From Fedora Project Wiki

(Add info on blocker tickets and the Whiteboard.)
(fed-req-* is obsolete, now fedpkg must be used)
(59 intermediate revisions by 27 users not shown)
Line 1: Line 1:
<!-- page was renamed from HowToReviewPackages
{{autolang|base=yes}}
-->
'''Author:''' [[TomCallaway| Tom 'spot' Callaway]] and others<BR>
'''Revision:''' 0.05<BR>
'''Initial Draft:''' 2007-03-12<BR>
'''Last Revised:''' 2009-09-16<BR>


{{Anchor|ReviewProcess}}
== Review Purpose ==
== Review Purpose ==


In order for a new package to be added to Fedora, the package must first undertake a formal review. The purpose of this formal review is to try to ensure that the package meets the quality control requirements for Fedora. This does not mean that the package (or the software being packaged) is perfect, but it should meet baseline minimum requirements for quality.
In order for a new package to be added to Fedora, the package must first undertake a formal review. The purpose of this formal review is to try to ensure that the package meets the quality control requirements for Fedora. This does not mean that the package (or the software being packaged) is perfect, but it should meet baseline minimum requirements for quality.


{{Anchor|ReviewPurpose}}
Reviews are currently done for totally new packages, [[Package_Renaming_Process#Re-review_required|package renames]], old packages that were once deprecated returning to the collection, and packages merged from the old Fedora Core repository.
 
Note that some new packages may be exempt from the review process.  Please see [[Packaging:ReviewGuidelines#Package_Review_Process]] for a list of criteria.  If an exemption is warranted, the contributor can skip directly to step 8 of the process: filing a [[PackageDB_admin_requests|request]] in the package database.  But note that a bugzilla ticket will still be required in order to complete that process; please use [[rhbug:1376885|this bug]] for this purpose and follow the instructions there.
 
== Review Process ==
== Review Process ==


Line 21: Line 17:
A Contributor is defined as someone who wants to submit (and maintain) a new package in Fedora.  To become a contributor, you must follow the detailed instructions to [[Join the package collection maintainers]].
A Contributor is defined as someone who wants to submit (and maintain) a new package in Fedora.  To become a contributor, you must follow the detailed instructions to [[Join the package collection maintainers]].


As a Contributor, you should have already made a package which adheres to the [[Packaging/NamingGuidelines| Package Naming Guidelines]]  and [[Packaging/Guidelines| Packaging Guidelines]]. There are also some packages that cannot be included in Fedora, to check if your package applies, check if it contains any [[Forbidden items]].
As a Contributor, you should have already made a package which adheres to the [[Packaging:NamingGuidelines| Package Naming Guidelines]]  and [[Packaging:Guidelines| Packaging Guidelines]]. There are also some packages that cannot be included in Fedora, to check if your package applies, check if it contains any [[Forbidden items]].


When you're happy with your spec file, you should then submit that SRPM to a package review.
When you're happy with your spec file, you should then submit that SRPM to a package review.
Currently, this is done by following these steps:
Currently, this is done by following these steps:


