Welcome to FedoraReview
FedoraReview: Tools to help review packages for inclusion in Fedora
This tool automates much of the dirty work when reviewing a package for the Fedora Package Collection.
- Downloading SRPM & SPEC from Bugzilla or other websites.
- Download upstream source.
- Build and install package in mock.
- Run rpmlint on package, also the installed version.
- Checksum verification
- Running licensecheck -r
- Do an overall review template with both manual & automated checks, serving as a starting point for the review work.
FedoraReview is still under heavy development.
# yum install fedora-review
You will need to have mock installed and be member of the mock group for the build to work. Run as root:
# usermod -a -G mock [your user name]
After adding groups this way, you must either logout and login again or use the newgrp(1) command - the list of groups for a user is not read until a login (or newgrp). After doing this, try:
$ fedora-review -b <bugzilla report number>
It will download the SPEC & SRPM files from the Bugzilla report, build them in mock, run a number of test and generate a report template. That template is your starting point when doing your review.
Too see the other options of the tools:
$ fedora-review --help $ man fedora-review
There is more usage info in using fedora-review.
Last announce message:NEWS file
FedoraReview is licensed under GPLv2+, for more details check COPYING.
- Get the code: git clone https://git.fedorahosted.org/git/FedoraReview.git
- Discuss on the list
- Discuss on IRC: #fedora-review
- Report a bug
- Send us a patch
- Write a script
- Write a language plugin
- Extend an existing language plugin
- Get yourself a ticket to work on ;-)
- Tim Lauridsen's original website: https://github.com/timlau/FedoraReview
- Continious integration server: http://jenkins.cloud.fedoraproject.org
List of open tickets
- Add interactive mode
- Test package in Koji scratch build
- Show date of guidelines tool is based on
- show compile message if mock fail
- CheckAddMavenDepmap could be automated easily
- If deprecating check returns "not_applicable" deprecated check should be run instead
- CheckDocRuntime could be semi-automated.
- Download upstream sources in background
- CheckReqPkgConfig could be run unconditionally.
- Check that packages are 64-bit safe?
- spec file is not EPEL6 compliant
- check spec url file and spec file in srpm are in sync before creating or starting review
- RubyCheckTestsRun doesn't work properly
- EPEL5 does not require %defattr()
- fedora-review runs mock even if it shouldn't
- fedora-create-review: bugzilla query for existing reviews doesn't work
- support amending existing review request
- false positives: gems should require rubygems package
- Reported non existent links by java plugin
- [RFE] support configs for koji, bugzilla URLs
- RFE: provide a way to pass a custom repository
- Compatibility with phpcompatinfo v4
- Move to dnf
Fixed Problems Scheduled for next release (0.5.1)
- Integrate rpm-chksec during the review
- Add option for quick, limited tests not requiring mock build or install.
- Add security checks for packages installing systemd unit files
- RFE: Use repo-font-audit on font packages
- ocaml packages not recognized
- CheckStaticLibs: does npot comply w GL, more exceptions needed,
- make_release fails if dist directory does not exist
- Some test shows up as [x] instead of hidden (NA) where applicable.