nicolas.mailhot(a)laposte.net > wrote:
> >De: "Neal Gompa"
> > The only thing I see that might be missing is autogenerating
> > bundled(golang()) Provides when a vendor tree exists (with the
> > appropriate automatic filters on Requires).
> I had though a little about doing it but first, as many Go elements,
> vendoring relies on conventions not standards. The nasty thing about
> conventions is that they are not applied 100% the same way by everyone,
> making automation a PITA. And second interactions with autodeps can be
> nasty: you can filter out provides, but do you filter out requires? What
> about all the junk code many projects ship as testing and examples and which
> is vendored with the rest?
> I don't say it can't be done, or that it would be difficult to do once the
> rest is merged, but I'll live it to someone that absolutely want to ship a
> Go package with vendored parts.
> Right now we sidestep the issue in our packages by rm -fr ing anything that
> looks like vendored code in %prep. Unbundling takes time but it has a
> positive cumulative effect: the more you unbundle the less you need to worry
> about in other packages with the same requirements. And unbundling reveals
> code/legal problems that it would take about as much work to solve by
> auditing the vendored code manually.
> Nicolas mAilhot
> devel mailing list -- devel(a)lists.fedoraproject.org
> To unsubscribe send an email to devel-leave(a)lists.fedoraproject.org
> golang mailing list -- golang(a)lists.fedoraproject.org
> To unsubscribe send an email to golang-leave(a)lists.fedoraproject.org