# Put your spec file and SRPM somewhere on the Internet.
* Put your spec file and SRPM somewhere on the Internet where it can be directly downloaded (just HTTP(s), no registration pages or special download methods, please).  If you have no place to put your spec and SRPM, use copr: [https://copr.fedorainfracloud.org/].
# Fill out a request for review in bugzilla. The form is here: [https://bugzilla.redhat.com/bugzilla/enter_bug.cgi?product=Fedora&format=extras-review]. Here is what a sample bugzilla request for review looks like: [[Image:PackageReviewProcess_review.png]]
* Fill out a [https://bugzilla.redhat.com/bugzilla/enter_bug.cgi?product=Fedora&format=fedora-review request for review in bugzilla]. For guidance, a [[:Image:PackageReviewProcess_review.png|screenshot of a sample bugzilla request is available for review]].
# If you do not have any package already in Fedora, this meens you need a sponsor. You need to add FE-NEEDSPONSOR to the bugs being blocked by your review request
[[Image:PackageReviewProcess_review.png|right|x400px]]
# Wait for someone to review your package! At this point in the process, the '''fedora-review flag''' is blank, meaning that no reviewer is assigned.
* If you do not have any package already in Fedora, this means you need a sponsor and to add FE-NEEDSPONSOR (Bugzilla id:177841) to the bugs being blocked by your review request. For more information read the [[How to get sponsored into the packager group]] wiki page.
# There may be comments from people that are not formally reviewing the package, they may add NotReady to the status whiteboard, indication that the review request is not yet ready, because of some issues they report. After you have addressed them, please post the URLs to the updated SPEC and SRPM file and remove it from the Status Whiteboard
* Wait for someone to review your package! At this point in the process, the '''fedora-review''' flag is blank, meaning that no reviewer is assigned.
# A reviewer takes on the task of reviewing your package. They will set the '''fedora-review flag''' to '''?'''
{{admon/tip|Review Swaps| If nobody comments on your review request, you might want to mail to a mailing list (for example, {{fplist|devel}}) asking for a "review swap".  This is an offer to do a review of someone else's package in exchange for them reviewing your package.  This is usually one-for-one, or can be some other private arrangement depending on the difficulty of the respective packages. }}
# The reviewer will review your package. You should fix any blockers that the reviewer identifies. Once the reviewer is happy with the package, the '''fedora-review''' flag will be set to '''+''', indicating that the package has passed review.
* There may be comments from people that are not formally reviewing the package, they may add NotReady to the Whiteboard field, indication that the review request is not yet ready, because of some issues they report. After you have addressed them, please post the URLs to the updated SPEC and SRPM file and remove it from the Whiteboard.  It is expected that you will respond to commentary, including updating your submission to address it; if you do not, your ticket will be closed.
# At this point, you need to request CVS branches for your newly approved package with [[CVS admin requests]]
* A reviewer takes on the task of reviewing your package. They will set the '''fedora-review''' flag to '''?'''
# When the [[CVS admin requests]] are complete, you can import your package into CVS.
* The reviewer will review your package. You should fix any blockers that the reviewer identifies. Once the reviewer is happy with the package, the '''fedora-review''' flag will be set to '''+''', indicating that the package has passed review.
# Cvs checkout the package, do a final check of spec file tags, etc, and run "make tag".
* If you have not yet been sponsored, you will not be able to progress past this point.
# Request a build by running "make build".
* When your package pass the review, you should use the fedpkg tool to request a git repository for it. Before doing that you will need your [https://pagure.io/fedrepo_req pagure_api_token] configured and added into <code>~/.config/rpkg/fedpkg.conf</code>
# Repeat the process for other branches you may have requested.
[fedpkg.pagure]
# Request updates for Fedora release branches, if necessary, using "make build" or another Bodhi interface as detailed in [[Bodhi Guide]].
token = whatever
# You should make sure the review ticket is closed.  You are welcome to close it once the package has been built on the requested branches, or if you built for one of the Fedora release branches you can ask Bodhi to close the ticket for you when it completes the process.  If you close the ticket yourself, use '''NEXTRELEASE''' as the resolution.
For example, if your bugzilla review ticket is 12345 and you want your package in Fedora 27, use: <code>fedpkg --module-name <package-name> request-repo 12345</code>
* As following, if you want to add your package into more Fedora releases, you can use the following command to request additional branches: <code>fedpkg --module-name <package-name> request-branch f27</code>
* When this is complete (tickets in Paquire for requests above are closed as processed), you can [[Join_the_package_collection_maintainers#Import.2C_commit.2C_and_build_your_package|import your SRPM package]] into the SCM.
* Checkout the package using <code>fedpkg clone <package-name></code> do a final check of spec file tags, etc.
* Request a Koji build by running <code>fedpkg build</code>. (You will need to set up [[Infrastructure/Kerberos|Kerberos for Fedora project]])
* Repeat the process for other branches you may have requested above:
** Checkout given branch: <code>fedpkg switch-branch f26</code>
** Lets Koji build the package for this branch: <code>fedpkg build</code>
* Request updates for Fedora release branches, if necessary, using <code>fedpkg update</code> or another Bodhi interface as detailed in [[Bodhi]].
* If possible, add your package to [[Upstream_release_monitoring|Upstream Release Monitoring]].
* You should make sure the review ticket is closed.  You are welcome to close it once the package has been built on the requested branches, or if you built for one of the Fedora release branches you can ask Bodhi to close the ticket for you when it completes the process.  If you close the ticket yourself, use '''NEXTRELEASE''' as the resolution.


You do not need to go through the review process again for subsequent package changes.
You do not need to go through the review process again for subsequent package changes, and should not reference the review ticket in subsequent updates you create in Bodhi.


