[Bug 521719] Review Request: pycryptopp - Python wrappers for the Crypto++ library

bugzilla at redhat.com bugzilla at redhat.com
Mon Nov 9 15:56:00 UTC 2009 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=521719


Thomas Spura <tomspur at fedoraproject.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
                 CC|                            |tomspur at fedoraproject.org
         AssignedTo|nobody at fedoraproject.org    |tomspur at fedoraproject.org
               Flag|                            |fedora-review?




--- Comment #6 from Thomas Spura <tomspur at fedoraproject.org>  2009-11-09 10:55:58 EDT ---
It's been quite a while, since Jason wanted to review this, but set no review
flag. So I guess, I can do the review.

Package Review
==============

Key:
 - = N/A
 x = Check
 ! = Problem
 ? = Not evaluated

=== REQUIRED ITEMS ===
 [x] Package is named according to the Package Naming Guidelines.
 [x] Spec file name must match the base package %{name}, in the format
%{name}.spec.
 [x] Package meets the Packaging Guidelines
 [x] Package successfully compiles and builds into binary rpms on at least one
supported architecture.
     Tested on: 
       [] devel/i386 
       [] devel/x86_64
       [] F11/i386 
       [x] F11/x86_64
 [!] Rpmlint output:
   $ rpmlint pycryptopp.spec pycryptopp-0.5.17-1.fc11.src.rpm
x86_64/pycryptopp-*
pycryptopp.x86_64: W: incoherent-version-in-changelog 0.5.17-3
['0.5.17-1.fc11', '0.5.17-1']
3 packages and 1 specfiles checked; 0 errors, 1 warnings.

Should be 0.5.17-1 in the changelog

 [x] Buildroot is correct
     (%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n))


 [!] Package is licensed with an open-source compatible license and meets other
legal requirements as defined in the legal section of Packaging Guidelines.
 [!] License field in the package spec file matches the actual license.
     License type: GPLv2+


License looks strange. It's mostly said, that's GPLv2+, but in file 'copyright'
looks like BSD.

I'm unsure, if GPLv2+ is enought as license tag...



 [!] If (and only if) the source package includes the text of the license(s) in
its own file, then that file, containing the text of the license(s) for the
package is included in %doc.
  copyright is not in %doc
  Changelog belongs there too...



 [x] Spec file is legible and written in American English.
 [x] Sources used to build the package matches the upstream source, as provided
in the spec URL.
     Upstream source: b3d19e7203531f8bd241ae58062f99e4
     Build source:    b3d19e7203531f8bd241ae58062f99e4
 [x] Package is not known to require ExcludeArch
 [x] All build dependencies are listed in BuildRequires, except for any that
are listed in the exceptions section of Packaging Guidelines.
 [-] The spec file handles locales properly.
 [-] ldconfig called in %post and %postun if required.
 [x] Package must own all directories that it creates.
 [-] Package requires other packages for directories it uses.
 [x] Package does not contain duplicates in %files.
 [x] Permissions on files are set properly.
 [x] Package has a %clean section, which contains rm -rf %{buildroot}.
 [x] Package consistently uses macros.
 [x] Package contains code, or permissable content.
 [-] Large documentation files are in a -doc subpackage, if required.
 [x] Package uses nothing in %doc for runtime.
 [-] Header files in -devel subpackage, if present.
 [-] Static libraries in -devel subpackage, if present.
 [-] Package requires pkgconfig, if .pc files are present.
 [-] Development .so files in -devel subpackage, if present.
 [-] Fully versioned dependency in subpackages, if present.
 [-] Package does not contain any libtool archives (.la).
 [-] Package contains a properly installed %{name}.desktop file if it is a GUI
application.
 [x] Package does not own files or directories owned by other packages.

=== SUGGESTED ITEMS ===
 [x] Latest version is packaged.
 [-] Description and summary sections in the package spec file contains
translations for supported Non-English languages, if available.
 [x] Package should compile and build into binary rpms on all supported
architectures.

 [x] Package functions as described (no hardware to test with).
 [x] Scriptlets must be sane, if used.
 [-] The placement of pkgconfig(.pc) files is correct.

Other:
Removing the tests and not wasting space is really nice :)


Issues:

- Not sure about license.
  Please make a comment about this, if you are sure about it or not. If not, 
  too, maybe we'll get a second opinion from Jason.
- add changelog to %doc
- correnct version in changelog

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the package-review mailing list