https://bugzilla.redhat.com/show_bug.cgi?id=2467057
Jonathan Steffan <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Jonathan Steffan <[email protected]> --- Always fun licensing things. Issues: ======= - The License field has a syntax error: duplicate "AND AND" between Python-2.0 and 0BSD. The field must be corrected to remove the extra operator. Suggested fix: replace the double AND with a single AND, and add the missing Apache-2.0 (see next issue). See: https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_1 - Apache-2.0 is missing from the License field. Multiple bundled dependencies carry the Apache-2.0 license including @aws-sdk/*, @smithy/*, @anthropic-ai/sdk, and @google/genai. It is listed in bundled-licenses.txt as both "Apache 2.0" and "Apache-2.0" but does not appear in the spec License: field at all. Suggested License field (correcting both issues): MIT AND (MIT AND Zlib) AND (MIT OR CC0-1.0) AND (MIT OR GPL-3.0-or-later) AND Apache-2.0 AND MPL-2.0 AND Python-2.0 AND 0BSD AND BSD-2-Clause AND BSD-3-Clause AND ISC AND BlueOak-1.0.0 AND CC-BY-SA-4.0 AND CC0-1.0 - rpmlint flags Python-2.0 as invalid-license. Python-2.0 is a valid SPDX identifier (Python Software Foundation License 2.0) and is approved for Fedora. The spec contains good inline justification for why argparse uses Python-2.0. This may be a gap in rpmlint's allowlist; packager should verify Python-2.0 is recognized by the current rpmlint/fedora-spdx-licenses configuration. - rpmlint reports 3 spelling errors (E:) for "macOS" and "iMessage" in %description. These are proper product names, not misspellings. Packager must add an rpmlintrc entry to suppress these or reword the description. Example rpmlintrc addition: addFilter("spelling-error.*macOS") addFilter("spelling-error.*iMessage") - Note: The auto-generated issue about "LICENSE.txt not marked as %license" is a false positive. The installed file is LICENSE (no .txt suffix) and it is correctly listed as %license in the spec. ===== MUST items ===== Generic: [!]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. Note: License field has two defects that must be corrected before approval: (1) duplicate "AND AND" operator creating an invalid SPDX expression, and (2) Apache-2.0 is missing despite being present in many bundled dependencies (@aws-sdk/*, @smithy/*, @anthropic-ai/sdk, etc. per license-checker.txt). All other declared licenses (MIT, BSD-2-Clause, BSD-3-Clause, ISC, MPL-2.0, 0BSD, BlueOak-1.0.0, CC0-1.0, CC-BY-SA-4.0, Python-2.0) appear consistent with the source. CC-BY-SA-4.0 appears only in protobufjs/README.md (documentation) and package.json metadata — acceptable per Fedora guidelines. BlueOak-1.0.0 is a valid SPDX identifier for a permissive license. [!]: License field in the package spec file matches the actual license. Note: See above. After fixing the AND AND syntax error and adding Apache-2.0, the License field will match the actual licenses found in the package. The spec contains thorough inline comments explaining the oddball detections (argparse/Python-2.0, jszip/X11, fast-uri/BSD-2-Clause, pdfjs-dist/SIL fonts removed). These explanations are accurate and well-documented. licensecheck found "Unknown or generated" for 55191 files; these are generated JS/TS build artifacts and minified code, which is expected for a bundled npm application. [x]: If the package is under multiple licenses, the licensing breakdown must be documented in the spec. Note: Source2 (openclaw-2026.5.4-bundled-licenses.txt) provides a full per-dependency license breakdown generated by nodejs license-checker. It is included in %license and installed with the package. The