Packaging:ReviewGuidelines

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
m (1 revision(s))
(Things To Check On Review)
(25 intermediate revisions by 4 users not shown)
Line 5: Line 5:
  
 
'''Author:''' [[TomCallaway|  Tom 'spot' Callaway]] <BR>
 
'''Author:''' [[TomCallaway|  Tom 'spot' Callaway]] <BR>
'''Revision:''' 0.27<BR>
+
'''Revision:''' 0.31<BR>
 
'''Initial Draft:''' Monday Jun 27, 2005<BR>
 
'''Initial Draft:''' Monday Jun 27, 2005<BR>
'''Last Revised:''' Friday Nov 30, 2007<BR>
+
'''Last Revised:''' Monday, Feb 6, 2012<BR>
  
 
== Package Review Process ==
 
== Package Review Process ==
Contributors and reviewers should follow the PackageReviewProcess.
+
Contributors and reviewers should follow the [[Package Review Process]].
  
 
{{Anchor|ThingsToCheckOnReview}}
 
{{Anchor|ThingsToCheckOnReview}}
 +
 
== Things To Check On Review ==
 
== Things To Check On Review ==
  
There are many many things to check for a review. This list is provided to assist new reviewers in identifying areas that they should look for, but is by no means complete. Reviewers should use their own good judgement when reviewing packages. The items listed fall into two categories: '''SHOULD''' and '''MUST'''. Items marked as '''SHOULD''' are things that the package (or reviewer) '''SHOULD''' do, but is not required to do. Items marked as '''MUST''' are things that the package (or reviewer) '''MUST''' do. If a package fails a '''MUST''' item, that is considered a blocker. No package with blockers can be approved on a review. Those items must be fixed before approval can be given.
+
There are many many things to check for a review. This list is provided to assist new reviewers in identifying areas that they should look for, but is by no means complete. Reviewers should use their own good judgement when reviewing packages. The items listed fall into two categories: '''SHOULD''' and '''MUST'''.
 +
 
 +
{{admon/warning|MUST Items|Items marked as '''MUST''' are things that the package (or reviewer) '''MUST''' do. If a package fails a '''MUST''' item, that is considered a blocker. No package with blockers can be approved on a review. Those items must be fixed before approval can be given. }}
  
