Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 168580 - Review Request: perl-Crypt-DES
Summary: Review Request: perl-Crypt-DES
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Paul Howarth
QA Contact: David Lawrence
URL: http://search.cpan.org/dist/Crypt-DES/
Whiteboard:
Depends On:
Blocks: FE-ACCEPT 168583 175281
TreeView+ depends on / blocked
 
Reported: 2005-09-17 15:17 UTC by Steven Pritchard
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-02-03 02:41:33 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Steven Pritchard 2005-09-17 15:17:57 UTC
Spec Name or Url: http://ftp.kspei.com/pub/steve/rpms/perl-Crypt-DES/
SRPM Name or Url: http://ftp.kspei.com/pub/steve/rpms/perl-Crypt-DES-2.03-2.src.rpm
Description: DES encryption module.

Comment 1 Steven Pritchard 2005-09-17 15:33:10 UTC
I should note that the license on this is not a standard open-source license,
but it looks BSD-ish to me.

Comment 2 Paul Howarth 2005-10-10 10:17:06 UTC
Review:

- rpmlint nearly clean; see below
- package and spec naming OK
- package meets guidelines
- license looks BSD-ish to me but see below
- license text included in package
- spec file written in English and is legible
- sources match upstream
- package builds OK in FC4 and in mock for rawhide (i386)
- BR's OK
- no locales, libraries, subpackages or pkgconfigs to worry about
- not relocatable
- no unowned directories or file permission problems
- no duplicate files
- %clean section present and correct
- macro usage is consistent
- no large docs, docs don't affect runtime
- code, not content
- no desktop entry needed
- no scriptlets

Queries:

- I don't think the rpath-fixing editing out of LD_RUN_PATH from the Makefile
  is necessary for Fedora Extras packages (not since FC2 according to
  http://koti.welho.com/vskytta/packagers-handbook/packagers-handbook.html)

- Why the manual dep on perl(Crypt::CBC)? I can understand the BuildRequire
  for this (needed for the test suite), but not the runtime dep.

- License looks BSD-ish to me too, but I'm not a licensing expert and would
  appreciate it if someone more knowledgable on this gave it a look. You can
  shut rpmlint up by changing the License: tag to "BSD-style".

- Why not use:
  %{perl_vendorarch}/auto/Crypt/
  rather than:
  %{perl_vendorarch}/auto/
  in the files list?


Comment 3 Ed Hill 2005-12-13 16:11:22 UTC
Hi Paul, I agree that the license may be problematic.  I think everything 
about the license is OK (doesn't voilate any Fedora guidelines) except the 
part about advertising:

  "3. All advertising materials mentioning features or use of this 
      software must display the following acknowledgement:
      This product includes software developed by Systemics Ltd 
      (http://www.systemics.com/)"

which is annoying.  The key question seems to be: would simply listing 
this package in a Fedora Extras repository constitute "advertisement" 
and thus trigger the clause above?  I think not, but IANAL.  Or would 
listing this package as part of a Fedora release notes trigger the 
clause?  Maybe or maybe not.

This really ought to be reviewed by Fedora legal or perhaps the SC.  
Could you please contact them?

Comment 4 Ed Hill 2005-12-13 19:16:17 UTC
Wait, I've made a silly mistake!  Please ignore comment #3 above.  I'm now 
quite certain that the license is OK and heres the logic:

1) comparing them line-by-line, its obviously the "original BSD license" as
   described at:
   http://www.gnu.org/philosophy/license-list.html#GPLIncompatibleLicenses
2) according to http://fedoraproject.org/wiki/PackagingGuidelines#Legal
   the original BSD is clearly one of the OK licenses for Fedora Extras


Comment 5 Paul Howarth 2006-01-04 16:59:08 UTC
Ping Steven; this package is holding up a few others that depend on it...

Comment 6 Paul Howarth 2006-01-26 22:49:49 UTC
This one's nearly ready to go, and is a dep of some other packages just imported
into CVS; I'm just waiting on responses to comment #2 ...

Comment 7 Steven Pritchard 2006-02-02 14:50:41 UTC
http://ftp.kspei.com/pub/steve/rpms/perl-Crypt-DES-2.05-1.src.rpm

* Thu Feb 02 2006 Steven Pritchard <steve> 2.05-1
- Update to 2.05.
- Drop explicit Requires: perl(Crypt::CBC).
- LD_RUN_PATH hack shouldn't be needed now.
- Trim file list a bit.
- License is BSD, more or less.


Comment 8 Paul Howarth 2006-02-02 16:08:24 UTC
OK:

- still rpmlint clean
- package builds OK in mock for FC5 (i386)
- all queries raised in Comment #2 now addressed

Approved.


Note You need to log in before you can comment on or make changes to this bug.