wiki:WikiStart
Last modified 8 months ago Last modified on 09/04/13 08:30:00

Welcome to FedoraReview

FedoraReview: Tools to help review packages for inclusion in Fedora

This tool automates much of the dirty work when reviewing a package for the Fedora Package Collection.

Like:

  • Downloading SRPM & SPEC from Bugzilla or other websites.
  • Download upstream source.
  • Build and install package in mock.
  • Run rpmlint on package, also the installed version.
  • Checksum verification
  • Running licensecheck -r
  • Do an overall review template with both manual & automated checks, serving as a starting point for the review work.

FedoraReview is still under heavy development.

Installation

# yum install fedora-review

You can also try the development version or try the latest nightly build.

Usage

You will need to have mock installed and be member of the mock group for the build to work. Run as root:

# usermod -a -G mock [your user name]

After adding groups this way, you must either logout and login again or use the newgrp(1) command - the list of groups for a user is not read until a login (or newgrp). After doing this, try:

$ fedora-review -b <bugzilla report number>

It will download the SPEC & SRPM files from the Bugzilla report, build them in mock, run a number of test and generate a report template. That template is your starting point when doing your review.

Too see the other options of the tools:

$ fedora-review --help
$ man fedora-review

There is more usage info in using fedora-review.

New features

Last announce message:NEWS file

License

FedoraReview is licensed under GPLv2+, for more details check COPYING.

Contribute

Resources

List of open tickets

#8
Add interactive mode
#17
Test package in Koji scratch build
#26
Show date of guidelines tool is based on
#79
show compile message if mock fail
#103
CheckAddMavenDepmap could be automated easily
#122
If deprecating check returns "not_applicable" deprecated check should be run instead
#169
CheckDocRuntime could be semi-automated.
#178
Download upstream sources in background
#188
CheckReqPkgConfig could be run unconditionally.
#202
Check that packages are 64-bit safe?
#207
spec file is not EPEL6 compliant
#210
check spec url file and spec file in srpm are in sync before creating or starting review
#225
RubyCheckTestsRun doesn't work properly
#230
old installed builds in Mock chroot are not updated prior to running rpmlint on them
#231
EPEL5 does not require %defattr()
#232
git version fails with KeyError: 'EPEL5'
#233
fedora-review crashes on empty rpms
#234
fedora-review runs mock even if it shouldn't

Fixed Problems Scheduled for next release (0.5.1)

#193
Integrate rpm-chksec during the review
#197
Add option for quick, limited tests not requiring mock build or install.
#214
Add security checks for packages installing systemd unit files
#215
RFE: Use repo-font-audit on font packages
#221
ocaml packages not recognized
#222
CheckStaticLibs: does npot comply w GL, more exceptions needed,
#228
make_release fails if dist directory does not exist
#229
Some test shows up as [x] instead of hidden (NA) where applicable.