'''MUST Items:'''
+
* '''MUST''': rpmlint must be run on the source rpm and all binary rpms the build produces. The output should be posted in the review.<ref>[[Packaging/Guidelines#rpmlint|Packaging Guidelines: Use rpmlint]]</ref> <BR>
 +
* '''MUST''': The package must be named according to the [[Packaging/NamingGuidelines| Package Naming Guidelines]] .<BR>
 +
* '''MUST''': The spec file name must match the base package <code>%{name}</code>, in the format <code>%{name}.spec</code> unless your package has an exemption. <ref>[[Packaging/NamingGuidelines#Spec_file_name| Naming Guidelines: Spec File Naming]]</ref> . <BR>
 +
* '''MUST''': The package must meet the [[Packaging/Guidelines|  Packaging Guidelines]] .<BR>
 +
* '''MUST''': The package must be licensed with a Fedora approved license and meet the [[Packaging/LicensingGuidelines|  Licensing Guidelines]] .<BR>
 +
* '''MUST''': The License field in the package spec file must match the actual license. <ref>[[Packaging/LicensingGuidelines#ValidLicenseShortNames| Licensing Guidelines: Valid License Short Names]]</ref><BR>
 +
* '''MUST''': If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in <code>%doc</code>.<ref>[[Packaging/LicensingGuidelines#License Text |Licensing Guidelines: License Text]]</ref><BR>
 +
* '''MUST''': The spec file must be written in American English. <ref>[[Packaging/Guidelines#summary|Packaging Guidelines: Summary]]</ref><BR>
 +
* '''MUST''': The spec file for the package '''MUST''' be legible. <ref>[[Packaging/Guidelines#Spec_Legibility|Packaging Guidelines: Spec Legibility]]</ref><BR>
 +
* '''MUST''': The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use sha256sum for this task as it is used by the <code>sources</code> file once imported into git. If no upstream URL can be specified for this package, please see the [[Packaging/SourceURL|  Source URL Guidelines]]  for how to deal with this.<BR>
 +
* '''MUST''': The package '''MUST''' successfully compile and build into binary rpms on at least one primary architecture. <ref>[[Packaging/Guidelines#Architecture_Support|Packaging Guidelines: Architecture Support]]</ref><BR>
 +
* '''MUST''': If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in <code>ExcludeArch</code>. Each architecture listed in <code>ExcludeArch</code> '''MUST''' have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number '''MUST''' be placed in a comment, next to the corresponding <code>ExcludeArch</code> line. <ref>[[Packaging/Guidelines#Architecture_Build_Failures|Packaging Guidelines: Architecture Build Failures]]</ref><BR>
 +
* '''MUST''': All build dependencies must be listed in <code>BuildRequires</code>, except for any that are listed in the [[Packaging/Guidelines#Exceptions_2|exceptions section of the Packaging Guidelines]] ; inclusion of those as <code>BuildRequires</code> is optional. Apply common sense.<BR>
 +
* '''MUST''': The spec file MUST handle locales properly. This is done by using the <code>%find_lang</code> macro. Using <code>%{_datadir}/locale/*</code> is strictly forbidden.<ref>[[Packaging/Guidelines#Handling_Locale_Files|Packaging Guidelines: Handling Locale Files]]</ref><BR>
 +
* '''MUST''': Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in <code>%post</code> and <code>%postun</code>. <ref>[[Packaging/Guidelines#Shared_Libraries|Packaging Guidelines: Shared Libraries]]</ref><BR>
 +
* '''MUST''': Packages must NOT bundle copies of system libraries.<ref name="no_bundle">[[Packaging:Guidelines#Duplication_of_system_libraries|Packaging Guidelines: Duplication of System Libraries]]</ref><BR>
 +
* '''MUST''': If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker. <ref>[[Packaging/Guidelines#RelocatablePackages|Packaging Guidelines: Relocatable Packages]]</ref><BR>
 +
* '''MUST''': A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory.  <ref>[[Packaging/Guidelines#FileAndDirectoryOwnership|Packaging Guidelines: File And Directory Ownership]]</ref><BR>
 +
* '''MUST''': A Fedora package must not list a file more than once in the spec file's %files listings. (Notable exception: license texts in specific situations)<ref>[[Packaging/Guidelines#DuplicateFiles|Packaging Guidelines: Duplicate Files]]</ref><BR>
 +
* '''MUST''': Permissions on files must be set properly. Executables should be set with executable permissions, for example. <ref>[[Packaging/Guidelines#FilePermissions|Packaging Guidelines: File Permissions]]</ref><BR>
 +
* '''MUST''': Each package must consistently use macros. <ref>[[Packaging/Guidelines#macros|Packaging Guidelines: Macros]]</ref><BR>
 +
* '''MUST''': The package must contain code, or permissable content. <ref>[[Packaging/Guidelines#CodeVsContent|Packaging Guidelines: Code Vs. Content]]</ref><BR>
 +
* '''MUST''': Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity). <ref name="docs">[[Packaging/Guidelines#PackageDocumentation|Packaging Guidelines: Package Documentation]]</ref><BR>
 +
* '''MUST''': If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. <ref name="docs">[[Packaging/Guidelines#PackageDocumentation|Packaging Guidelines: Package Documentation]]</ref><BR>
 +
* '''MUST''': Static libraries must be in a -static package. <ref name="static">[[Packaging/Guidelines#StaticLibraries|Packaging Guidelines: Packaging Static Libraries]]</ref><BR>
 +
* '''MUST''': Development files must be in a -devel package. <ref name="devel">[[Packaging/Guidelines#DevelPackages|Packaging Guidelines: Devel Packages]]</ref><BR>
 +
* '''MUST''': In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: <code>Requires: %{name}%{?_isa} = %{version}-%{release} </code> <ref name="requirebase">[[Packaging/Guidelines#RequiringBasePackage|Packaging Guidelines: Requiring Base Package]]</ref><BR>
 +
* '''MUST''': Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.<ref name="static">[[Packaging/Guidelines#StaticLibraries|Packaging Guidelines: Packaging Static Libraries]]</ref><BR>
 +
* '''MUST''': Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation. <ref>[[Packaging/Guidelines#desktop|Packaging Guidelines: Desktop files]]</ref><BR>
 +
* '''MUST''': Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the <code>filesystem</code> or <code>man</code> package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. <ref>[[Packaging/Guidelines#FileAndDirectoryOwnership|Packaging Guidelines: File And Directory Ownership]]</ref><BR>
 +
* '''MUST''': All filenames in rpm packages must be valid UTF-8. <ref>[[Packaging/Guidelines#FilenameEncoding|Packaging Guidelines: Filename Encoding]]</ref><BR>
  
