Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1318873 - Review Request: neurord - Stochastic reaction-diffusion simulator
Summary: Review Request: neurord - Stochastic reaction-diffusion simulator
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: gil cattaneo
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On: 1323010
Blocks: fedora-neuro, NeuroFedora
TreeView+ depends on / blocked
 
Reported: 2016-03-18 02:40 UTC by Zbigniew Jędrzejewski-Szmek
Modified: 2016-06-02 14:15 UTC (History)
2 users (show)

Fixed In Version: neurord-3.0.0-7.20160426gitd5b0d94.fc25
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-04-27 13:58:37 UTC
Type: Bug
Embargoed:
puntogil: fedora-review+


Attachments (Terms of Use)
jhdf5 maven depmap (deleted)
2016-04-01 00:08 UTC, gil cattaneo
no flags Details
licensecheck.txt (deleted)
2016-04-12 07:43 UTC, gil cattaneo
no flags Details

Description Zbigniew Jędrzejewski-Szmek 2016-03-18 02:40:13 UTC
Spec URL: http://in.waw.pl/~zbyszek/fedora/neurord.spec
SRPM URL: http://in.waw.pl/~zbyszek/fedora/neurord-3.0.0-1.20160317gitb17d063.src.rpm
Fedora Account System Username: zbyszek
Description:
A simulator for biological reaction-diffusion systems.
Supports exact stochastic simulation, asynchronous leaping, fixed-τ leaping,
and stepped deterministic solutions. Output can be written as CSV text or HDF5
binary files.

Notes for the reviewer:
There's a very basic python wrapper for reading HDF5 output, but it's not ready for public consumption yet, and it's not packaged.

Tests are run by %mvn_build. They are not very exhaustive though.

Comment 1 Zbigniew Jędrzejewski-Szmek 2016-03-18 03:36:28 UTC
http://koji.fedoraproject.org/koji/taskinfo?taskID=13379782

Comment 3 gil cattaneo 2016-03-31 22:33:29 UTC
Some problem must be solved before continue/strat with the review:

- disable/remove maven-shade-plugin, is not safe bundle system libraries
- scope system and systemPath are not supported instead open a bug for add
  maven poms or simply depmap for the required artifacts
  e.g.
  @ http://pkgs.fedoraproject.org/cgit/rpms/jhdf5.git/tree/jhdf5.spec#n178

  %mvn_file org.hdfgroup:jhdf5 jhdf5
  %mvn_artifact org.hdfgroup:jhdf5:%{version} lib/jhdf5.jar

  @ http://pkgs.fedoraproject.org/cgit/rpms/jhdf5.git/tree/jhdf5.spec#n194
  %mvn_file org.hdfgroup:jhdfobj jhdfobj
  %mvn_artifact org.hdfgroup:jhdfobj:%{version} lib/jhdfobj.jar

- remove
install -Dm0644 target/%{name}-%{version}.jar %{buildroot}%{_javadir}/%{name}.jar
install -Dm0755 %{SOURCE1} %{buildroot}%{_bindir}/%{name}
install -Dm0644 pom.xml %{buildroot}%{_mavenpomdir}/%{name}.pom
 and use

 %files -f .mfiles
 %{_bindir}/%{name}
 %license LICENSE
 %doc README.rst README.html stim-params{,2}.{svg,png}

 %files javadoc -f .mfiles-javadoc
 %license LICENSE

Comment 4 gil cattaneo 2016-03-31 22:36:26 UTC
These plugins/BuildRequires are installed by default and should be removed

BuildRequires: java-devel
BuildRequires: maven-compiler-plugin
BuildRequires: maven-install-plugin
BuildRequires: maven-jar-plugin
BuildRequires: maven-javadoc-plugin
BuildRequires: maven-resources-plugin
BuildRequires: maven-surefire-plugin

Comment 5 gil cattaneo 2016-04-01 00:08:39 UTC
Created attachment 1142397 [details]
jhdf5 maven depmap

This is a proposed spec file for jhdf5
- generate maven depmap and javadoc
- add javadoc sub package
- minor changes to adapt to current guideline
- fix some rpmlint problems
- introduce license macro

Comment 7 Zbigniew Jędrzejewski-Szmek 2016-04-01 02:22:54 UTC
Comment on attachment 1142397 [details]
jhdf5 maven depmap

Newer patches are in the other bug.

