854723 – (bat) Review Request: bat - Binary Analysis Tool

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 854723 (bat) - Review Request: bat - Binary Analysis Tool

Summary: Review Request: bat - Binary Analysis Tool

Keywords:
Status:	CLOSED NOTABUG
Alias:	bat
Product:	Fedora
Classification:	Fedora
Component:	Package Review
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Björn 'besser82' Esser
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:	bat-extratools bat-extratools-java
Blocks:	FE-NEEDSPONSOR FE-SECLAB
TreeView+	depends on / blocked

Reported:	2012-09-05 16:43 UTC by Wei-Lun Chao
Modified:	2018-01-19 03:21 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-01-19 03:21:49 UTC
Type:	Bug
Embargoed:
Dependent Products:
Flags:	besser82: fedora-review?

Attachments	(Terms of Use)

Description Wei-Lun Chao 2012-09-05 16:43:36 UTC

SPEC URL: https://api.opensuse.org/public/source/home:bluebat/bat/bat.spec
SRPM URL: http://download.opensuse.org/repositories/home:/bluebat/Fedora_17/src/bat-8.0-2.1.src.rpm
Description:
The Binary Analysis Tool is a modular framework that assists with auditing the contents of compiled software. It makes it easier and cheaper to look inside technology, and this helps compliance and due diligence activities.

The tool is freely available to everyone. The community can use it and participate in further development, and work together to help reduce errors when shipping devices or products containing Free and Open Source Software.

Comment 1 Fabian Affolter 2012-09-25 11:47:45 UTC

Please read the packaging guidelines for Fedora [1]. E.g. 'vendor' is not needed, %defattr is the default, avoid INSTALLED_FILES.

[1] https://fedoraproject.org/wiki/Packaging:Guidelines

Comment 2 Wei-Lun Chao 2012-10-17 14:15:52 UTC

New package made.
SPEC URL: https://api.opensuse.org/public/source/home:bluebat/bat/bat.spec
SRPM URL: http://download.opensuse.org/repositories/home:/bluebat/Fedora_17/src/bat-8.0-5.1.src.rpm

Comment 3 Fabian Affolter 2012-10-21 10:25:06 UTC

Just some more comments...

- One requirement per line would it make much easier to review than a comma-separated list
- unrar is only available in RPM Fusion but not in Fedora.
- Source0 should point to the upstream location of the tarball. If it's a scm checkout, add a comment about how the tarball was created.
- BR for python is missing 
  https://fedoraproject.org/wiki/Packaging:Python
- If you don't intent to maintain this package for EPEL5 please remove the obsolete stuff.

Comment 4 Wei-Lun Chao 2012-11-23 16:09:42 UTC

Thanks! New package made:
SPEC URL: https://api.opensuse.org/public/source/home:bluebat/bat/bat.spec
SRPM URL: http://download.opensuse.org/repositories/home:/bluebat/Fedora_17/src/bat-9.0-4.1.src.rpm

Comment 5 Fabian Affolter 2013-05-06 09:21:06 UTC

The latest release is 13.0. Do you why upstream doesn't provide a tarball?

Comment 6 Wei-Lun Chao 2013-05-08 05:38:02 UTC

After contacting with upstream again, the tarball is provided now.
SPEC URL: https://api.opensuse.org/public/source/home:bluebat/bat/bat.spec
SRPM URL: http://download.opensuse.org/repositories/home:/bluebat/Fedora_18/src/bat-13.0-3.1.src.rpm

Comment 7 Wei-Lun Chao 2013-05-15 17:22:47 UTC

Updated to 14.0
SPEC URL: https://api.opensuse.org/public/source/home:bluebat/bat/bat.spec
SRPM URL: http://download.opensuse.org/repositories/home:/bluebat/Fedora_18/src/bat-14.0-1.1.src.rpm

Comment 8 Fabian Affolter 2013-08-15 06:47:57 UTC

Updated links:

SPEC URL: https://api.opensuse.org/public/source/home:bluebat/bat/bat.spec
SRPM URL: http://download.opensuse.org/repositories/home:/bluebat/Fedora_19/src/bat-14.0-1.1.src.rpm