- '''MUST''': rpmlint must be run on every package. The output should be posted in the review.<BR>
+
<BR>
- '''MUST''': The package must be named according to the [[Packaging/NamingGuidelines| Package Naming Guidelines]] .<BR>
+
<HR>
- '''MUST''': The spec file name must match the base package <code>%{name}</code>, in the format <code>%{name}.spec</code> unless your package has an exemption on [[Packaging/NamingGuidelines|  Package Naming Guidelines]] . <BR>
+
<BR>
- '''MUST''': The package must meet the [[Packaging/Guidelines|  Packaging Guidelines]] .<BR>
+
- '''MUST''': The package must be licensed with a Fedora approved license and meet the [[Packaging/LicensingGuidelines|  Licensing Guidelines]] .<BR>
+
- '''MUST''': The License field in the package spec file must match the actual license.<BR>
+
- '''MUST''': If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.<BR>
+
- '''MUST''': The spec file must be written in American English.<BR>
+
- '''MUST''': The spec file for the package MUST be legible. If the reviewer is unable to read the spec file, it will be impossible to perform a review. Fedora is not the place for entries into the Obfuscated Code Contest (http://www.ioccc.org/).<BR>
+
- '''MUST''': The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task.  If no upstream URL can be specified for this package, please see the [[Packaging/SourceURL|  Source URL Guidelines]]  for how to deal with this.<BR>
+
- '''MUST''': The package must successfully compile and build into binary rpms on at least one supported architecture.<BR>
+
- '''MUST''': If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in <code>ExcludeArch</code>. Each architecture listed in <code>ExcludeArch</code> needs to have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number should then be placed in a comment, next to the corresponding <code>ExcludeArch</code> line. New packages will not have bugzilla entries during the review process, so they should put this description in the comment until the package is approved, then file the bugzilla entry, and replace the long explanation with the bug number.  The bug should be marked as blocking one (or more) of the following bugs to simplify tracking such issues: [https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=FE-ExcludeArch-x86 FE-ExcludeArch-x86] , [https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=FE-ExcludeArch-x64 FE-ExcludeArch-x64] , [https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=FE-ExcludeArch-ppc FE-ExcludeArch-ppc] , [https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=FE-ExcludeArch-ppc64 FE-ExcludeArch-ppc64]  <BR>
+
- '''MUST''': All build dependencies must be listed in <code>BuildRequires</code>, except for any that are listed in the [wiki:Self:Packaging/Guidelines#Exceptions exceptions section of Packaging Guidelines] ; inclusion of those as <code>BuildRequires</code> is optional. Apply common sense.<BR>
+
- '''MUST''': The spec file MUST handle locales properly. This is done by using the <code>%find_lang</code> macro. Using <code>%{_datadir}/locale/*</code> is strictly forbidden.<BR>
+
- '''MUST''': Every binary RPM package which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in <code>%post</code> and <code>%postun</code>. If the package has multiple subpackages with libraries, each subpackage should also have a <code>%post/%postun</code> section that calls /sbin/ldconfig. An example of the correct syntax for this is:
+
<pre>
+
%post -p /sbin/ldconfig
+
  