Comment 8 gil cattaneo 2016-04-01 02:29:05 UTC
(In reply to Zbigniew Jędrzejewski-Szmek from comment #6)
> All changes implemented as requested.
> 
> Spec URL: http://in.waw.pl/~zbyszek/fedora/neurord.spec
> SRPM URL:
> http://in.waw.pl/~zbyszek/fedora/neurord-3.0.0-3.20160317gitb17d063.src.rpm
> koji: http://koji.fedoraproject.org/koji/taskinfo?taskID=13523998

Please, remove also:
Requires:      java-headless
Requires:      jhdf5
Requires:      jhdfobj
Requires:      log4j
Requires:      jblas
Requires:      apache-commons-cli

and change
Summary:       Javadocs for %{name}
with
Summary:       Javadoc for %{name}

Waiting RHBZ#1323010 is resolved
Thanks

Comment 9 Zbigniew Jędrzejewski-Szmek 2016-04-01 02:33:28 UTC
Updated.

Thanks for the review so far, I think the package is in much better shape now ;)

Spec URL: http://in.waw.pl/~zbyszek/fedora/neurord.spec
SRPM URL: http://in.waw.pl/~zbyszek/fedora/neurord-3.0.0-4.20160317gitb17d063.src.rpm

Comment 10 Zbigniew Jędrzejewski-Szmek 2016-04-11 18:33:17 UTC
Patched jdfh5 has been built in rawhide a few days ago, can you continue the review?

(The update of jhdf5 for F24 could also be pushed to stable, but I'd prefer to wait and see if any issues are found during this review.)

Comment 11 gil cattaneo 2016-04-11 18:43:14 UTC
(In reply to Zbigniew Jędrzejewski-Szmek from comment #10)
> Patched jdfh5 has been built in rawhide a few days ago, can you continue the
> review?
> 
> (The update of jhdf5 for F24 could also be pushed to stable, but I'd prefer
> to wait and see if any issues are found during this review.)

sure

Comment 12 gil cattaneo 2016-04-11 18:46:03 UTC
ERROR: 'Error 404 downloading http://in.waw.pl/~zbyszek/fedora/neurord-3.0.0-4.20160317gitb17d063.src.rpm'

Comment 13 Zbigniew Jędrzejewski-Szmek 2016-04-11 18:54:35 UTC
Mistyped the URL, sorry.

Spec URL: http://in.waw.pl/~zbyszek/fedora/neurord.spec
SRPM URL: http://in.waw.pl/~zbyszek/fedora/neurord-3.0.0-4.20160317gitb17d063.fc25.src.rpm

Comment 14 gil cattaneo 2016-04-11 19:07:19 UTC
why do not use 
%jpackage_script neurord.StochDiff "" "" jhdf5:jhdfobj:log4j/log4j-core:log4j/log4j-api:jblas:commons-cli:neurord neurord true
?

Comment 15 Zbigniew Jędrzejewski-Szmek 2016-04-11 20:01:42 UTC
No reason except my ignorance :)

Spec URL: http://in.waw.pl/~zbyszek/fedora/neurord.spec
SRPM URL: http://in.waw.pl/~zbyszek/fedora/neurord-3.0.0-5.20160317gitb17d063.fc25.src.rpm

Comment 16 gil cattaneo 2016-04-12 07:43:34 UTC
Created attachment 1146265 [details]
licensecheck.txt