=== Reviewer ===
=== Reviewer ===


The Reviewer is the person who chooses to review a package.
The Reviewer is the person who chooses to review a package.
{{admon/note|fedora-review tool|
fedora-review is a very useful tool for handling some grunt work in the review process and it is highly recommended that you take advantage of it. <code>dnf install fedora-review</code> and refer to the man page for more details.  Note, however that it is not a replacement for human input and you still need to understand the [[Packaging:Guidelines|Packaging Guidelines]] thoroughly.}}


{{admon/note|Comments by other people|
{{admon/note|Comments by other people|
Other people are encouraged to comment on the review request as well. Especially people searching for sponsorship should comment other review requests to show, that they know the [[Packaging:Guidelines|Packaging Guidelines]].
Other people are encouraged to comment on the review request as well. Especially people searching for sponsorship should comment other review requests to show, that they know the [[Packaging:Guidelines|Packaging Guidelines]].}}
}}


The Reviewer can be any Fedora account holder, who is a member of the [https://admin.fedoraproject.org/accounts/group/members/packager/* packager group]. There is one exception: If it is the first package of a Contributor, the Reviewer must be a [https://admin.fedoraproject.org/accounts/group/members/packager/*/sponsor Sponsor]. You can check if a Contributor has already been sponsored by looking the e-mail address up in the [https://admin.fedoraproject.org/accounts/group/members/packager/* packager group of the account system].
The Reviewer can be any Fedora account holder who is a member of the [https://admin.fedoraproject.org/accounts/group/members/packager/* packager group]. (If the Contributor is not yet sponsored, the review can still proceed to completion but they will need to find a sponsor at some point.)


# Search for a review request that needs a reviewer: [[PackageMaintainers/ReviewRequests | PackageMaintainers/UnassignedReviewRequests]] ('''fedora-review flag''' is blank or the bug is assigned to nobody@fedoraproject.org)  
* Search for a review request that needs a reviewer: http://fedoraproject.org/PackageReviewStatus/ ('''fedora-review''' flag is blank or the bug is assigned to nobody@fedoraproject.org)  
# If you notice some issues that need to be solved before you want to start a formal review, add these issues in a comment and set the Status Whiteboard of the bug to contain NotReady. This helps other possible reviewers to notice that the review request is not yet ready for further review action.
* If you notice some issues that need to be solved before you want to start a formal review, add these issues in a comment and set the Whiteboard of the bug to contain NotReady. This helps other possible reviewers to notice that the review request is not yet ready for further review action.
# if you want to formally review the package, set the '''fedora-review''' flag to '''?''' and assign the bug to yourself.
* if you want to formally review the package, set the '''fedora-review''' flag to '''?''' and assign the bug to yourself.
{{admon/note|Stepping back from a Review|If you want to step back from the review for any reason, reset the <code>fedora-review</code> flag to be blank '''and''' reassign the bug to the default owner of the component, which is '''nobody@fedoraproject.org'''}}
{{admon/note|Stepping back from a Review|If you want to step back from the review for any reason, reset the '''fedora-review''' flag to be blank '''and''' reassign the bug to the default owner of the component, which is '''nobody@fedoraproject.org'''}}
# Review the package.
* Review the package ...
#* Go through the MUST items listed in [[Packaging:ReviewGuidelines| Review Guidelines]] .
** Go through the MUST items listed in [[Packaging:ReviewGuidelines| Review Guidelines]] .
#* Go through the SHOULD items in [[Packaging:ReviewGuidelines| Review Guidelines]] .
** Go through the SHOULD items in [[Packaging:ReviewGuidelines| Review Guidelines]] .
# Take one of the following actions:
** The [https://fedorahosted.org/FedoraReview/ FedoraReview] tool (packaged as fedora-review) can help to automate this process.
#* ACCEPT: If the package is good, set the '''fedora-review''' flag to '''+''' <BR>
* Include the text of your review in a comment in the ticket.  For easy readability, simply use a regular comment instead of an attachment.
#*# If the Reviewer is also acting as Sponsor for the Contributor, then this is the time to sponsor the Contributor in the [https://admin.fedoraproject.org/accounts/ account system] .
* Take one of the following actions:
#* FAIL, LEGAL: If the package is legally risky for whatever reason (known patent or copyright infringement, trademark concerns) close the bug WONTFIX and leave an appropriate comment (i.e. we don't ship mp3, so stop submitting it). Set the '''fedora-review''' flag to '''-''', and have the review ticket block FE-Legal.
** '''ACCEPT''' - If the package is good, set the '''fedora-review''' flag to '''+'''  
#* FAIL, OTHER: If the package is just way off or unsuitable for some other reason, and there is no simple fix, then close the bug WONTFIX and leave an appropriate comment (i.e. we don't package pornography for redistribution, sorry. Or, this isn't a specfile, it's a McDonald's menu, sorry.) Set the '''fedora-review''' flag to '''-'''.
{{admon/question|Time to sponsor?|If the Reviewer is also acting as Sponsor for the Contributor, then this is the time to sponsor the Contributor in the [https://admin.fedoraproject.org/accounts/ account system]}}
#* NEEDSWORK: Anything that isn't explicitly failed should be left open while the submitter and reviewer work together to fix any potential issues. Mark the bug as NEEDINFO while waiting for the reviewer to respond to improvement requests; this makes it easier for reviewers to find open reviews which require their input.
** '''FAIL, LEGAL''' - If the package is legally risky for whatever reason (known patent or copyright infringement, trademark concerns) close the bug WONTFIX and leave an appropriate comment (i.e. we don't ship mp3, so stop submitting it). Set the '''fedora-review''' flag to '''-''', and have the review ticket block FE-Legal.
# Once a package is flagged as '''fedora-review +''' (or '''-'''), the Reviewer's job is done although they may be called upon to assist the Contributor with the import/build/update process and to sure that the Contributor closes the ticket out when the process is complete.
** '''FAIL, OTHER''' - If the package is just way off or unsuitable for some other reason, and there is no simple fix, then close the bug WONTFIX and leave an appropriate comment (i.e. we don't package pornography for redistribution, sorry. Or, this isn't a specfile, it's a McDonald's menu, sorry.) Set the '''fedora-review''' flag to '''-'''.
** '''NEEDSWORK''' - Anything that isn't explicitly failed should be left open while the submitter and reviewer work together to fix any potential issues. Mark the bug as NEEDINFO while waiting for the reviewer to respond to improvement requests; this makes it easier for reviewers to find open reviews which require their input.
* Once a package is flagged as '''fedora-review +''' (or '''-'''), the Reviewer's job is done although they may be called upon to assist the Contributor with the import/build/update process and to ensure that the Contributor closes the ticket out when the process is complete.


