Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at
Bug 1444518 - Review Request: libcoap - C library implementation of CoAP
Summary: Review Request: libcoap - C library implementation of CoAP
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Jared Smith
QA Contact: Fedora Extras Quality Assurance
Depends On:
Blocks: IoT
TreeView+ depends on / blocked
Reported: 2017-04-21 13:53 UTC by Peter Robinson
Modified: 2019-02-10 10:08 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2019-02-10 10:08:23 UTC
Type: Bug
pbrobinson: fedora-review?

Attachments (Terms of Use)

Description Peter Robinson 2017-04-21 13:53:22 UTC

The Constrained Application Protocol (CoAP) is a specialized web transfer 
protocol for use with constrained nodes and constrained networks in the Internet 
of Things. The protocol is designed for machine-to-machine (M2M) applications 
such as smart energy and building automation.

libcoap implements a lightweight application-protocol for devices with 
constrained resources such as computing power, RF range, memory, bandwidth,
or network packet sizes. This protocol, CoAP, was standardized in the IETF
working group "CoRE" as RFC 7252.


Comment 1 Artur Frenszek-Iwicki 2017-04-24 21:20:49 UTC
I am not a packager, so this is not an official review.

I noticed the %files section uses
> %{_datadir}/man/man5/coap*.gz
The wiki page says you should not assume that gzip is used, and use a pattern which reflects that. Also, you may use %{_mandir} instead of %{_datadir}/man.

As a minor note, the %descriptions for -devel and -docs use the %{name} macro, whereas the -utils subpackage uses a bare string.

Comment 2 Michael Schwendt 2017-04-28 09:23:18 UTC
> %package  docs
> Summary:  Documentation package for %{name}
> Requires: %{name}%{?_isa} = %{version}-%{release}
> BuildArch: noarch

Please don't do that. 

Really keep documentation packages free of superfluous dependencies, so they can be installed without pulling in an unknown chain of stuff that is _not_ needed to view the documentation.

Also, if you make it "noarch", adding an arch-specific Requires won't work reliably, since the noarch build may be created on any build host.

Finally, the packaging guidelines still recommend -doc not -docs:

Comment 3 Peter Robinson 2017-04-28 12:22:54 UTC
All of the above fixed locally, won't push new version up until a proper review

Comment 4 Peter Robinson 2017-07-01 14:10:54 UTC
SPEC: as above

Comment 6 Joe Orton 2018-11-08 11:43:13 UTC
Minor nit, passing --disable-static to configure rather than throwing away the .a files afterwards looks cleaner.

rpmlint picks up License: and a few other trivialities

I think the License: tag should just be "BSD" since the LICENSE text is a 2-clause BSD and there is no code included here under the OpenSSL license. The fact that it links to OpenSSL does need to be mentioned in License.

libcoap-doc.noarch: W: invalid-license BSD + OpenSSL
libcoap-doc.noarch: W: invalid-url URL: Remote end closed connection without response
libcoap-doc.noarch: W: file-not-utf8 /usr/share/doc/libcoap/AUTHORS
libcoap.x86_64: W: incoherent-version-in-changelog 4.2.0-0.1-rc2 ['4.2.0-0.1.rc2.fc29', '4.2.0-0.1.rc2']
libcoap.x86_64: W: invalid-license BSD + OpenSSL
libcoap.x86_64: W: invalid-url URL: Remote end closed connection without response
libcoap.x86_64: W: shared-lib-calls-exit /usr/lib64/ exit.5
libcoap.x86_64: W: crypto-policy-non-compliance-openssl /usr/lib64/ SSL_CTX_set_cipher_list
libcoap.x86_64: W: file-not-utf8 /usr/share/doc/libcoap/AUTHORS
libcoap-devel.x86_64: W: invalid-license BSD + OpenSSL
libcoap-devel.x86_64: W: invalid-url URL: Remote end closed connection without response
libcoap-utils.x86_64: W: invalid-license BSD + OpenSSL
libcoap-utils.x86_64: W: invalid-url URL: Remote end closed connection without response
libcoap-utils-debuginfo.x86_64: W: invalid-license BSD + OpenSSL
libcoap-utils-debuginfo.x86_64: W: invalid-url URL: Remote end closed connection without response
7 packages and 0 specfiles checked; 0 errors, 19 warnings.

Comment 8 Jared Smith 2019-02-09 20:25:35 UTC
I have reviewed this package, and it needs a couple of minor fixups, but is otherwise APPROVED.  The package follows the Fedora Packaging Guidelines, and is under a proper license.

Please consider applying the following changes before pushing the package to Fedora:

--- libcoap.spec.orig	2019-02-09 15:14:46.030448525 -0500
+++ libcoap.spec	2019-02-09 15:20:15.054881402 -0500
@@ -6,9 +6,9 @@
 Summary:  C library implementation of CoAP
 # If build against gnutls the license is BSD + LGPL 2.1
-License:  BSD + OpenSSL
+License:  BSD
 BuildRequires: autoconf
 BuildRequires: automake
@@ -94,7 +94,7 @@
-* Sat Feb  9 2019 Peter Robinson <pbrobinson> 4.2.0-0.1-rc4
+* Sat Feb  9 2019 Peter Robinson <pbrobinson> 4.2.0-0.1.rc4
 - Update to 4.2.0 rc4
 * Sat Jul  1 2017 Peter Robinson <pbrobinson> 4.1.2-2

Comment 9 Igor Raits 2019-02-10 09:03:06 UTC
(fedscm-admin):  The Pagure repository was created at

Comment 10 Peter Robinson 2019-02-10 10:08:23 UTC
Thanks for the review

Note You need to log in before you can comment on or make changes to this bug.