[Bug 506681] Review Request: autodafe - Fuzzing framework

bugzilla at redhat.com bugzilla at redhat.com
Thu Jun 18 12:25:34 UTC 2009 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=506681


Matej Cepl <mcepl at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
         AssignedTo|nobody at fedoraproject.org    |mcepl at redhat.com
               Flag|                            |fedora-review?




--- Comment #1 from Matej Cepl <mcepl at redhat.com>  2009-06-18 08:25:32 EDT ---
+ GOOD: rpmlint is bradford:rpmbuild$ rpmlint -i
SRPMS/autodafe-0.1-1.fc11.src.rpm 
1 packages and 0 specfiles checked; 0 errors, 0 warnings.
bradford:rpmbuild$ rpmlint -i RPMS/x86_64/autodafe-*
autodafe.x86_64: W: incoherent-version-in-changelog 0.1-1 ['1:0.1-1.fc11',
'1:0.1-1']
The last entry in %changelog contains a version identifier that is not
coherent with the epoch:version-release tuple of the package.

2 packages and 0 specfiles checked; 0 errors, 1 warnings.
bradford:rpmbuild$ 
silent on both source and binary package.
Warning doesn't make any sense to me and should be ignored.
+ GOOD: The package is named according to the Package Naming Guidelines .
+ GOOD: The spec file name matches the base package %{name}, in the format
  %{name}.spec.
???: The package meets the Packaging Guidelines .
+ BAD: The package is licensed with a Fedora approved license and meet the
Licensing Guidelines.
1) # -*- coding: utf-8 -*-
in the top is not needed ... .spec files are in Fedora UTF-8 per definition.
2) This is not good:
mkdir -p $RPM_BUILD_ROOT/usr/share
mkdir -p $RPM_BUILD_ROOT/usr/bin
make prefix=$RPM_BUILD_ROOT/usr -C src/adbg install
make prefix=$RPM_BUILD_ROOT/usr -C src/adc install
make prefix=$RPM_BUILD_ROOT/usr -C src/autodafe install
make prefix=$RPM_BUILD_ROOT/usr -C src/pdml2ad install
( cd ./etc/generator; ./generator.sh . )
mv ./etc/generator/autodafe $RPM_BUILD_ROOT/usr/share
You should use %{_prefix}, %{_datadir}, %{_bindir}, %{_sysconfdir}, etc.
+ GOOD: The License field in the package spec file matches the actual license.
- GOOD: LICENSE file is in %doc.
+ GOOD: The spec file is written in American English.
+ GOOD: The spec file for the package is legible.
+ BAD: The sources used to build the package matches the upstream source,
as provided in the spec URL.
No URL in Source:
should be
Source: autodafe-%{version}.tar.gz
http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
then OK.
MD5: 1c10c69080952ab9dd2c819d1e9c044c
+ GOOD: The package successfully compiles and build into binary rpms on at
least one supported architecture.
  Koji scratch build is
  http://koji.fedoraproject.org/koji/taskinfo?taskID=1422739
+ GOOD: builds on all architectures
+ GOOD: All build dependencies are listed in BuildRequires. (builds in koji)
+ GOOD: The spec file MUST handle locales properly.
  No locale support.
+ GOOD: %post and %postun scripts OK
no scripts
+ GOOD: not relocatable
+ BAD: A package owns all directories that it creates.
I don't like this in %files:
%{_usr}/share/*
a) you should use macros,
b) how many directories in %{_datadir} you want? Just write them down in %files
individually.
The same for 
%{_bindir}/*
This is not safe.
+ GOOD: A package must not contain any duplicate files in the %files listing.
+ GOOD: Permissions on files must be set properly.
+ GOOD: Each package have a %clean section.
+ BAD: Each package consistently use macros.
see above
+ GOOD: The package contains code, or permissable content.
+ BAD: No large documentation files, so no a -doc subpackage.
at least tutorials.tar.gz should go to -doc (or to hell ;-))
+ GOOD: Files registered in %doc does not affect the runtime of the
application.
+ GOOD: No header files.
+ GOOD: No static libraries.
+ GOOD: No pkgconfig(.pc) files.
+ GOOD: .so file is provided in -devel package.
no .so file
+ GOOD: Correct Requires in -devel subpackage.
no -devel package
+ GOOD: No .la libtool archives.
+ GOOD: Packages does not contain GUI applications.
+ GOOD: Packages does not own files or directories owned by other packages.
+ GOOD: Runs rm -rf $RPM_BUILD_ROOT in %install
+ GOOD: All filenames in rpm packages are valid UTF-8.
+ GOOD: Includes license text.

NOT APPROVED
Please fix the above shown problems.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the Fedora-package-review mailing list