spec also contains inline comments (lines 10-44) explaining non-obvious license detections. Bundled-licenses.txt should be regenerated after adding Apache-2.0 to the License field to ensure consistency. [x]: Package contains no bundled libraries or specifies bundled libraries with Provides: bundled(<libname>) if unbundling is not possible. Note: The package bundles approximately 200+ Node.js packages. All are declared with Provides: bundled(nodejs-<name>) in the spec. Unbundling is not feasible for this npm application given the complex dependency graph and dev/prod dependency separation issues (workspace: protocol prevents standard npm bundler from working with dev deps). This is consistent with current Fedora Node.js packaging practice for applications. [x]: Changelog in prescribed format. Note: Uses %autochangelog — correct. [x]: Sources contain only permissible code or content. Note: Reviewed the spec comments on license oddities. All flagged cases have reasonable explanations. The SIL Open Font License content in pdfjs-dist was removed in %prep (all font files deleted). No GPLv2-only or other problematic licenses detected. [-]: Package contains desktop file if it is a GUI application. Note: Not applicable — openclaw is a CLI/server application with no GUI. [-]: Development files must be in a -devel package Note: Not applicable — this is an end-user application, not a library. No headers or development files are installed. [x]: Package uses nothing in %doc for runtime. Note: Only README.md is in %doc. It is not referenced by any runtime code. [x]: Package consistently uses macros (instead of hard-coded directory names). Note: Spec uses %{nodejs_sitelib}, %{_bindir}, %{npm_name}, %{version} throughout. No hard-coded paths found. [x]: Package is named according to the Package Naming Guidelines. Note: Name "openclaw" matches the npm package name. All lowercase ASCII, no forbidden characters. [x]: Package does not generate any conflict. Note: No Conflicts: lines in spec. Provides: are all bundled() namespaced or npm() namespaced, unlikely to conflict with system packages. [x]: Package obeys FHS, except libexecdir and /usr/target. Note: Binary at /usr/bin/openclaw (symlink). Application in /usr/lib/node_modules/openclaw/ — this is the standard Fedora location for system-installed Node.js packages (nodejs_sitelib). [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. Note: Not applicable — new package. [x]: Requires correct, justified where necessary. Note: Explicit Requires: nodejs is correct. Auto-detected Requires on /usr/bin/python3, /usr/bin/bash, and /usr/bin/sh are legitimate — the skills/ directory contains Python scripts (skills/skill-creator/scripts/*.py with #!/usr/bin/python3 shebangs) and shell scripts (skills/*/scripts/*.sh) that are runtime user-facing tools. These implicit requirements are correct. Adding explicit Requires: python3 and Requires: bash would be cleaner but is not required since RPM auto-detects them. [x]: Spec file is legible and written in American English. Note: Spec is clear and well-commented. The rpmlint spelling errors for "macOS" and "iMessage" are false positives (proper nouns); they must be suppressed via rpmlintrc, but the spec English is otherwise correct. [-]: Package contains systemd file(s) if in need. Note: Not applicable — openclaw is a user-space application, not a system service. No systemd unit files are needed. [x]: Package is not known to require an ExcludeArch tag. Note: ExclusiveArch: x86_64 aarch64 is appropriate. Although BuildArch is noarch, the package bundles native Node.js addons (@lydell/node-pty, node-gyp-build, web-tree-sitter, @silvia-odwyer/photon-node) that only support x86_64 and aarch64. The noarch+ExclusiveArch combination is correct per Fedora Node.js bundling guidance. A spec comment explaining this would be helpful. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 86,230 bytes in 1 file (README.md). Well under the 1MB threshold. No -doc subpackage needed. [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). The 3 errors and 9 warnings are addressed in the Issues section above. The 204,064 filtered messages reflect the large number of bundled files being silently accepted. [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. Note: The spec explicitly sets executable permissions on appropriate scripts and removes execute permissions from package.json files that had them incorrectly set upstream. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [x]: Avoid bundling fonts in non-fonts packages. Note: The spec removes all font files in %prep: find . -name '*.ttf' -type f -print0 | xargs -0 rm -rf Verified: no .ttf, .woff, .woff2, .otf, or .eot files remain in the installed package. The fedora-review automated note about "Package contains font files" is a false positive based on pre-removal state. The spec comment about removing pdfjs-dist's SIL-licensed fonts is accurate. [x]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. Note: The main package LICENSE file is present and marked %license. Bundled dependencies each include their own LICENSE files under node_modules_prod/*/LICENSE. Not evaluated whether all upstreams ship license texts separately; the bundled-licenses.txt provides a good summary. [x]: Final provides and requires are sane (see attachments). Note: The ~200 bundled() Provides are all correctly namespaced. The npm(openclaw) Provide is correct. Requires are minimal and accurate (nodejs, python3 implicit, bash implicit). [?]: Package functions as described. Note: Not tested — would require AI provider API keys and a messaging platform account to exercise the full functionality. Build and install verified; the openclaw binary symlink resolves correctly. [!]: Latest version is packaged. Note: Version 2026.5.7 is available. [x]: Package does not include license text files separate from upstream. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: No gpgverify in %prep. The sources are npm-packed tarballs; npm packages are not typically signed with GPG. Packager should check whether the npm registry provides package signatures or checksums that can be verified. [!]: %check is present and all tests pass. Note: No %check section. This is expected for an npm application package where dev dependencies (required for tests) are not bundled — the spec notes that workspace: protocol prevents including dev deps in the bundled tarball. Packager should document this limitation in a spec comment and consider whether any basic smoke tests could be run without dev deps. [x]: Packages should try to preserve timestamps of original installed files. Note: The install uses cp -pr which preserves timestamps. dos2unix may modify timestamps on the one file it processes; this is acceptable. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: SourceX is a working URL. Note: Source0 and Source1 are local filenames (npm pack workflow), which triggers invalid-url rpmlint warnings. The spec comments explain the generation commands ("npm pack openclaw@<version>" and "nodejs-packaging-bundler openclaw <version>"). Ideally Source0 would reference the npm registry URL: https://registry.npmjs.org/openclaw/-/openclaw-%%{version}.tgz Packager should add a proper URL for at least Source0 if npm registry is the canonical upstream source. The URL: field points to GitHub which is appropriate. [x]: Package should compile and build into binary rpms on all supported architectures. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). Rpmlint ------- Checking: openclaw-2026.5.4-1.fc45.noarch.rpm openclaw-2026.5.4-1.fc45.src.rpm ============================ rpmlint session starts ============================ rpmlint: 2.8.0 configuration: /usr/lib/python3.14/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml rpmlintrc: [PosixPath('/tmp/tmpu380ta3s')] checks: 32, packages: 2 openclaw.noarch: E: spelling-error ('macOS', '%description -l en_US macOS -> ma Cos, mac OS, mac-OS') openclaw.src: E: spelling-error ('macOS', '%description -l en_US macOS -> ma Cos, mac OS, mac-OS') openclaw.src: E: spelling-error ('iMessage', '%description -l en_US iMessage -> i Message, message, dressage') openclaw.noarch: W: only-non-binary-in-usr-lib openclaw.noarch: W: no-manual-page-for-binary openclaw openclaw.spec: W: no-%check-section openclaw.spec: W: invalid-url Source0: openclaw-2026.5.4.tgz openclaw.spec: W: invalid-url Source1: openclaw-2026.5.4-nm-prod.tgz openclaw.noarch: W: invalid-license Python-2.0 openclaw.noarch: W: invalid-license AND 0BSD openclaw.src: W: invalid-license Python-2.0 openclaw.src: W: invalid-license AND 0BSD 2 packages and 0 specfiles checked; 3 errors, 9 warnings, 204064 filtered, 3 badness; has taken 72.6 s Rpmlint notes: - E: spelling-error macOS, iMessage — proper nouns; add rpmlintrc suppressions - W: only-non-binary-in-usr-lib — expected for Node.js packages at nodejs_sitelib - W: no-manual-page-for-binary openclaw — SHOULD item; recommend upstream adds one - W: no-%check-section — SHOULD item; dev deps unavailable, documented above - W: invalid-url Source0/Source1 — local npm pack tarballs; add registry URLs - W: invalid-license Python-2.0 — valid SPDX; may be missing from rpmlint allowlist - W: invalid-license AND 0BSD — consequence of AND AND syntax error in License field Rpmlint (installed packages) ---------------------------- ============================ rpmlint session starts ============================ rpmlint: 2.9.0 configuration: /usr/lib/python3.14/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 32, packages: 1 openclaw.noarch: W: only-non-binary-in-usr-lib openclaw.noarch: W: no-manual-page-for-binary openclaw openclaw.noarch: W: invalid-license Python-2.0 openclaw.noarch: W: invalid-license AND 0BSD 1 packages and 0 specfiles checked; 0 errors, 4 warnings, 204060 filtered, 0 badness; has taken 88.8 s Requires -------- openclaw (rpmlib, GLIBC filtered): /usr/bin/bash /usr/bin/node /usr/bin/python3 /usr/bin/sh nodejs nodejs(engine) Provides -------- openclaw: bundled(nodejs-@agentclientprotocol/sdk) bundled(nodejs-@anthropic-ai/sdk) bundled(nodejs-@anthropic-ai/vertex-sdk) bundled(nodejs-@aws-crypto/crc32) bundled(nodejs-@aws-crypto/sha256-browser) bundled(nodejs-@aws-crypto/sha256-js) bundled(nodejs-@aws-crypto/supports-web-crypto) bundled(nodejs-@aws-crypto/util) bundled(nodejs-@aws-sdk/client-bedrock) bundled(nodejs-@aws-sdk/client-bedrock-runtime) bundled(nodejs-@aws-sdk/client-cognito-identity) bundled(nodejs-@aws-sdk/core) bundled(nodejs-@aws-sdk/credential-provider-cognito-identity) bundled(nodejs-@aws-sdk/credential-provider-env) bundled(nodejs-@aws-sdk/credential-provider-http) bundled(nodejs-@aws-sdk/credential-provider-ini) bundled(nodejs-@aws-sdk/credential-provider-login) bundled(nodejs-@aws-sdk/credential-provider-node) bundled(nodejs-@aws-sdk/credential-provider-process) bundled(nodejs-@aws-sdk/credential-provider-sso) bundled(nodejs-@aws-sdk/credential-provider-web-identity) bundled(nodejs-@aws-sdk/credential-providers) bundled(nodejs-@aws-sdk/eventstream-handler-node) bundled(nodejs-@aws-sdk/middleware-eventstream) bundled(nodejs-@aws-sdk/middleware-host-header) bundled(nodejs-@aws-sdk/middleware-logger) bundled(nodejs-@aws-sdk/middleware-recursion-detection) bundled(nodejs-@aws-sdk/middleware-sdk-s3) bundled(nodejs-@aws-sdk/middleware-user-agent) bundled(nodejs-@aws-sdk/middleware-websocket) bundled(nodejs-@aws-sdk/nested-clients) bundled(nodejs-@aws-sdk/region-config-resolver) bundled(nodejs-@aws-sdk/signature-v4-multi-region) bundled(nodejs-@aws-sdk/token-providers) bundled(nodejs-@aws-sdk/types) bundled(nodejs-@aws-sdk/util-arn-parser) bundled(nodejs-@aws-sdk/util-endpoints) bundled(nodejs-@aws-sdk/util-format-url) bundled(nodejs-@aws-sdk/util-locate-window) bundled(nodejs-@aws-sdk/util-user-agent-browser) bundled(nodejs-@aws-sdk/util-user-agent-node) bundled(nodejs-@aws-sdk/xml-builder) bundled(nodejs-@aws/bedrock-token-generator) bundled(nodejs-@aws/lambda-invoke-store) bundled(nodejs-@babel/runtime) bundled(nodejs-@borewit/text-codec) bundled(nodejs-@clack/core) bundled(nodejs-@clack/prompts) bundled(nodejs-@google/genai) bundled(nodejs-@grammyjs/runner) bundled(nodejs-@grammyjs/transformer-throttler) bundled(nodejs-@grammyjs/types) bundled(nodejs-@homebridge/ciao) bundled(nodejs-@hono/node-server) bundled(nodejs-@isaacs/fs-minipass) bundled(nodejs-@lydell/node-pty) bundled(nodejs-@mariozechner/jiti) bundled(nodejs-@mariozechner/pi-agent-core) bundled(nodejs-@mariozechner/pi-ai) bundled(nodejs-@mariozechner/pi-coding-agent) bundled(nodejs-@mariozechner/pi-tui) bundled(nodejs-@mistralai/mistralai) bundled(nodejs-@modelcontextprotocol/sdk) bundled(nodejs-@mozilla/readability) bundled(nodejs-@nodable/entities) bundled(nodejs-@nolyfill/domexception) bundled(nodejs-@protobufjs/aspromise) bundled(nodejs-@protobufjs/base64) bundled(nodejs-@protobufjs/codegen) bundled(nodejs-@protobufjs/eventemitter) bundled(nodejs-@protobufjs/fetch) bundled(nodejs-@protobufjs/float) bundled(nodejs-@protobufjs/inquire) bundled(nodejs-@protobufjs/path) bundled(nodejs-@protobufjs/pool) bundled(nodejs-@protobufjs/utf8) bundled(nodejs-@silvia-odwyer/photon-node) bundled(nodejs-@slack/bolt) bundled(nodejs-@slack/logger) bundled(nodejs-@slack/oauth) bundled(nodejs-@slack/socket-mode) bundled(nodejs-@slack/types) bundled(nodejs-@slack/web-api) bundled(nodejs-@smithy/config-resolver) bundled(nodejs-@smithy/core) bundled(nodejs-@smithy/credential-provider-imds) bundled(nodejs-@smithy/eventstream-codec) bundled(nodejs-@smithy/eventstream-serde-browser) bundled(nodejs-@smithy/eventstream-serde-config-resolver) bundled(nodejs-@smithy/eventstream-serde-node) bundled(nodejs-@smithy/eventstream-serde-universal) bundled(nodejs-@smithy/fetch-http-handler) bundled(nodejs-@smithy/hash-node) bundled(nodejs-@smithy/invalid-dependency) bundled(nodejs-@smithy/is-array-buffer) bundled(nodejs-@smithy/middleware-content-length) bundled(nodejs-@smithy/middleware-endpoint) bundled(nodejs-@smithy/middleware-retry) bundled(nodejs-@smithy/middleware-serde) bundled(nodejs-@smithy/middleware-stack) bundled(nodejs-@smithy/node-config-provider) bundled(nodejs-@smithy/node-http-handler) bundled(nodejs-@smithy/property-provider) bundled(nodejs-@smithy/protocol-http) bundled(nodejs-@smithy/querystring-builder) bundled(nodejs-@smithy/querystring-parser) bundled(nodejs-@smithy/service-error-classification) bundled(nodejs-@smithy/shared-ini-file-loader) bundled(nodejs-@smithy/signature-v4) bundled(nodejs-@smithy/smithy-client) bundled(nodejs-@smithy/types) bundled(nodejs-@smithy/url-parser) bundled(