Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 220796 - Review Request: turba - horde contact manager
Summary: Review Request: turba - horde contact manager
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jason Tibbitts
QA Contact: Fedora Package Reviews List
URL:
Whiteboard:
Depends On: 189195
Blocks: FE-ACCEPT
TreeView+ depends on / blocked
 
Reported: 2006-12-27 03:42 UTC by Brandon Holbrook
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-12-29 05:10:26 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Brandon Holbrook 2006-12-27 03:42:58 UTC
Spec URL: http://theholbrooks.org/RPMS/turba.spec
SRPM URL: http://theholbrooks.org/RPMS/turba-2.1.3-1.src.rpm

Description:
Turba is the Horde contact management application, which allows access
to and storage of personal contacts (including name, email address,
phone number, and other easily customizable fields).  Turba integrates
with IMP (Horde's webmail application) as its address book.

The Horde Project writes web applications in PHP and releases them under
Open Source licenses.  For more information (including help with Turba)
please visit http://www.horde.org/.

Comment 1 Brandon Holbrook 2006-12-28 21:57:35 UTC
Spec URL: http://theholbrooks.org/RPMS/turba.spec
SRPM URL: http://theholbrooks.org/RPMS/turba-2.1.3-2.src.rpm

Fallout from the horde review: the symlink to /etc/horde/turba/ is now relative.

Comment 2 Jason Tibbitts 2006-12-29 02:10:55 UTC
First off, I think the License: tag is wrong.  It's certainly not GPL; the
Horde site lists it as "Apache-like".  In truth it is essentially the Apache
license, version 1.0, with some strings changed and the "some parts are public
domain" bit removed from the end.  It is obviously free.  It's also kind of
dumb; how can you distribute a bunch of scripts in binary form?

But in any case, can you change the license tag to "Apache Software License
v1"?  I see nothing else problematic with this package, so you can go ahead
and fix it when you check in.

Also, I note that a Perl dependency snuck in.  I don't suppose this hurts
anything, although the single script that uses it is not terribly useful.

As usual, I'll start with rpmlint, but these are getting repetetive so I'll
just post a summary.

E: turba htaccess-file /usr/share/horde/turba/lib/.htaccess
   And four more.  All are acceptable; these htaccess files are needed.

E: turba non-readable /etc/horde/turba/attributes.php 0660
   And ten more.
E: turba non-standard-dir-perm /etc/horde/turba 0770
   These are all necessary for security.

E: turba non-standard-gid /etc/horde/turba apache
   And twenty-three more.
   These are all necessary for security.

W: turba conffile-without-noreplace-flag /etc/horde/turba/attributes.php.dist
   And five more.
   These are distributed config files, and should not be marked %noreplace.

Review:
* source files match upstream:
   a0407717f3f64fb33f6a57e2244a12b4  turba-h3-2.1.3.tar.gz
* package meets naming and versioning guidelines.
* specfile is properly named, is cleanly written and uses macros consistently.
* dist tag is present.
* build root is correct.
X license field matches the actual license.
* license is open source-compatible.  License text included in package.
* latest version is being packaged.
* BuildRequires are proper.
* %clean is present.
* package builds in mock (development, x86_64).
* package installs properly
* rpmlint has only acceptable complaints.
* final provides and requires are sane:
   config(turba) = 2.1.3-2.fc7
   turba = 2.1.3-2.fc7
=
   /bin/sh
   /usr/bin/perl
   /usr/bin/php
   config(turba) = 2.1.3-2.fc7
   horde >= 3
   perl(Getopt::Std)
   php >= 4.3.0
* %check is not present; no test suite upstream.
* owns the directories it creates.
* doesn't own any directories it shouldn't.
* no duplicates in %files.
* file permissions are appropriate.
* locales are handled properly
* no scriptlets present.
* code, not content.
* documentation is small, so no -docs subpackage is necessary.
* %docs are not necessary for the proper functioning of the package.

APPROVED, provided you change the License: tag appropriately.


Comment 3 Brandon Holbrook 2006-12-29 05:10:26 UTC
Imported, Built
(http://buildsys.fedoraproject.org/logs/fedora-development-extras/24706-turba-2.1.3-2.fc7/),
Branch Requested

Incidentally, I changed the License: to "Apache Software License v1" as
instructed, but rpmlint complains about it.  Is there another abbreviation /
spelling that rpmlint likes better?  I suppose as long as us humans understand
what license I'm referring to it's not a big deal.

Comment 4 Jason Tibbitts 2006-12-29 05:43:30 UTC
Unfortunately rpmlint gets out of sync with things every so often.  The
packaging committee is working on cleaning up license specifications so that
there's at least a single way to specify each of the common licenses.  "Apache
Software License v1" is in the curent draft as the recommended string to use for
that license.

I expect that rpmlint will catch up only once we're done with the process and
have a full list of recommended license strings.



Note You need to log in before you can comment on or make changes to this bug.