== Definitions for fedora-review Flag Settings ==
== Definitions for fedora-review Flag Settings ==
Line 84: Line 94:
{| border="1"
{| border="1"
|-
|-
|FE-NEEDSPONSOR||The submitter requires a sponsor; the review should only be done by a sponsor.
|FE-NEEDSPONSOR||The submitter requires a sponsor; the review can be done by anyone, but a sponsor will need to come and sponsor the submittor.
|-
|-
|FE-DEADREVIEW||The review has been closed out because the submitter has left; users looking for packages to submit may find some possibilities in these dead tickets.
|FE-DEADREVIEW||The review has been closed out because the submitter has left; users looking for packages to submit may find some possibilities in these dead tickets.
Line 99: Line 109:
|-
|-
|BuildFails||The package fails to build.
|BuildFails||The package fails to build.
|-
|AwaitingSubmitter||The package review is stalled and cannot proceed without input from the submitter.
|-
|Trivial||The package is trivial to review.  See below.
|}
|}


The "Trivial" status is intended to indicate packages which, as an aid to new reviewers, are especially uncomplicated and easy to review.  A ticket should not be marked as being trivial unless:
* The package is known to build and a link to a scratch build is included.
* The ticket explains any rpmlint output which is present.
* The spec contains nothing which is unnecessary in modern Fedora (such as BuildRoot:, a %clean section or %defattr).
* The spec is free from excessive or complicated macro usage.
* The spec uses only the least complicated scriptlets which are taken directly from the [[Packaging:Scriptlets]] page.
* The package contains no daemons.
* The package is not especially security sensitive.
* The code has undergone a thorough inspection for licensing issues.  Anomalies which would be found by licensecheck should be explained.
In short, this should be reserved only for those tickets which should be easily approachable by someone doing their first package review.