nodejs-@smithy/util-base64) bundled(nodejs-@smithy/util-body-length-browser) bundled(nodejs-@smithy/util-body-length-node) bundled(nodejs-@smithy/util-buffer-from) bundled(nodejs-@smithy/util-config-provider) bundled(nodejs-@smithy/util-defaults-mode-browser) bundled(nodejs-@smithy/util-defaults-mode-node) bundled(nodejs-@smithy/util-endpoints) bundled(nodejs-@smithy/util-hex-encoding) bundled(nodejs-@smithy/util-middleware) bundled(nodejs-@smithy/util-retry) bundled(nodejs-@smithy/util-stream) bundled(nodejs-@smithy/util-uri-escape) bundled(nodejs-@smithy/util-utf8) bundled(nodejs-@smithy/uuid) bundled(nodejs-@telegraf/types) bundled(nodejs-@tokenizer/inflate) bundled(nodejs-@tokenizer/token) bundled(nodejs-@tootallnate/quickjs-emscripten) bundled(nodejs-@types/body-parser) bundled(nodejs-@types/connect) bundled(nodejs-@types/express) bundled(nodejs-@types/express-serve-static-core) bundled(nodejs-@types/http-errors) bundled(nodejs-@types/jsonwebtoken) bundled(nodejs-@types/mime-types) bundled(nodejs-@types/ms) bundled(nodejs-@types/node) bundled(nodejs-@types/qs) bundled(nodejs-@types/range-parser) bundled(nodejs-@types/retry) bundled(nodejs-@types/send) bundled(nodejs-@types/serve-static) bundled(nodejs-@types/ws) bundled(nodejs-abort-controller) bundled(nodejs-accepts) bundled(nodejs-agent-base) bundled(nodejs-ajv) bundled(nodejs-ajv-formats) bundled(nodejs-ansi-regex) bundled(nodejs-ansi-styles) bundled(nodejs-any-promise) bundled(nodejs-argparse) bundled(nodejs-asn1.js) bundled(nodejs-ast-types) bundled(nodejs-asynckit) bundled(nodejs-axios) bundled(nodejs-balanced-match) bundled(nodejs-base64-js) bundled(nodejs-basic-ftp) bundled(nodejs-bignumber.js) bundled(nodejs-bn.js) bundled(nodejs-body-parser) bundled(nodejs-boolbase) bundled(nodejs-bottleneck) bundled(nodejs-bowser) bundled(nodejs-brace-expansion) bundled(nodejs-buffer-alloc) bundled(nodejs-buffer-alloc-unsafe) bundled(nodejs-buffer-crc32) bundled(nodejs-buffer-equal-constant-time) bundled(nodejs-buffer-fill) bundled(nodejs-buffer-from) bundled(nodejs-bytes) bundled(nodejs-call-bind-apply-helpers) bundled(nodejs-call-bound) bundled(nodejs-camelcase) bundled(nodejs-chalk) bundled(nodejs-chokidar) bundled(nodejs-chownr) bundled(nodejs-cli-highlight) bundled(nodejs-cliui) bundled(nodejs-color-convert) bundled(nodejs-color-name) bundled(nodejs-combined-stream) bundled(nodejs-commander) bundled(nodejs-content-disposition) bundled(nodejs-content-type) bundled(nodejs-cookie) bundled(nodejs-cookie-signature) bundled(nodejs-core-util-is) bundled(nodejs-cors) bundled(nodejs-croner) bundled(nodejs-cross-spawn) bundled(nodejs-css-select) bundled(nodejs-css-what) bundled(nodejs-cssom) bundled(nodejs-data-uri-to-buffer) bundled(nodejs-debug) bundled(nodejs-decamelize) bundled(nodejs-define-data-property) bundled(nodejs-define-properties) bundled(nodejs-degenerator) bundled(nodejs-delayed-stream) bundled(nodejs-depd) bundled(nodejs-diff) bundled(nodejs-dijkstrajs) bundled(nodejs-dom-serializer) bundled(nodejs-domelementtype) bundled(nodejs-domhandler) bundled(nodejs-domutils) bundled(nodejs-dotenv) bundled(nodejs-dunder-proto) bundled(nodejs-ecdsa-sig-formatter) bundled(nodejs-ee-first) bundled(nodejs-emoji-regex) bundled(nodejs-encodeurl) bundled(nodejs-end-of-stream) bundled(nodejs-entities) bundled(nodejs-es-define-property) bundled(nodejs-es-errors) bundled(nodejs-es-object-atoms) bundled(nodejs-es-set-tostringtag) bundled(nodejs-escalade) bundled(nodejs-escape-html) bundled(nodejs-escape-string-regexp) bundled(nodejs-escodegen) bundled(nodejs-esprima) bundled(nodejs-estraverse) bundled(nodejs-esutils) bundled(nodejs-etag) bundled(nodejs-event