Comment 9 Christopher Meng 2013-08-15 07:07:22 UTC

Requires: python-magic
Requires: binutils
Requires: e2fsprogs
Requires: e2tools
Requires: squashfs-tools
Requires: fuse
Requires: coreutils
Requires: module-init-tools
Requires: gzip
Requires: xz
Requires: xz-lzma-compat
Requires: zip
Requires: cabextract
Requires: unshield
Requires: p7zip
Requires: cpio
Requires: tar
Requires: bzip2
Requires: mtd-utils
Requires: mtd-utils-ubi
Requires: lzip
Requires: lzop
Requires: fuseiso
Requires: arj
Requires: giflib-utils
Requires: gd-progs
Requires: icoutils
Requires: rpm
Requires: rpm-python
Requires: gettext
Requires: PyXML
Requires: upx
Requires: poppler-utils
Requires: netpbm-progs
Requires: libxml2
Requires: lrzip
Requires: ncompress
Requires: python-imaging
Requires: vorbis-tools
Requires: eot-utils
Requires: libmp4v2
Requires: wxPython
Requires: ctags
Requires: python-matplotlib

Please check and remove unneeded ones.

I don't think it needs so many dependencies. For example rpm*.

And please check if it can work well with python-imaging aka python-pillow due to:

https://fedoraproject.org/wiki/Features/Pillow

Thanks.

Comment 10 Fabian Affolter 2013-08-15 07:25:41 UTC

Some more comments:

- The BR for python should be 'BR: python2-devel'
- The license tag is wrong, ASL 2.0 is the right one
- There are two different SPEC files. The one in the SRPM is not the same as the one you provide. At least different 'Release' tag.
- Check the rpmlint output:

$ rpmlint bat-14.0-1.1.src.rpm 
bat.src: W: invalid-license Apache 2.0
bat.src: W: invalid-url DistURL obs://build.opensuse.org/home:bluebat/Fedora_19/0624bc1a1dddc024b08c4f9309b83a50-bat
bat.src: E: unknown-key GPG#17a4ea30
1 packages and 0 specfiles checked; 1 errors, 2 warnings.

$ rpmlint bat-14.0-1.1.noarch.rpm 
bat.noarch: E: explicit-lib-dependency libmp4v2
bat.noarch: E: explicit-lib-dependency libxml2
bat.noarch: E: explicit-lib-dependency python-matplotlib
bat.noarch: W: incoherent-version-in-changelog 14.0-1 ['14.0-1.1', '14.0-1.1']
bat.noarch: W: invalid-license Apache 2.0
bat.noarch: W: non-conffile-in-etc /etc/bat/configs/1.7.4-config
bat.noarch: W: non-conffile-in-etc /etc/bat/configs/1.00-config
bat.noarch: W: non-conffile-in-etc /etc/bat/configs/1.2.1-config
[snip]
bat.noarch: W: no-manual-page-for-binary bruteforce.py
1 packages and 0 specfiles checked; 30 errors, 105 warnings.

- Are you still looking for a sponsor?
  https://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group

Comment 11 Wei-Lun Chao 2013-08-19 16:34:35 UTC

Thanks for your comments. I will check them and try to make the package better.

The Build Service from OpenSUSE will modify the Release: tag automatically.
Is there a better place to put SPEC/SRPMs ?

I am still looking for a sponsor and plan to make few more Review Requests.

Comment 12 Christopher Meng 2013-08-20 07:36:44 UTC

(In reply to Wei-Lun Chao from comment #11)
> Thanks for your comments. I will check them and try to make the package
> better.
> 
> The Build Service from OpenSUSE will modify the Release: tag automatically.
> Is there a better place to put SPEC/SRPMs ?

Is there a reason to use OBS?

Comment 13 Wei-Lun Chao 2013-08-21 15:12:03 UTC

(In reply to Christopher Meng from comment #12)
> Is there a reason to use OBS?

nothing special...
I thought that only sponsored packager can use build services from Fedora.
Is it not true or there is another better place to put SPEC/SRPMs ?

Comment 14 Michael Schwendt 2013-08-31 08:36:37 UTC

https://fedoraproject.org/wiki/Join_the_package_collection_maintainers

Comment 15 Wei-Lun Chao 2013-09-11 04:31:16 UTC

Thanks! I have just learned how to use koji and fedorapeople.

http://koji.fedoraproject.org/koji/taskinfo?taskID=5921462
SPEC URL: http://bluebat.fedorapeople.org/bat.spec
SRPM URL: http://bluebat.fedorapeople.org/bat-14.0-2.fc19.src.rpm

Comment 16 Christopher Meng 2013-09-11 04:46:46 UTC

%{_sysconfdir}/bat is bad.

You should define every conf file is %config(noreplace), just use %{_sysconfdir}/bat to include them is not enough.

Should be(prototype):

%dir %{_sysconfdir}/bat --> OR %dir %{_sysconfdir}/%{name}, up to you ;)
%config(noreplace) %{_sysconfdir}/bat/a.conf
%config(noreplace) %{_sysconfdir}/bat/b.conf
%config(noreplace) %{_sysconfdir}/bat/c.conf
         .                      .           
         .                      .           
         .                      .           
         .                      .           
         .                      .           
         .                      .           
         .                      .           
%config(noreplace) %{_sysconfdir}/bat/n.conf

===========

BuildRequires: python is wrong, should be:

BuildRequires: python2-devel

And missing BuildRequires: python-setuptools

Comment 17 Björn 'besser82' Esser 2013-10-19 09:36:49 UTC

taken  ;)

Is there an updated version, yet?

Comment 18 Björn 'besser82' Esser 2013-10-20 08:17:43 UTC

Please update to the most recent v15.0, too.

btw.  Apart from the bat package you will also need to install the bat-extratools and bat-extratools-java packages.  Did you package them, too?  Can you provide the corresponding review-bugs, please?

Comment 19 Björn 'besser82' Esser 2013-10-20 08:19:52 UTC

(In reply to Björn "besser82" Esser from comment #18)
> btw.  Apart from the bat package you will also need to install the
> bat-extratools and bat-extratools-java packages.  Did you package them, too?
> Can you provide the corresponding review-bugs, please?

Sorry, didn't notice them already in Depends of this bug...

Comment 20 Wei-Lun Chao 2013-10-21 05:30:04 UTC

http://koji.fedoraproject.org/koji/taskinfo?taskID=6082498
SPEC URL: http://bluebat.fedorapeople.org/bat/bat.spec
SRPM URL: http://bluebat.fedorapeople.org/bat/bat-15.0-1.fc19.src.rpm

Comment 21 Wei-Lun Chao 2014-08-26 10:02:07 UTC

http://koji.fedoraproject.org/koji/taskinfo?taskID=7449928
SPEC URL: http://bluebat.fedorapeople.org/bat/bat.spec
SRPM URL: http://bluebat.fedorapeople.org/bat/bat-19.0-1.fc20.src.rpm

Comment 22 Wei-Lun Chao 2015-04-02 05:57:30 UTC

http://koji.fedoraproject.org/koji/taskinfo?taskID=9397728
SPEC URL: http://bluebat.fedorapeople.org/ppa/bat.spec
SRPM URL: http://bluebat.fedorapeople.org/ppa/bat-20.0-1.fc21.src.rpm

Contacted with upstream and still requires unrar :(

Comment 23 Wei-Lun Chao 2015-06-02 09:51:00 UTC

http://koji.fedoraproject.org/koji/taskinfo?taskID=9915459
SPEC URL: http://bluebat.fedorapeople.org/ppa/bat.spec
SRPM URL: http://bluebat.fedorapeople.org/ppa/bat-22.0-1.fc21.src.rpm

Still require unrar.

Comment 24 Wei-Lun Chao 2018-01-19 03:21:49 UTC

https://github.com/armijnhemel/binaryanalysis
Upstream no longer maintained.

Note You need to log in before you can comment on or make changes to this bug.