== Tracking of Package Requests ==
== Tracking of Package Requests ==
* [https://bugzilla.redhat.com/bugzilla/buglist.cgi?product=Fedora&component=Package+Review&bug_status=NEW,ASSIGNED,NEEDINFO,MODIFIED&field0-0-0=flagtypes.name&type0-0-0=notsubstring&value0-0-0=fedora-review  New Review Requests] ([http://fedoraproject.org/PackageReviewStatus/NEW.html Cached for faster access])
 
* [https://bugzilla.redhat.com/bugzilla/buglist.cgi?product=Fedora&component=Package+Review&bug_status=NEW,ASSIGNED,NEEDINFO,MODIFIED&field0-0-0=flagtypes.name&type0-0-0=equals&value0-0-0=fedora-review%3F Packages Currently Under Review]  ([http://fedoraproject.org/PackageReviewStatus/REVIEW.html Cached for faster access])
The [http://fedoraproject.org/PackageReviewStatus cached Package Review Tracker] provides various review-related reports and a simple way to search for reviews by package name or reporter name or others.
* [https://bugzilla.redhat.com/bugzilla/buglist.cgi?product=Fedora&component=Package+Review&bug_status=NEW,ASSIGNED,NEEDINFO,MODIFIED&field0-0-0=flagtypes.name&type0-0-0=equals&value0-0-0=fedora-review%2B Packages Reviewed but not Closed]
 
== Authorship ==
This document was originally authored by [[TomCallaway|Tom 'spot' Callaway]] in 2007 and has since been modified by many others.


[[Category:Package Maintainers]]
[[Category:Package Maintainers]]

Revision as of 22:44, 22 February 2018

Review Purpose

In order for a new package to be added to Fedora, the package must first undertake a formal review. The purpose of this formal review is to try to ensure that the package meets the quality control requirements for Fedora. This does not mean that the package (or the software being packaged) is perfect, but it should meet baseline minimum requirements for quality.

Reviews are currently done for totally new packages, package renames, old packages that were once deprecated returning to the collection, and packages merged from the old Fedora Core repository.

Note that some new packages may be exempt from the review process. Please see Packaging:ReviewGuidelines#Package_Review_Process for a list of criteria. If an exemption is warranted, the contributor can skip directly to step 8 of the process: filing a request in the package database. But note that a bugzilla ticket will still be required in order to complete that process; please use this bug for this purpose and follow the instructions there.

Review Process

There are two roles in the review process, that of the contributor and that of the reviewer. In this document, we'll present both perspectives.

Contributor

A Contributor is defined as someone who wants to submit (and maintain) a new package in Fedora. To become a contributor, you must follow the detailed instructions to Join the package collection maintainers.

As a Contributor, you should have already made a package which adheres to the Package Naming Guidelines and Packaging Guidelines. There are also some packages that cannot be included in Fedora, to check if your package applies, check if it contains any Forbidden items.

When you're happy with your spec file, you should then submit that SRPM to a package review. Currently, this is done by following these steps:

  • If you do not have any package already in Fedora, this means you need a sponsor and to add FE-NEEDSPONSOR (Bugzilla id:177841) to the bugs being blocked by your review request. For more information read the How to get sponsored into the packager group wiki page.
  • Wait for someone to review your package! At this point in the process, the fedora-review flag is blank, meaning that no reviewer is assigned.
Idea.png
Review Swaps
If nobody comments on your review request, you might want to mail to a mailing list (for example, devel) asking for a "review swap". This is an offer to do a review of someone else's package in exchange for them reviewing your package. This is usually one-for-one, or can be some other private arrangement depending on the difficulty of the respective packages.
  • There may be comments from people that are not formally reviewing the package, they may add NotReady to the Whiteboard field, indication that the review request is not yet ready, because of some issues they report. After you have addressed them, please post the URLs to the updated SPEC and SRPM file and remove it from the Whiteboard. It is expected that you will respond to commentary, including updating your submission to address it; if you do not, your ticket will be closed.
  • A reviewer takes on the task of reviewing your package. They will set the fedora-review flag to ?
  • The reviewer will review your package. You should fix any blockers that the reviewer identifies. Once the reviewer is happy with the package, the fedora-review flag will be set to +, indicating that the package has passed review.
  • If you have not yet been sponsored, you will not be able to progress past this point.
  • When your package pass the review, you should use the fedpkg tool to request a git repository for it. Before doing that you will need your pagure_api_token configured and added into ~/.config/rpkg/fedpkg.conf
[fedpkg.pagure]
token = whatever

