https://bugzilla.redhat.com/show_bug.cgi?id=2421751
Sergio Correia <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|fedora-review? |fedora-review+ --- Comment #2 from Sergio Correia <[email protected]> --- I reviewed the updated copr build 09911961. Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated Issues: ======= - Harmless: rpmlint spelling error. Note: E: spelling-error ('Programmatically', '%description -l en_US Programmatically -> Pro grammatically, Pro-grammatically, Programmatic ally') This is harmless. "Programmatically" is a valid English word and correctly describes the package functionality. ===== MUST items ===== Generic: [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. Note: Reviewed from COPR build 9911961. Package builds successfully as noarch. [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. Note: Licensed under MIT. [x]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated", "MIT License", "*No copyright* MIT License". The 26 files with "unknown license" are test files, configuration files, and build metadata which is normal for Python packages. The "*No copyright*" note for PKG-INFO files is expected - these are auto-generated metadata files. The LICENSE file has proper MIT license with copyright (Copyright (c) 2019 Florimond Manca). [x]: Package must own all directories that it creates. Note: The review notes /usr/lib/python3.14/site-packages and /usr/lib/python3.14 as unowned, but these directories are owned by python3-libs package. This is a false positive - Python packages should not own these base directories. [x]: Package contains no bundled libraries without FPC exception. Note: No bundled libraries. Dependency on sniffio is properly declared via pyproject.toml and handled by %pyproject_buildrequires. [x]: Changelog in prescribed format. Note: Uses %autochangelog macro which follows Fedora guidelines. [x]: Sources contain only permissible code or content. Note: Reviewed source code - this is an ASGI lifespan manager library. Provides programmatic startup/shutdown of ASGI applications. Supports asyncio and trio async backends. No security concerns or malware detected. [-]: Package contains desktop file if it is a GUI application. Note: Not a GUI application - this is a Python library. [-]: Development files must be in a -devel package Note: Python library, not applicable. [x]: Package uses nothing in %doc for runtime. Note: Documentation files (README.md) are not required for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). Note: Proper use of %{pypi_source}, %{version}, %{pyproject_files}, %autorelease, etc. [x]: Package is named according to the Package Naming Guidelines. Note: Follows Python packaging guidelines (python-<module-name> for source package, python3-<module-name> for binary package). [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. Note: Files installed to /usr/lib/python3.14/site-packages/ per Python packaging guidelines. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. Note: Not a renamed package. [x]: Requires correct, justified where necessary. Note: Requires python(abi) and python3.14dist(sniffio). The sniffio dependency is declared in pyproject.toml and is needed for async backend detection. All appropriate. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. Note: Library package, no systemd files needed. [x]: Package is not known to require an ExcludeArch tag. [x]: Package complies to the Packaging Guidelines [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: rpmlint shows 2 errors (harmless spelling-error for "Programmatically"). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. Note: LICENSE file properly included via %license directive. [x]: The License field must be a valid SPDX expression. Note: "MIT" is a valid SPDX identifier. [x]: Package requires other packages for directories it uses. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. Note: Uses %autorelease which includes dist tag. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. Note: Uses %pyproject_install macro appropriately. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. Note: SHA256 checksums match exactly: 5e2effaf0bfe39829cf2d64e7ecc47c7d86d676a6599f7afba378c31f5e3a308 [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 6915 bytes in 1 file (README.md). [x]: Packages must not store files under /srv, /opt or /usr/local Python: [x]: Python eggs must not download any dependencies during the build process. Note: Uses %pyproject_buildrequires which handles all dependencies at build time without downloading during build. [x]: A package which is used by another package via an egg interface should provide egg info. Note: Provides python3.14dist(asgi-lifespan) and python3dist(asgi-lifespan) metadata. [x]: Package meets the Packaging Guidelines::Python Note: Follows modern Python packaging guidelines using pyproject macros. [x]: Package contains BR: python2-devel or python3-devel Note: BuildRequires: python3-devel [x]: Packages MUST NOT have dependencies (either build-time or runtime) on packages named with the unversioned python- prefix unless no properly versioned package exists. Note: All dependencies use python3- or python3.14dist() naming. [x]: Python packages must not contain %{pythonX_site(lib|arch)}/* in %files Note: Uses %{pyproject_files} which is the correct modern approach. [x]: Binary eggs must be removed in %prep Note: No binary eggs present. Package uses modern pyproject.toml build. ===== SHOULD items ===== Generic: [x]: Reviewer should test that the package builds in mock. Note: Reviewed from COPR build 9911961 which builds in mock environment. [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. Note: LICENSE file is included from upstream. [x]: Final provides and requires are sane (see attachments). Note: Provides python3-asgi-lifespan, python3.14-asgi-lifespan, python3.14dist(asgi-lifespan), python3dist(asgi-lifespan). Requires python(abi) and python3.14dist(sniffio). All appropriate for Python library. [x]: Package functions as described. Note: Programmatically sends startup/shutdown lifespan events into ASGI applications. Allows mocking or testing ASGI applications (such as FastAPI, Starlette, Quart) without spinning up an ASGI server. Supports both asyncio and trio async backends. [x]: Latest version is packaged. Note: Version 2.1.0 is packaged and appears to be current. [x]: Package does not include license text files separate from upstream. Note: LICENSE file is from upstream tarball. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: PyPI does not publish GPG signatures. SHA256 checksum verification is the standard method for Python packages. [x]: Package should compile and build into binary rpms on all supported architectures. Note: noarch package, builds on all architectures. [x]: %check is present and all tests pass. Note: Spec includes %pyproject_check_import which verifies the module can be imported successfully. [?]: Packages should try to preserve timestamps of original installed files. Note: Standard pyproject macros handle file installation. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag Note: Uses %{pypi_source asgi-lifespan} macro pointing to PyPI. [x]: SourceX is a working URL. Note: https://files.pythonhosted.org/packages/source/a/asgi-lifespan/asgi-lifespan-2.1.0.tar.gz [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: rpmlint shows 2 harmless spelling errors for "Programmatically". [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: python3-asgi-lifespan-2.1.0-1.fc44.noarch.rpm python-asgi-lifespan-2.1.0-1.fc44.src.rpm python-asgi-lifespan.src: E: spelling-error ('Programmatically', '%description -l en_US Programmatically -> Pro grammatically, Pro-grammatically, Programmatic ally') python3-asgi-lifespan.noarch: E: spelling-error ('Programmatically', '%description -l en_US Programmatically -> Pro grammatically, Pro-grammatically, Programmatic ally') 2 packages and 0 specfiles checked; 2 errors, 0 warnings, 7 filtered, 2 badness Source checksums ---------------- https://files.pythonhosted.org/packages/source/a/asgi-lifespan/asgi-lifespan-2.1.0.tar.gz : CHECKSUM(SHA256) this package : 5e2effaf0bfe39829cf2d64e7ecc47c7d86d676a6599f7afba378c31f5e3a308 CHECKSUM(SHA256) upstream package : 5e2effaf0bfe39829cf2d64e7ecc47c7d86d676a6599f7afba378c31f5e3a308 Requires -------- python3-asgi-lifespan (rpmlib, GLIBC filtered): python(abi) python3.14dist(sniffio) Provides -------- python3-asgi-lifespan: python-asgi-lifespan python3-asgi-lifespan python3.14-asgi-lifespan python3.14dist(asgi-lifespan) python3dist(asgi-lifespan) Generated by fedora-review 0.10.0 (e79b66b) last change: 2023-07-24 Command line: /usr/bin/fedora-review --copr-build 09911961 Buildroot used: fedora-rawhide-x86_64 ===== APPROVAL ===== This package is APPROVED, thanks. The rpmlint spelling errors are harmless - "Programmatically" is a valid English word. All MUST items pass, and the package meets Fedora Python packaging guidelines. -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2421751 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202421751%23c2 -- _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
