[Bug 507083] Review Request: poco - C++ class libraries for network-centric applications
bugzilla at redhat.com
bugzilla at redhat.com
Wed Nov 4 23:04:19 UTC 2009
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=507083
--- Comment #13 from Michal Schmidt <mschmidt at redhat.com> 2009-11-04 18:04:18 EDT ---
Hello Maxim,
thanks for updating the package. At the same time I've been doing a detailed
review of your previous version (1.3.5-2). I found several problems. Here are
my results so far.
rpmlint output:
poco-doc.x86_64: W: wrong-file-end-of-line-encoding
/usr/share/doc/poco-doc-1.3.5/css/styles.css
poco-doc.x86_64: W: wrong-file-end-of-line-encoding
/usr/share/doc/poco-doc-1.3.5/css/prettify.css
poco-mysql.x86_64: W: no-documentation
poco-odbc.x86_64: W: no-documentation
poco-testing.x86_64: W: no-documentation
poco-zip.x86_64: W: no-documentation
poco.src: W: no-buildroot-tag
9 packages and 0 specfiles checked; 0 errors, 7 warnings.
All these rpmlint warning can be ignored. Though the BuildRoot tag might be
useful to add if you are going to have an EL-5 branch too.
Let's see if the package meets Review Guidelines
( http://fedoraproject.org/wiki/Packaging:ReviewGuidelines ):
OK rpmlint
OK name meets Package Naming Guidelines
(Personally I preferred the original name of "poco-testing",
i.e. "poco-debug", because it has a precedent in "kernel-debug",
but it's not a strong requirement. I'll leave the decision to you.)
OK the spec file name matches the base package name
Package must meet the Packaging Guidelines:
BAD versioning: please use %{?dist} (not %{dist}) in the Release field.
OK licensing ("Boost" is an approved license)
BAD pre-built binaries found in the source tarball:
Crypto/include/Poco/.DS_Store
Crypto/include/Poco/._.DS_Store
These must be removed during the %prep step. You should also ask upstream
to remove them from future releases. (See
http://fedoraproject.org/wiki/Packaging/Guidelines#No_inclusion_of_pre-built_binaries_or_libraries
)
OK spec is legible
OK architecture support
OK filesystem layout (FHS)
OK changelog entries
OK tags
OK buildroot cleaned for %install
OK buildroot cleaned in %clean
OK Requires
OK no PreReq
OK no file dependencies outside allowed dirs
OK BuildRequires
OK Summary and Description (English, descriptive, no trademarks)
OK encoding (ASCII)
OK documentation (main documentation is split into *-doc)
BAD compilation does not respect Fedora's compiler flags (%{optflags})
While observing the running build process, I could not see any mention of
FORTIFY_SOURCE, stack-protector, etc. on the command lines of g++
invocations.
OK debuginfo
OK devel package
OK subpackages require base package with fully versioned dep
OK ldconfig
OK no static lib
BAD duplication of system libraries:
poco-1.3.5-all/Foundation/src/ contains internal copies
of zlib and pcre libraries.
poco-1.3.5-all/XML/src/ contains a copy of expat.
poco-1.3.5-all/Data/SQLite/src/ contains a copy of sqlite (the whole in
a single 3.5 MB source *.c file!)
The package must be modified to use system libraries. (See
http://fedoraproject.org/wiki/Packaging/Guidelines#Duplication_of_system_libraries
)
OK no rpath
N/A config files
N/A initscripts
N/A desktop files
OK macro usage
N/A locale files
N/A timestamps
OK parallel make
OK scriptlets
N/A conditional deps
OK file and dir ownership
OK file permissions
N/A users and groups
N/A web apps
OK no conflicts
OK no kernel modules
OK no files in /srv
OK no bundling of multiple projects (combining the -all and -doc tarballs
is acceptable, they're a single project)
N/A bug links and comments for patches
OK no epoch
N/A no symlink hackery
OK License field matches actual license (Boost)
OK LICENSE file is packaged as %doc
OK spec file is written in American English (AFAICT)
OK sources match upstream source. sha256sums:
88bce8880bd380c2ca600cf170388eb0180b0c46fe500240efecc05bc62c618a
poco-1.3.5-all.tar.bz2
48465ad08c9114f0fa16835344e775714fdebe93a564f4ce9b9843454aa48225
poco-1.3.5-doc.tar.gz
OK package builds in Koji on all primary architectures
OK package contains code or permissible content
OK large doc in -doc subpackage
OK missing doc should not affect runtime
OK headers are in -devel
N/A no pkgconfig files
OK .so files in -devel
OK no .la files
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list