%postun -p /sbin/ldconfig
+
{{admon/important|SHOULD Items:|Items marked as '''SHOULD''' are things that the package (or reviewer) '''SHOULD''' do, but is not required to do.}}
</pre><BR>
+
- '''MUST''': If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker.<BR>
+
- '''MUST''': A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory.  Refer to the [[Packaging/Guidelines#FileAndDirectoryOwnership|  Guidelines]]  for examples. <BR>
+
- '''MUST''': A package must not contain any duplicate files in the <code>%files</code> listing.<BR>
+
- '''MUST''': Permissions on files must be set properly. Executables should be set with executable permissions, for example. Every <code>%files</code> section must include a <code>%defattr(...)</code> line.<BR>
+
- '''MUST''': Each package must have a %clean section, which contains <code>rm -rf %{buildroot}</code> ([wiki:Self:Packaging/Guidelines#UsingBuildRootOptFlags or $RPM_BUILD_ROOT] ).<BR>
+
- '''MUST''': Each package must consistently use macros, as described in the [wiki:Self:Packaging/Guidelines#macros macros section of Packaging Guidelines] . <BR>
+
- '''MUST''': The package must contain code, or permissable content. This is described in detail in the [wiki:Self:Packaging/Guidelines#CodeVsContent code vs. content section of Packaging Guidelines] . <BR>
+
- '''MUST''': Large documentation files should go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity)<BR>
+
- '''MUST''': If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. <BR>
+
- '''MUST''': Header files must be in a -devel package.<BR>
+
- '''MUST''': Static libraries must be in a -static package.<BR>
+
- '''MUST''': Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for directory ownership and usability).<BR>
+
- '''MUST''': If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package.<BR>
+
- '''MUST''': In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: <code>Requires: %{name} = %{version}-%{release} </code><BR>
+
- '''MUST''': Packages must NOT contain any .la libtool archives, these should be removed in the spec.<BR>
+
- '''MUST''': Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. This is described in detail in the [wiki:Self:Packaging/Guidelines#desktop desktop files section of Packaging Guidelines] . If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation.<BR>
+
- '''MUST''': Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the <code>filesystem</code> or <code>man</code> package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time.<BR>
+
- '''MUST''': At the beginning of <code>%install</code>, each package MUST run <code>rm -rf %{buildroot}</code> ([wiki:Self:Packaging/Guidelines#UsingBuildRootOptFlags or $RPM_BUILD_ROOT] ). See [wiki:Self:Packaging/Guidelines#PreppingBuildRootForInstall Prepping BuildRoot For %install]  for details.<BR>
+
- '''MUST''': All filenames in rpm packages must be valid UTF-8.<BR>
+
'''SHOULD Items:'''
+
  
