review-o-matic : Fedora package review helper
Toshio Kuratomi
a.badger at gmail.com
Sat Nov 1 17:33:47 UTC 2008
Orcan Ogetbil wrote:
> What is the status of this project? Did anyone started out writing some code? I want to contribute to this. Is there a webpage?
>
> My opinion on this idea is, we should first write a script that displays 3 different kind of outputs:
>
> 1- Pure automatic checks: sha1sums, %files etc. -> Display results
I agree with the three broad categories that you have but please
remember that sha1sums are only a semi-automatic check. sha1sums of the
included tarball can be run against the source URLs listed in the spec
file but those Source URLs must be checked by a human. A computer will
gloss over::
Source0: http://crackz.com/foo.tar.gz
but a human can check via google, mailing lists, and other distros to
see that the Source url is canonical.
> 2- Semi-automatic checks: For instance, the script will check for static libraries in the build. -> Display results (If there are static libraries then it will warn the reviewer so he can check for the necessity of them.)
> 3- Purely manual checks: Not everything in the guidelines is easy to implement. Hence after the script is done, it will tell the reviewer what else needs to be checked manually.
>
> As time goes more features can be implemented and more items from 3 can be shifted into 1 or 2. We will need to build a powerful parser. I think some code can be borrowed from rpmlint.
>
-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20081101/2efad523/attachment.bin
More information about the devel
mailing list