[Bug 507083] Review Request: poco - C++ class libraries for network-centric applications

bugzilla at redhat.com bugzilla at redhat.com
Wed Nov 4 23:04:19 UTC 2009 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=507083





--- Comment #13 from Michal Schmidt <mschmidt at redhat.com>  2009-11-04 18:04:18 EDT ---
Hello Maxim,

thanks for updating the package. At the same time I've been doing a detailed
review of your previous version (1.3.5-2). I found several problems. Here are
my results so far.

rpmlint output:
poco-doc.x86_64: W: wrong-file-end-of-line-encoding
/usr/share/doc/poco-doc-1.3.5/css/styles.css
poco-doc.x86_64: W: wrong-file-end-of-line-encoding
/usr/share/doc/poco-doc-1.3.5/css/prettify.css
poco-mysql.x86_64: W: no-documentation
poco-odbc.x86_64: W: no-documentation
poco-testing.x86_64: W: no-documentation
poco-zip.x86_64: W: no-documentation
poco.src: W: no-buildroot-tag
9 packages and 0 specfiles checked; 0 errors, 7 warnings.

All these rpmlint warning can be ignored. Though the BuildRoot tag might be
useful to add if you are going to have an EL-5 branch too.

Let's see if the package meets Review Guidelines
( http://fedoraproject.org/wiki/Packaging:ReviewGuidelines ):

OK rpmlint
OK name meets Package Naming Guidelines
   (Personally I preferred the original name of "poco-testing",
    i.e. "poco-debug", because it has a precedent in "kernel-debug",
    but it's not a strong requirement. I'll leave the decision to you.)
OK the spec file name matches the base package name
Package must meet the Packaging Guidelines:
  BAD versioning: please use %{?dist} (not %{dist}) in the Release field.
  OK licensing ("Boost" is an approved license)
  BAD pre-built binaries found in the source tarball:
    Crypto/include/Poco/.DS_Store
    Crypto/include/Poco/._.DS_Store
    These must be removed during the %prep step. You should also ask upstream
    to remove them from future releases. (See
http://fedoraproject.org/wiki/Packaging/Guidelines#No_inclusion_of_pre-built_binaries_or_libraries
)
  OK spec is legible
  OK architecture support
  OK filesystem layout (FHS)
  OK changelog entries
  OK tags
  OK buildroot cleaned for %install
  OK buildroot cleaned in %clean
  OK Requires
  OK no PreReq
  OK no file dependencies outside allowed dirs
  OK BuildRequires
  OK Summary and Description (English, descriptive, no trademarks)
  OK encoding (ASCII)
  OK documentation (main documentation is split into *-doc)
  BAD compilation does not respect Fedora's compiler flags (%{optflags})
    While observing the running build process, I could not see any mention of
    FORTIFY_SOURCE, stack-protector, etc. on the command lines of g++
    invocations.
  OK debuginfo
  OK devel package
  OK subpackages require base package with fully versioned dep
  OK ldconfig
  OK no static lib
  BAD duplication of system libraries:
    poco-1.3.5-all/Foundation/src/ contains internal copies
    of zlib and pcre libraries.
    poco-1.3.5-all/XML/src/ contains a copy of expat.
    poco-1.3.5-all/Data/SQLite/src/ contains a copy of sqlite (the whole in
    a single 3.5 MB source *.c file!)
    The package must be modified to use system libraries. (See
http://fedoraproject.org/wiki/Packaging/Guidelines#Duplication_of_system_libraries
)
  OK no rpath
  N/A config files
  N/A initscripts
  N/A desktop files
  OK macro usage
  N/A locale files
  N/A timestamps
  OK parallel make
  OK scriptlets
  N/A conditional deps
  OK file and dir ownership
  OK file permissions
  N/A users and groups
  N/A web apps
  OK no conflicts
  OK no kernel modules
  OK no files in /srv
  OK no bundling of multiple projects (combining the -all and -doc tarballs
     is acceptable, they're a single project)
  N/A bug links and comments for patches
  OK no epoch
  N/A no symlink hackery
OK License field matches actual license (Boost)
OK LICENSE file is packaged as %doc
OK spec file is written in American English (AFAICT)
OK sources match upstream source. sha256sums:
   88bce8880bd380c2ca600cf170388eb0180b0c46fe500240efecc05bc62c618a
   poco-1.3.5-all.tar.bz2
   48465ad08c9114f0fa16835344e775714fdebe93a564f4ce9b9843454aa48225
   poco-1.3.5-doc.tar.gz
OK package builds in Koji on all primary architectures
OK package contains code or permissible content
OK large doc in -doc subpackage
OK missing doc should not affect runtime
OK headers are in -devel
N/A no pkgconfig files
OK .so files in -devel
OK no .la files

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the package-review mailing list