-target-shim) bundled(nodejs-eventemitter3) bundled(nodejs-eventsource) bundled(nodejs-eventsource-parser) bundled(nodejs-express) bundled(nodejs-express-rate-limit) bundled(nodejs-extend) bundled(nodejs-extract-zip) bundled(nodejs-fast-deep-equal) bundled(nodejs-fast-string-truncated-width) bundled(nodejs-fast-string-width) bundled(nodejs-fast-uri) bundled(nodejs-fast-wrap-ansi) bundled(nodejs-fast-xml-builder) bundled(nodejs-fast-xml-parser) bundled(nodejs-fd-slicer) bundled(nodejs-fetch-blob) bundled(nodejs-file-type) bundled(nodejs-finalhandler) bundled(nodejs-find-up) bundled(nodejs-follow-redirects) bundled(nodejs-form-data) bundled(nodejs-formdata-polyfill) bundled(nodejs-forwarded) bundled(nodejs-fresh) bundled(nodejs-function-bind) bundled(nodejs-gaxios) bundled(nodejs-gcp-metadata) bundled(nodejs-get-caller-file) bundled(nodejs-get-east-asian-width) bundled(nodejs-get-intrinsic) bundled(nodejs-get-proto) bundled(nodejs-get-stream) bundled(nodejs-get-uri) bundled(nodejs-glob) bundled(nodejs-global-agent) bundled(nodejs-globalthis) bundled(nodejs-google-auth-library) bundled(nodejs-google-logging-utils) bundled(nodejs-gopd) bundled(nodejs-graceful-fs) bundled(nodejs-grammy) bundled(nodejs-gtoken) bundled(nodejs-has-flag) bundled(nodejs-has-property-descriptors) bundled(nodejs-has-symbols) bundled(nodejs-has-tostringtag) bundled(nodejs-hasown) bundled(nodejs-highlight.js) bundled(nodejs-hono) bundled(nodejs-hosted-git-info) bundled(nodejs-html-escaper) bundled(nodejs-htmlparser2) bundled(nodejs-http-errors) bundled(nodejs-http-proxy-agent) bundled(nodejs-http_ece) bundled(nodejs-https-proxy-agent) bundled(nodejs-iconv-lite) bundled(nodejs-ieee754) bundled(nodejs-ignore) bundled(nodejs-immediate) bundled(nodejs-inherits) bundled(nodejs-ip-address) bundled(nodejs-ipaddr.js) bundled(nodejs-is-electron) bundled(nodejs-is-fullwidth-code-point) bundled(nodejs-is-promise) bundled(nodejs-is-stream) bundled(nodejs-isarray) bundled(nodejs-isexe) bundled(nodejs-jiti) bundled(nodejs-jose) bundled(nodejs-json-bigint) bundled(nodejs-json-schema-to-ts) bundled(nodejs-json-schema-traverse) bundled(nodejs-json-schema-typed) bundled(nodejs-json5) bundled(nodejs-jsonwebtoken) bundled(nodejs-jszip) bundled(nodejs-jwa) bundled(nodejs-jws) bundled(nodejs-lie) bundled(nodejs-linkedom) bundled(nodejs-linkify-it) bundled(nodejs-locate-path) bundled(nodejs-lodash.includes) bundled(nodejs-lodash.isboolean) bundled(nodejs-lodash.isinteger) bundled(nodejs-lodash.isnumber) bundled(nodejs-lodash.isplainobject) bundled(nodejs-lodash.isstring) bundled(nodejs-lodash.once) bundled(nodejs-long) bundled(nodejs-lru-cache) bundled(nodejs-markdown-it) bundled(nodejs-marked) bundled(nodejs-matcher) bundled(nodejs-math-intrinsics) bundled(nodejs-mdurl) bundled(nodejs-media-typer) bundled(nodejs-merge-descriptors) bundled(nodejs-mime-db) bundled(nodejs-mime-types) bundled(nodejs-minimalistic-assert) bundled(nodejs-minimatch) bundled(nodejs-minimist) bundled(nodejs-minipass) bundled(nodejs-minizlib) bundled(nodejs-mri) bundled(nodejs-ms) bundled(nodejs-mz) bundled(nodejs-negotiator) bundled(nodejs-netmask) bundled(nodejs-node-addon-api) bundled(nodejs-node-edge-tts) bundled(nodejs-node-fetch) bundled(nodejs-node-gyp-build) bundled(nodejs-nth-check) bundled(nodejs-object-assign) bundled(nodejs-object-inspect) bundled(nodejs-object-keys) bundled(nodejs-on-finished) bundled(nodejs-once) bundled(nodejs-openai) bundled(nodejs-openshell) bundled(nodejs-p-finally) bundled(nodejs-p-limit) bundled(nodejs-p-locate) bundled(nodejs-p-queue) bundled(nodejs-p-retry) bundled(nodejs-p-timeout) bundled(nodejs-p-try) bundled(nodejs-pac-proxy-