Comment 17 gil cattaneo 2016-04-12 07:43:51 UTC
Package Review
==============

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed



===== MUST items =====

Generic:
[x]: Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[!]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses
     found: "Unknown or generated". 195 files have unknown license.
     Detailed output of licensecheck in
     /home/gil/1318873-neurord/licensecheck.txt
[x]: License file installed when any subpackage combination is installed.
[?]: Package contains no bundled libraries without FPC exception.
[?]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[-]: Package uses nothing in %doc for runtime.
[?]: Package consistently uses macros (instead of hard-coded directory
     names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Package is not known to require an ExcludeArch tag.
[-]: Large documentation must go in a -doc subpackage. Large could be size
     (~1MB) or number of files.
     Note: Documentation size is 143360 bytes in 6 files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
     one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %license.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: All build dependencies are listed in BuildRequires, except for any
     that are listed in the exceptions section of Packaging Guidelines.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
     work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
     provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

Java:
[x]: Bundled jar/class files should be removed before build
[x]: Packages have proper BuildRequires/Requires on jpackage-utils
     Note: Maven packages do not need to (Build)Require jpackage-utils. It
     is pulled in by maven-local
[x]: Javadoc documentation files are generated and included in -javadoc
     subpackage
[x]: Javadoc subpackages should not have Requires: jpackage-utils
[x]: Javadocs are placed in %{_javadocdir}/%{name} (no -%{version} symlink)

Maven:
[x]: If package contains pom.xml files install it (including metadata) even
     when building with ant
[x]: POM files have correct Maven mapping
[x]: Maven packages should use new style packaging
[x]: Old add_to_maven_depmap macro is not being used
[x]: Packages DO NOT have Requires(post) and Requires(postun) on jpackage-
     utils for %update_maven_depmap macro
[x]: Package DOES NOT use %update_maven_depmap in %post/%postun
[x]: Packages use .mfiles file list instead of %{_datadir}/maven2/poms

===== SHOULD items =====

Generic:
[-]: If the source package does not include license text(s) as a separate
     file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[-]: Fully versioned dependency in subpackages if applicable.
     Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in neurord-
     javadoc
[x]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[x]: Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
     architectures.
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
     files.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.

Java:
[x]: Package uses upstream build method (ant/maven/etc.)
[x]: Packages are noarch unless they use JNI

===== EXTRA items =====

Generic:
[x]: Rpmlint is run on all installed packages.
     Note: There are rpmlint messages (see attachment).
[x]: Spec file according to URL is the same as in SRPM.


Rpmlint
-------
Checking: neurord-3.0.0-5.20160317gitb17d063.fc25.noarch.rpm
          neurord-javadoc-3.0.0-5.20160317gitb17d063.fc25.noarch.rpm
          neurord-3.0.0-5.20160317gitb17d063.fc25.src.rpm
neurord.noarch: W: spelling-error %description -l en_US τ 
neurord.noarch: W: no-manual-page-for-binary neurord
neurord.src: W: spelling-error %description -l en_US τ 
3 packages and 0 specfiles checked; 0 errors, 3 warnings.




Rpmlint (installed packages)
----------------------------
sh: /usr/bin/python: No such file or directory
neurord.noarch: W: spelling-error %description -l en_US τ 
neurord.noarch: W: no-manual-page-for-binary neurord
2 packages and 0 specfiles checked; 0 errors, 2 warnings.



Requires
--------
neurord (rpmlib, GLIBC filtered):
    /bin/bash
    java-headless
    javapackages-tools
    mvn(commons-cli:commons-cli)
    mvn(org.apache.logging.log4j:log4j-api)
    mvn(org.apache.logging.log4j:log4j-core)
    mvn(org.hdfgroup:jhdf5)
    mvn(org.hdfgroup:jhdfobj)
    mvn(org.jblas:jblas)

neurord-javadoc (rpmlib, GLIBC filtered):
    javapackages-tools



Provides
--------
neurord:
    mvn(neurord:neurord)
    mvn(neurord:neurord:pom:)
    neurord

neurord-javadoc:
    neurord-javadoc



Source checksums
----------------
https://github.com/neurord/stochdiff/archive/b17d0631f60d6d2454c71627bc718261fc3f05e6.tar.gz#/stochdiff-b17d063.tar.gz :
  CHECKSUM(SHA256) this package     : 674e6a47e15defc63e83576d6f6ea17f7ecd2c8e4452d589a8657d95d2042f67
  CHECKSUM(SHA256) upstream package : 674e6a47e15defc63e83576d6f6ea17f7ecd2c8e4452d589a8657d95d2042f67


