[Fedora-packaging] Request for confirmation: Which form is required for a review

Michael Schwendt mschwendt at gmail.com
Wed Feb 8 20:33:59 UTC 2012 

On Wed, 08 Feb 2012 20:26:06 +0100, MR (Matthias) wrote:

> Hi,
> 
> lately, I stumbled upon a review, which I thought, wouldn't suffice.
> It looks like the following
> 
> name: ok
> summary: ok
> license: ok
> handling locale files: ok
> rpmlint output: only spelling warning
> Not needed BuildRequires: (names), please remove them in git.
> 
> APPROVED.

Please mention the ticket number.

It may be that the spec file is short/simple and that the listed items
cover most of what was necessary to review. I find it silly to even
mention "name: ok".

> My question is: is this review sufficient,

It is.

There is no requirement for the reviewer to flood the ticket with a huge
list of checkmarks about things that possibly don't even apply to a
package. It doesn't make reviews better, and it doesn't make them safer
either. That is because the guidelines aren't bullet-proof and not
complete either. In other places, the guidelines are not detailed enough
and only experienced reviewers understand the background.

Btw, I think we've had cases before where reviewers, who have posted
an overwhelming checklist, missed several items (or got them wrong).
[not limited to %optflags, plugins in -devel packages, static libs,
licensing, files in wrong subpkgs]

> Do we trust our reviewers, 

We do. In the same way we trust our packagers. And still, some packagers
*and* reviewers (re-)introduce packaging mistakes *after* a package has
been approved. ;) Sometimes the changes in package git invalidate the
review results completely, because a packager messes up the packaging.

> so there's no need of bureaucracy?

Fill a growing list of reviews where the reviewer has missed important
items, and then let's figure out what can be done about that. Let's not
punish good reviewers with tiresome bureaucracy.

> Why should/must I do more 
> than just setting the flag or writing 7 catchwords?

Do whatever helps you to gain confidence in approving a package.  If you
feel it's necessary to process a checklist and include that checklist, do
that. Once you've posted such a list in a review, what would you do if
another reviewer pointed out that you've missed a couple of unowned
directories, for example? (note: that's still a MUST item in the review
guidelines)

More information about the packaging mailing list