Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 2227547
Summary: | Review Request: rust-notify-debouncer-mini - Notify mini debouncer for events | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Fabio Valentini <decathorpe> |
Component: | Package Review | Assignee: | Davide Cavalca <davide> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | rawhide | CC: | davide, package-review |
Target Milestone: | --- | Flags: | davide:
fedora-review+
|
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
URL: | https://crates.io/crates/notify-debouncer-mini | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2023-07-31 06:27:24 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 2119243 |
Description
Fabio Valentini
2023-07-30 16:04:00 UTC
Copr build: https://copr.fedorainfracloud.org/coprs/build/6223672 (succeeded) Review template: https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2227547-rust-notify-debouncer-mini/fedora-rawhide-x86_64/06223672-rust-notify-debouncer-mini/fedora-review/review.txt Please take a look if any issues were found. --- This comment was created by the fedora-review-service https://github.com/FrostyX/fedora-review-service If you want to trigger a new Copr build, add a comment containing new Spec and SRPM URLs or [fedora-review-service-build] string. Note that there has been a discussion about the partially problematic licensing of the upstream project: https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org/thread/CYDPF2JNJCZWM7LHMF33PWAHLA6Q4AQW/ The TL;DR: 1. Using the "technically-not-good-for-code" CC0-1.0 license for this package is *fine* - because the functionality used to be part of the existing "rust-notify" package, and was only split off into a separate component with newer versions. So the "grandfathering" rule applies here. 2. The license specification in the upstream metadata is "wrong" (to our standards): The crate used to be licensed CC0-1.0-only, new code that was written recently is dual licensed "CC0-1.0 OR Artistic-2.0" (for some definition of "Artistic-2.0", see point 3). Applying our standards, the license spec should be "CC0-1.0 AND (CC0-1.0 OR Artistic-2.0)". 3. Upstream has attached a non-standard "choice of venue" clause to the Artistic-2.0 license text, which is both a) unusual and b) means this license can't actually be classified as plain "Artistic-2.0". Additionally, it's unclear what a choice of venue clause would even mean, considering that the project has some few dozen contributors, and certainly not all of them live in New Zealand. For these reasons, I'm opting to ship this package under CC0-1.0 *only*. I will update the existing package for the "notify" crate with a corresponding change as well. (Note that this issue was missed when the "notify" crate's license was updated, which is why this has only been discovered when packaging the "notify-debouncer-mini" crate.) Package was generated with rust2rpm, simplifying the review. - package builds and installs without errors on rawhide - test suite is run and all unit tests pass - latest version of the crate is packaged - license matches upstream specification (CC0-1.0) and is acceptable for Fedora (see comment) ~ license file is included with %license in %files (included separately from upstream for now) - package complies with Rust Packaging Guidelines Package APPROVED. === Recommended post-import rust-sig tasks: - set up package on release-monitoring.org: project: $crate homepage: https://crates.io/crates/$crate backend: crates.io version scheme: semantic version filter: alpha;beta;rc;pre distro: Fedora Package: rust-$crate - add @rust-sig with "commit" access as package co-maintainer (should happen automatically) - set bugzilla assignee overrides to @rust-sig (optional) - track package in koschei for all built branches (should happen automatically once rust-sig is co-maintainer) === Can you file an issue upstream to get the license situation streamlined? I agree with your assessment that CC0-1.0 should be fine, but it'd be good to make this saner if at all possible. Thanks for the quick review! Sure, I filed issue with upstream: https://github.com/notify-rs/notify/issues/514 The Pagure repository was created at https://src.fedoraproject.org/rpms/rust-notify-debouncer-mini FEDORA-2023-375c7074df has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-375c7074df FEDORA-2023-375c7074df has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report. |