- '''SHOULD''': If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it.<BR>
+
* '''SHOULD''': If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. <ref>[[Packaging/LicensingGuidelines#License_Text|Licensing Guidelines: License Text]]</ref><BR>
- '''SHOULD''': The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available.<BR>
+
* '''SHOULD''': The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available. <ref>[[Packaging/Guidelines#summary|Packaging Guidelines: Summary and description]]</ref><BR>
- '''SHOULD''': The reviewer should test that the package builds in mock. See [wiki:Self:PackageMaintainers/MockTricks MockTricks] for details on how to do this.<BR>
+
* '''SHOULD''': The reviewer should test that the package builds in mock. <ref>[[PackageMaintainers/MockTricks|Mock Tricks]]</ref><BR>
- '''SHOULD''': The package should compile and build into binary rpms on all supported architectures.<BR>
+
* '''SHOULD''': The package should compile and build into binary rpms on all supported architectures. <ref>[[Packaging/Guidelines#ArchitectureSupport|Packaging Guidelines: Architecture Support]]</ref><BR>
- '''SHOULD''': The reviewer should test that the package functions as described. A package should not segfault instead of running, for example.<BR>
+
* '''SHOULD''': The reviewer should test that the package functions as described. A package should not segfault instead of running, for example.<BR>
- '''SHOULD''': If scriptlets are used, those scriptlets must be sane. This is vague, and left up to the reviewers judgement to determine sanity.<BR>
+
* '''SHOULD''': If scriptlets are used, those scriptlets must be sane. This is vague, and left up to the reviewers judgement to determine sanity. <ref>[[Packaging/Guidelines#Scriptlets|Packaging Guidelines: Scriptlets]]</ref><BR>
- '''SHOULD''': Usually, subpackages other than devel should require the base package using a fully versioned dependency.<BR>
+
* '''SHOULD''': Usually, subpackages other than devel should require the base package using a fully versioned dependency. <ref name="requirebase">[[Packaging/Guidelines#RequiringBasePackage|Packaging Guidelines: Requiring Base Package]]</ref><BR>
- '''SHOULD''': The placement of pkgconfig(.pc) files depends on their usecase, and this is usually for development purposes, so should be placed in a -devel pkg.  A reasonable exception is that the main pkg itself is a devel tool not installed in a user runtime, e.g. gcc or gdb.<BR>
+
* '''SHOULD''': The placement of pkgconfig(.pc) files depends on their usecase, and this is usually for development purposes, so should be placed in a -devel pkg.  A reasonable exception is that the main pkg itself is a devel tool not installed in a user runtime, e.g. gcc or gdb. <ref name="pkgconfig">[[Packaging/Guidelines#PkgconfigFiles|Packaging Guidelines: Pkgconfig Files]]</ref><BR>
- '''SHOULD''': If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself. Please see [[Packaging/Guidelines#FileDeps| File Dependencies]] in the Guidelines for further information.
+
* '''SHOULD''': If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself. <ref>[[Packaging/Guidelines#FileDeps|Packaging Guidelines: File Dependencies]]</ref><BR>
 +
* '''SHOULD''': your package should contain man pages for binaries/scripts. If it doesn't, work with upstream to add them where they make sense.<ref name="manpages">[[Packaging/Guidelines#Man_pages|Packaging Guidelines: Man Pages]]</ref><BR>
  
----
+
== References to the Fedora Packaging Guidelines ==
[[Category:Extras]]
+
<references/>

Revision as of 15:30, 1 August 2012

Contents

Package Review Guidelines

This is a set of guidelines for Package Reviews. Note that a complete list of things to check for would be impossible, but every attempt has been made to make this document as comprehensive as possible. Reviewers and contributors (packagers) should use their best judgement whenever items are unclear, and if in doubt, ask on the fedora-packaging list .

Author: Tom 'spot' Callaway
Revision: 0.31
Initial Draft: Monday Jun 27, 2005
Last Revised: Monday, Feb 6, 2012

Package Review Process

Contributors and reviewers should follow the Package Review Process.

Things To Check On Review

There are many many things to check for a review. This list is provided to assist new reviewers in identifying areas that they should look for, but is by no means complete. Reviewers should use their own good judgement when reviewing packages. The items listed fall into two categories: SHOULD and MUST.

