https://bugzilla.redhat.com/show_bug.cgi?id=2430610
Ben Beasley <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Ben Beasley <[email protected]> --- This looks pretty dubious. The upstream appears to be a one-time upload to the Internet Archive, https://archive.org/download/dog_machine / https://archive.org/details/dog_machine. The upload to the IA claims it’s public-domain (“Public Domain Mark 1.0”), but the spec file lists the license as GPL-3.0-or-later. I have not looked inside the source RPM at all, but I took a look at the spec file, and it is obviously just copying a pre-compiled executable in place. Everything in Fedora needs to be built from source[1]. There are other issues, like hard-coded /usr/lib instead of %{_libdir}[2], no effort to support primary architectures other than x86_64[3], odd installation of a C++ source file, missing debuginfo[4] (because the binary is not built from source), no source URL[5] without a good justification, and use of the Group tag[6]. It looks like this software was only published once, to the Internet Archive, and only with the express intent of including it in Fedora? Even if the intentions are good and genuine, that *looks* a little weird and even a bit suspicious, especially considering the submission contains a pre-compiled executable. [1] https://docs.fedoraproject.org/en-US/packaging-guidelines/what-can-be-packaged/#prebuilt-binaries-or-libraries [2] https://docs.fedoraproject.org/en-US/packaging-guidelines/#_macros [3] https://docs.fedoraproject.org/en-US/packaging-guidelines/#_architecture_support [4] https://docs.fedoraproject.org/en-US/packaging-guidelines/Debuginfo/#_missing_debuginfo_packages [5] https://docs.fedoraproject.org/en-US/packaging-guidelines/SourceURL/ [6] https://docs.fedoraproject.org/en-US/packaging-guidelines/#_tags_and_sections -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2430610 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202430610%23c1 -- _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
