[Bug 232719] maven2-2.0.4-10jpp.3 - Java project management and project comprehension tool
bugzilla at redhat.com
bugzilla at redhat.com
Sat Mar 17 00:32:44 UTC 2007
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: maven2-2.0.4-10jpp.3 - Java project management and project comprehension tool
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232719
------- Additional Comments From mwringe at redhat.com 2007-03-16 20:32 EST -------
MUST:
* package is named appropriately
- match upstream tarball or project name
OK, upstream just calls it Maven, but this pacakge needs to be named differently
due to it being incompatible with the older maven1 project.
- try to match previous incarnations in other distributions/packagers for
consistency
OK
- specfile should be %{name}.spec
OK
- non-numeric characters should only be used in Release (ie. cvs or
something)
- for non-numerics (pre-release, CVS snapshots, etc.), see
http://fedoraproject.org/wiki/Packaging/NamingGuidelines#PackageRelease
- if case sensitivity is requested by upstream or you feel it should be
not just lowercase, do so; otherwise, use all lower case for the name
* is it legal for Fedora to distribute this?
- OSI-approved
OK, license is Apache
- not a kernel module
OK
- not shareware
OK
- is it covered by patents?
Not that I am aware of
- it *probably* shouldn't be an emulator
OK
- no binary firmware
OK
* license field matches the actual license.
OK, it appears that all the sources are Apache licensed
* license is open source-compatible.
- use acronyms for licences where common
* specfile name matches %{name}
OK
* verify source and patches (md5sum matches upstream, know what the patches do)
- if upstream doesn't release source drops, put *clear* instructions on
how to generate the the source drop; ie.
# svn export blah/tag blah
# tar cjf blah-version-src.tar.bz2 blah
X no instructions on how to recreate m2_jar_repo.tar.gz
X no instructions on how to recreate m2_jar_repo.tar.gz
* skim the summary and description for typos, etc.
OK
* correct buildroot
- should be:
%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
OK
* if %{?dist} is used, it should be in that form (note the ? and %
locations)
OK
* license text included in package and marked with %doc
X license missing from packages: maven2 and the plugin packages
* keep old changelog entries; use judgement when removing (too old?
useless?)
OK
* packages meets FHS (http://www.pathname.com/fhs/)
OK, they seem to put everything in the right places
* rpmlint on <this package>.srpm gives no output
rpmlint maven2-2.0.4-10jpp.3.src.rpm
W: maven2 non-standard-group Development/Build Tools
OK.The group warning can be ignored
* changelog should be in the proper format
OK
* Packager, Vendor, and Distribution tags should not be used
OK
* use License and not Copyright
OK
* Summary tag should not end in a period
OK
* if possible, replace PreReq with Requires(pre) and/or Requires(post)
OK
* specfile is legible
OK. For the length and complexity, it is very well laid out
* package successfully compiles and builds on at least x86
* BuildRequires are proper
- builds in mock will flush out problems here
OK, builds in mock
- the following packages don't need to be listed in BuildRequires:
bash
bzip2
coreutils
cpio
diffutils
fedora-release (and/or redhat-release)
gcc
gcc-c++
gzip
make
patch
perl
redhat-rpm-config
rpm-build
sed
tar
unzip
which
OK
* summary should be a short and concise description of the package
OK
* description expands upon summary (don't include installation
instructions)
X the main package's description does, but the plugins description is just the
summary.
* make sure description lines are <= 80 characters
OK
* specfile written in American English
OK
* make a -doc sub-package if necessary
- see
http://fedoraproject.org/wiki/Packaging/Guidelines#head-9bbfa57478f0460c6160947a6bf795249488182b
OK, javadoc and manual subprojects for main maven2 package. Should there be
javadocs for the plugins?
* packages including libraries should exclude static libraries if possible
* don't use rpath
OK
* config files should usually be marked with %config(noreplace)
X Doesn't maven2 have any config files?
* GUI apps should contain .desktop files
OK, not a GUI app
* should the package contain a -devel sub-package?
OK, I don't think it should have one
* use macros appropriately and consistently
- ie. %{buildroot} and %{optflags} vs. $RPM_BUILD_ROOT and $RPM_OPT_FLAGS
OK
* don't use %makeinstall
OK
* locale data handling correct (find_lang)
- if translations included, add BR: gettext and use %find_lang %{name} at the
end of %install
* consider using cp -p to preserve timestamps
X the -p is not used anywhere in %prep section
* split Requires(pre,post) into two separate lines
OK
* package should probably not be relocatable
OK
* package contains code
- see http://fedoraproject.org/wiki/Packaging/Guidelines#CodeVsContent
- in general, there should be no offensive content
OK
* package should own all directories and files
* there should be no %files duplicates
* file permissions should be okay; %defattrs should be present
OK
* %clean should be present
OK
* %doc files should not affect runtime
* if it is a web apps, it should be in /usr/share/%{name} and *not* /var/www
* verify the final provides and requires of the binary RPMs
* run rpmlint on the binary RPMs
maven2-2.0.4-10jpp.3.fc7.x86_64.rpm
W: maven2 non-standard-group Development/Build Tools
Ok, can ignore group warnings
W: maven2 incoherent-version-in-changelog 2.0.4-10jpp.3 0:2.0.4-10jpp.3.fc7
X is this caused by the epoch or the dist?
W: maven2 no-documentation
X Shouldn't there be at least some licensing documentation?
W: maven2 dangling-symlink /usr/share/java/maven2/plugins /usr/share/maven2/plugins
W: maven2 symlink-should-be-relative /usr/share/java/maven2/plugins
/usr/share/maven2/plugins
W: maven2 dangling-symlink /usr/share/maven2/repository/JPP /usr/share/java
W: maven2 symlink-should-be-relative /usr/share/maven2/repository/JPP
/usr/share/java
W: maven2 symlink-should-be-relative /usr/share/java/maven2/poms
/usr/share/maven2/poms
X Can the above symlinks be fixed?
W: maven2 non-conffile-in-etc /etc/maven/fragments/maven2
X this should be marked as a conf file (%conf)
W: maven2 dangerous-command-in-%preun rm
X can this command be removed?
W: maven2 uncompressed-zip /usr/share/java/maven2/empty-dep.jar
I would say this is safe to ignore
maven2-debuginfo-2.0.4-10jpp.3.fc7.x86_64.rpm
maven2-javadoc-2.0.4-10jpp.3.fc7.x86_64.rpm
W: maven2-javadoc non-standard-group Development/Documentation
OK, group warnings can be ignored
maven2-manual-2.0.4-10jpp.3.fc7.x86_64.rpm
W: maven2-manual non-standard-group Development/Documentation
OK, group warnings can be ignored
Due to the large size of the rpmlint output, I will be attaching as a separate
file for the plugins.
Notes of interest:
- the groups warnings can be ignored
- Shouldn't these plugins have license docs somewhere?
SHOULD:
* package should include license text in the package and mark it with %doc
X licenses missing from file set
* package should build on i386
OK
* package should build in mock
OK
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the Fedora-package-review
mailing list