[Bug 486672] Review Request: python-hashlib - Secure hash and message digest algorithm library

bugzilla at redhat.com bugzilla at redhat.com
Fri Feb 20 23:04:17 UTC 2009 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=486672


manuel wolfshant <wolfy at nobugconsulting.ro> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
               Flag|fedora-review?              |fedora-review+




--- Comment #2 from manuel wolfshant <wolfy at nobugconsulting.ro>  2009-02-20 18:04:16 EDT ---
Package Review
==============

Key:
 - = N/A
 x = Check
 ! = Problem
 ? = Not evaluated

=== REQUIRED ITEMS ===
 [x] Package is named according to the Package Naming Guidelines.
 [x] Spec file name must match the base package %{name}, in the format
%{name}.spec.
 [x] Package meets the Packaging Guidelines.
 [x] Package successfully compiles and builds into binary rpms on at least one
supported architecture.
     Tested on: Centos5/x86_64, Fedora 7/x86_64
 [!] Rpmlint output:
source RPM: W: invalid-license PSF license
binary RPM: W: invalid-license PSF license
==> See note 1
 [x] Package is not relocatable.
 [x] Buildroot is correct (%{_tmppath}/%{name}-%{version}-%{release}-buildroot)
(not exactly one of the recommended values but not too far either :) )
 [x] Package is licensed with an open-source compatible license and meets other
legal requirements as defined in the legal section of Packaging Guidelines.
 [!] License field in the package spec file matches the actual license.
     License type: Python License
==> See also note 1
 [x] If (and only if) the source package includes the text of the license(s) in
its own file, then that file, containing the text of the license(s) for the
package is included in %doc.
 [x] Spec file is legible and written in American English.
 [x] Sources used to build the package match the upstream source, as provided
in the spec URL.
     SHA1SUM of package: 9131c25457639b8e0e1612ef30991adb73abf2b1 
hashlib-20081119.tar.gz
 [x] Package is not known to require ExcludeArch:
 [x] All build dependencies are listed in BuildRequires, except for any that
are listed in the exceptions section of Packaging Guidelines.
 [-] The spec file handles locales properly.

 [-] ldconfig called in %post and %postun if required.
 [x] Package must own all directories that it creates.
 [x] Package requires other packages for directories it uses.
 [!] Package does not contain duplicates in %files.
==> see note 2
 [x] Permissions on files are set properly.
 [x] Package has a %clean section, which contains rm -rf %{buildroot} (or
$RPM_BUILD_ROOT).
 [x] Package consistently uses macros.
 [x] Package contains code, or permissable content.
 [-] Large documentation files are in a -doc subpackage, if required.
 [x] Package uses nothing in %doc for runtime.
 [-] Header files in -devel subpackage, if present.
 [-] Static libraries in -devel subpackage, if present.
 [-] Package requires pkgconfig, if .pc files are present.
 [-] Development .so files in -devel subpackage, if present.
 [-] Fully versioned dependency in subpackages, if present.
 [x] Package does not contain any libtool archives (.la).
 [-] Package contains a properly installed %{name}.desktop file if it is a GUI
application.
 [x] Package does not own files or directories owned by other packages.
 [x] Final provides and requires are sane.

=== SUGGESTED ITEMS ===
 [x] Latest version is packaged.
 [x] Package does not include license text files separate from upstream.
 [ ] Description and summary sections in the package spec file contains
translations for supported Non-English languages, if available.
 [x] Reviewer should test that the package builds in mock.
     Tested on: centos5/x86_64
 [?] Package should compile and build into binary rpms on all supported
architectures.
     Tested on:
 [x] Package functions as described.
 [-] Scriptlets must be sane, if used.
 [-] The placement of pkgconfig(.pc) files is correct.
 [-] File based requires are sane.
 [!] %check is present and the test passes.
=> bundled tests are not run


===NOTES===
Couple of small issues:
1. The license tag is not correct:
  [wolfy at wolfy result]$ rpmlint *rpm
  python-hashlib.src: W: invalid-license PSF license
  python-hashlib.x86_64: W: invalid-license PSF license
  python-hashlib-debuginfo.x86_64: W: invalid-license PSF license
  3 packages and 0 specfiles checked; 0 errors, 3 warnings.
I am afraid this license is not in the list from
https://fedoraproject.org/wiki/Licensing#Software_License_List . If I am not
mistaken the approved tag is "Python" or "Python license"

2. warning: source file `README.txt' specified more than once



So
- please be as kind as to change the license tag to the accepted value
- as there is exactly one .txt file, please drop either README.txt or *.txt
from %doc

I'll trust you to fix those aspects before commit. APPROVED and thanks (Dennis
& Seth) for supporting EPEL.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the Fedora-package-review mailing list