https://bugzilla.redhat.com/show_bug.cgi?id=1422555
Randy Barlow <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?([email protected]) --- Comment #9 from Randy Barlow <[email protected]> --- Excellent, that looks great. There is still one thing from my first review that hasn't been fixed and I also noticed one more thing upon looking more closely. These must both be fixed to be approved: [!] Package contains no bundled libraries without FPC exception. The package contains a subset of glibc in its gnu_regex folder. According to the packaging guidelines[0], you'll need to do a few things by my interpretation: * Try to get the package to work with Fedora's glibc. * If the above is not possible for some reason, you must: - Put Provides: bundled(glibc) = 2.10.1 into your spec file. - Publicly contact upstream to request that they provide a way to use system glibc. - Document the public outreach in your spec file. [!]: Development files must be in a -devel package This is the one I mentioned upon my first review. You need to add an arduino-ctags-devel package that has all the .h files, and installs them into %{_includedir}/arduino-ctags/. However, you should not include the glibc headers from the gnu_regex folder. You don't have to fix this in order to pass review, but I also recommend it: [!]: Patches link to upstream bugs/comments/lists or are otherwise justified. I recommend adding comments over your Patch0 and Patch1 lines that give a brief description of the patch, especially the CVE patch. It's a little surprising that the 5.8-11 release from November would not have a CVE from 2014 fixed. [0] https://fedoraproject.org/wiki/Packaging:Guidelines#Bundling_and_Duplication_of_system_libraries -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected]