Generated by fedora-review 0.6.0 (3c5c9d7) last change: 2015-05-20
Command line :/usr/bin/fedora-review -b 1318873 --plugins Java -m fedora-rawhide-i386
Buildroot used: fedora-rawhide-i386
Active plugins: Generic, Shell-api, Java
Disabled plugins: C/C++, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP, Ruby
Disabled flags: EXARCH, DISTTAG, EPEL5, BATCH, EPEL6

Comment 18 gil cattaneo 2016-04-12 07:46:46 UTC
Issues:

[!]: License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses
     found: "Unknown or generated". 195 files have unknown license.
     Detailed output of licensecheck in
     /home/gil/1318873-neurord/licensecheck.txt

All source files are without license headers. Please, ask to upstream to confirm the licensing of code and/or content/s (see file attached)
https://fedoraproject.org/wiki/Packaging:LicensingGuidelines?rd=Packaging/LicensingGuidelines#License_Clarification

Comment 19 Zbigniew Jędrzejewski-Szmek 2016-04-12 17:51:58 UTC
The license information is now specified in the README, and in the file that contains main(), src/main/java/neurord/StochDiff.java. As before the text of the license is specified in LICENSE and the license is specified in pom.xml.


Spec URL: http://in.waw.pl/~zbyszek/fedora/neurord.spec
SRPM URL: http://in.waw.pl/~zbyszek/fedora/neurord-3.0.0-6.20160412git97a41ab.fc25.src.rpm

Comment 20 gil cattaneo 2016-04-12 23:40:45 UTC
(In reply to Zbigniew Jędrzejewski-Szmek from comment #19)
> The license information is now specified in the README, and in the file that
> contains main(), src/main/java/neurord/StochDiff.java. As before the text of
> the license is specified in LICENSE and the license is specified in pom.xml.

You should (read must) ask upstream to add the headers of the license where they lack and add the references of that "bug" in the spec file

Comment 21 Zbigniew Jędrzejewski-Szmek 2016-04-13 01:46:30 UTC
I don't think that there's a requirement to have a license in every file. At least the guidelines don't say anything like that. The guidelines say that the license should be unambiguous, and I think in this case it is: there's a LICENSE file, the README and metadata files all say that the project is licensed under GPLv2+. Every java source file has a 'package neurord...' header that identifies it as part of this project. I don't think there's any ambiguity here.

Comment 22 Zbigniew Jędrzejewski-Szmek 2016-04-22 12:17:40 UTC
Any progress here? I'm waiting for your response.

Comment 23 gil cattaneo 2016-04-22 13:12:25 UTC
(In reply to Zbigniew Jędrzejewski-Szmek from comment #22)
> Any progress here? I'm waiting for your response.

I'm waiting for stating the problem to upstream and add the references of the "upstream bugs" to fix this issues

Comment 24 Zbigniew Jędrzejewski-Szmek 2016-04-22 13:18:49 UTC
Please see my comment #21, I believe it addresses your concerns. If I'm wrong, please point me at the place in the guidelines that requires a license header in every file.

Comment 25 Kevin Fenzi 2016-04-26 16:38:05 UTC
Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/rpms/neurord

Comment 26 Zbigniew Jędrzejewski-Szmek 2016-04-27 13:58:37 UTC
Thank you for the review.

Package built in rawhide.


Note You need to log in before you can comment on or make changes to this bug.