agent) bundled(nodejs-pac-resolver) bundled(nodejs-pako) bundled(nodejs-parse5) bundled(nodejs-parse5-htmlparser2-tree-adapter) bundled(nodejs-parseurl) bundled(nodejs-partial-json) bundled(nodejs-path-exists) bundled(nodejs-path-expression-matcher) bundled(nodejs-path-key) bundled(nodejs-path-scurry) bundled(nodejs-path-to-regexp) bundled(nodejs-pdfjs-dist) bundled(nodejs-pend) bundled(nodejs-pkce-challenge) bundled(nodejs-playwright-core) bundled(nodejs-pngjs) bundled(nodejs-process-nextick-args) bundled(nodejs-proper-lockfile) bundled(nodejs-protobufjs) bundled(nodejs-proxy-addr) bundled(nodejs-proxy-agent) bundled(nodejs-proxy-from-env) bundled(nodejs-pump) bundled(nodejs-punycode.js) bundled(nodejs-qrcode) bundled(nodejs-qs) bundled(nodejs-quickjs-wasi) bundled(nodejs-range-parser) bundled(nodejs-raw-body) bundled(nodejs-readable-stream) bundled(nodejs-readdirp) bundled(nodejs-require-directory) bundled(nodejs-require-from-string) bundled(nodejs-require-main-filename) bundled(nodejs-retry) bundled(nodejs-router) bundled(nodejs-safe-buffer) bundled(nodejs-safe-compare) bundled(nodejs-safer-buffer) bundled(nodejs-sandwich-stream) bundled(nodejs-semver) bundled(nodejs-send) bundled(nodejs-serialize-error) bundled(nodejs-serve-static) bundled(nodejs-set-blocking) bundled(nodejs-setimmediate) bundled(nodejs-setprototypeof) bundled(nodejs-shebang-command) bundled(nodejs-shebang-regex) bundled(nodejs-side-channel) bundled(nodejs-side-channel-list) bundled(nodejs-side-channel-map) bundled(nodejs-side-channel-weakmap) bundled(nodejs-signal-exit) bundled(nodejs-sisteransi) bundled(nodejs-smart-buffer) bundled(nodejs-socks) bundled(nodejs-socks-proxy-agent) bundled(nodejs-source-map) bundled(nodejs-source-map-support) bundled(nodejs-statuses) bundled(nodejs-std-env) bundled(nodejs-string-width) bundled(nodejs-string_decoder) bundled(nodejs-strip-ansi) bundled(nodejs-strnum) bundled(nodejs-strtok3) bundled(nodejs-supports-color) bundled(nodejs-tar) bundled(nodejs-telegraf) bundled(nodejs-thenify) bundled(nodejs-thenify-all) bundled(nodejs-toidentifier) bundled(nodejs-token-types) bundled(nodejs-tokenjuice) bundled(nodejs-tr46) bundled(nodejs-tree-sitter-bash) bundled(nodejs-ts-algebra) bundled(nodejs-tslib) bundled(nodejs-tslog) bundled(nodejs-tsscmp) bundled(nodejs-type-fest) bundled(nodejs-type-is) bundled(nodejs-typebox) bundled(nodejs-uc.micro) bundled(nodejs-uhyphen) bundled(nodejs-uint8array-extras) bundled(nodejs-undici) bundled(nodejs-undici-types) bundled(nodejs-unpipe) bundled(nodejs-util-deprecate) bundled(nodejs-uuid) bundled(nodejs-vary) bundled(nodejs-web-push) bundled(nodejs-web-streams-polyfill) bundled(nodejs-web-tree-sitter) bundled(nodejs-webidl-conversions) bundled(nodejs-whatwg-url) bundled(nodejs-which) bundled(nodejs-which-module) bundled(nodejs-wrap-ansi) bundled(nodejs-wrappy) bundled(nodejs-ws) bundled(nodejs-y18n) bundled(nodejs-yallist) bundled(nodejs-yaml) bundled(nodejs-yargs) bundled(nodejs-yargs-parser) bundled(nodejs-yauzl) bundled(nodejs-yoctocolors) bundled(nodejs-zod) bundled(nodejs-zod-to-json-schema) npm(openclaw) openclaw Generated by fedora-review 0.11.0 (05c5b26) last change: 2025-11-29 Command line :/usr/bin/fedora-review -r -n openclaw-2026.5.4-1.fc45.src.rpm Buildroot used: fedora-rawhide-x86_64 Active plugins: Generic, Shell-api Disabled plugins: Python, fonts, Ocaml, SugarActivity, Perl, Java, PHP, R, Haskell, C/C++ Disabled flags: EXARCH, EPEL6, EPEL7, DISTTAG, BATCH -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2467057 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202467057%23c1 -- _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