Warning (medium size).png
MUST Items
Items marked as MUST are things that the package (or reviewer) MUST do. If a package fails a MUST item, that is considered a blocker. No package with blockers can be approved on a review. Those items must be fixed before approval can be given.
  • MUST: rpmlint must be run on the source rpm and all binary rpms the build produces. The output should be posted in the review.[1]
  • MUST: The package must be named according to the Package Naming Guidelines .
  • MUST: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption. [2] .
  • MUST: The package must meet the Packaging Guidelines .
  • MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines .
  • MUST: The License field in the package spec file must match the actual license. [3]
  • MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.[4]
  • MUST: The spec file must be written in American English. [5]
  • MUST: The spec file for the package MUST be legible. [6]
  • MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use sha256sum for this task as it is used by the sources file once imported into git. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this.
  • MUST: The package MUST successfully compile and build into binary rpms on at least one primary architecture. [7]
  • MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line. [8]
  • MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense.
  • MUST: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.[9]
  • MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. [10]
  • MUST: Packages must NOT bundle copies of system libraries.[11]
  • MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker. [12]
  • MUST: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. [13]
  • MUST: A Fedora package must not list a file more than once in the spec file's %files listings. (Notable exception: license texts in specific situations)[14]
  • MUST: Permissions on files must be set properly. Executables should be set with executable permissions, for example. [15]
  • MUST: Each package must consistently use macros. [16]
  • MUST: The package must contain code, or permissable content. [17]
  • MUST: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity). [18]
  • MUST: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. [18]
  • MUST: Static libraries must be in a -static package. [19]
  • MUST: Development files must be in a -devel package. [20]
  • MUST: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name}%{?_isa} = %{version}-%{release} [21]
  • MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.[19]
  • MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation. [22]
  • MUST: Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. [23]
  • MUST: All filenames in rpm packages must be valid UTF-8. [24]




Important.png
SHOULD Items:
Items marked as SHOULD are things that the package (or reviewer) SHOULD do, but is not required to do.
  • SHOULD: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [25]
  • SHOULD: The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available. [26]
  • SHOULD: The reviewer should test that the package builds in mock. [27]
  • SHOULD: The package should compile and build into binary rpms on all supported architectures. [28]
  • SHOULD: The reviewer should test that the package functions as described. A package should not segfault instead of running, for example.
  • SHOULD: If scriptlets are used, those scriptlets must be sane. This is vague, and left up to the reviewers judgement to determine sanity. [29]
  • SHOULD: Usually, subpackages other than devel should require the base package using a fully versioned dependency. [21]
  • SHOULD: The placement of pkgconfig(.pc) files depends on their usecase, and this is usually for development purposes, so should be placed in a -devel pkg. A reasonable exception is that the main pkg itself is a devel tool not installed in a user runtime, e.g. gcc or gdb. [30]
  • SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself. [31]
  • SHOULD: your package should contain man pages for binaries/scripts. If it doesn't, work with upstream to add them where they make sense.[32]

References to the Fedora Packaging Guidelines

  1. Packaging Guidelines: Use rpmlint
  2. Naming Guidelines: Spec File Naming
  3. Licensing Guidelines: Valid License Short Names
  4. Licensing Guidelines: License Text
  5. Packaging Guidelines: Summary
  6. Packaging Guidelines: Spec Legibility
  7. Packaging Guidelines: Architecture Support
  8. Packaging Guidelines: Architecture Build Failures
  9. Packaging Guidelines: Handling Locale Files
  10. Packaging Guidelines: Shared Libraries
  11. Packaging Guidelines: Duplication of System Libraries
  12. Packaging Guidelines: Relocatable Packages
  13. Packaging Guidelines: File And Directory Ownership
  14. Packaging Guidelines: Duplicate Files
  15. Packaging Guidelines: File Permissions
  16. Packaging Guidelines: Macros
  17. Packaging Guidelines: Code Vs. Content
  18. 18.0 18.1 Packaging Guidelines: Package Documentation
  19. 19.0 19.1 Packaging Guidelines: Packaging Static Libraries
  20. Packaging Guidelines: Devel Packages
  21. 21.0 21.1 Packaging Guidelines: Requiring Base Package
  22. Packaging Guidelines: Desktop files
  23. Packaging Guidelines: File And Directory Ownership
  24. Packaging Guidelines: Filename Encoding
  25. Licensing Guidelines: License Text
  26. Packaging Guidelines: Summary and description
  27. Mock Tricks
  28. Packaging Guidelines: Architecture Support
  29. Packaging Guidelines: Scriptlets
  30. Packaging Guidelines: Pkgconfig Files
  31. Packaging Guidelines: File Dependencies
  32. Packaging Guidelines: Man Pages