For example, if your bugzilla review ticket is 12345 and you want your package in Fedora 27, use: fedpkg --module-name <package-name> request-repo 12345

  • As following, if you want to add your package into more Fedora releases, you can use the following command to request additional branches: fedpkg --module-name <package-name> request-branch f27
  • When this is complete (tickets in Paquire for requests above are closed as processed), you can import your SRPM package into the SCM.
  • Checkout the package using fedpkg clone <package-name> do a final check of spec file tags, etc.
  • Request a Koji build by running fedpkg build. (You will need to set up Kerberos for Fedora project)
  • Repeat the process for other branches you may have requested above:
    • Checkout given branch: fedpkg switch-branch f26
    • Lets Koji build the package for this branch: fedpkg build
  • Request updates for Fedora release branches, if necessary, using fedpkg update or another Bodhi interface as detailed in Bodhi.
  • If possible, add your package to Upstream Release Monitoring.
  • You should make sure the review ticket is closed. You are welcome to close it once the package has been built on the requested branches, or if you built for one of the Fedora release branches you can ask Bodhi to close the ticket for you when it completes the process. If you close the ticket yourself, use NEXTRELEASE as the resolution.

You do not need to go through the review process again for subsequent package changes, and should not reference the review ticket in subsequent updates you create in Bodhi.

Reviewer

The Reviewer is the person who chooses to review a package.

Note.png
fedora-review tool
fedora-review is a very useful tool for handling some grunt work in the review process and it is highly recommended that you take advantage of it. dnf install fedora-review and refer to the man page for more details. Note, however that it is not a replacement for human input and you still need to understand the Packaging Guidelines thoroughly.
Note.png
Comments by other people
Other people are encouraged to comment on the review request as well. Especially people searching for sponsorship should comment other review requests to show, that they know the Packaging Guidelines.

The Reviewer can be any Fedora account holder who is a member of the packager group. (If the Contributor is not yet sponsored, the review can still proceed to completion but they will need to find a sponsor at some point.)

  • Search for a review request that needs a reviewer: http://fedoraproject.org/PackageReviewStatus/ (fedora-review flag is blank or the bug is assigned to nobody@fedoraproject.org)
  • If you notice some issues that need to be solved before you want to start a formal review, add these issues in a comment and set the Whiteboard of the bug to contain NotReady. This helps other possible reviewers to notice that the review request is not yet ready for further review action.
  • if you want to formally review the package, set the fedora-review flag to ? and assign the bug to yourself.
Note.png
Stepping back from a Review
If you want to step back from the review for any reason, reset the fedora-review flag to be blank and reassign the bug to the default owner of the component, which is nobody@fedoraproject.org
  • Review the package ...
  • Include the text of your review in a comment in the ticket. For easy readability, simply use a regular comment instead of an attachment.
  • Take one of the following actions:
    • ACCEPT - If the package is good, set the fedora-review flag to +
Questionmark.png
Time to sponsor?
If the Reviewer is also acting as Sponsor for the Contributor, then this is the time to sponsor the Contributor in the account system
    • FAIL, LEGAL - If the package is legally risky for whatever reason (known patent or copyright infringement, trademark concerns) close the bug WONTFIX and leave an appropriate comment (i.e. we don't ship mp3, so stop submitting it). Set the fedora-review flag to -, and have the review ticket block FE-Legal.
    • FAIL, OTHER - If the package is just way off or unsuitable for some other reason, and there is no simple fix, then close the bug WONTFIX and leave an appropriate comment (i.e. we don't package pornography for redistribution, sorry. Or, this isn't a specfile, it's a McDonald's menu, sorry.) Set the fedora-review flag to -.
    • NEEDSWORK - Anything that isn't explicitly failed should be left open while the submitter and reviewer work together to fix any potential issues. Mark the bug as NEEDINFO while waiting for the reviewer to respond to improvement requests; this makes it easier for reviewers to find open reviews which require their input.
  • Once a package is flagged as fedora-review + (or -), the Reviewer's job is done although they may be called upon to assist the Contributor with the import/build/update process and to ensure that the Contributor closes the ticket out when the process is complete.

Definitions for fedora-review Flag Settings

fedora-review (BLANK) Package Needs Review
fedora-review ? Package Under Review
fedora-review - Package Failed Review, dropped for legal or other issues.
fedora-review + Package Approved

Special blocker tickets

There are a few tickets which can be placed in the "Blocks" field to indicate specific ticket statuses:

FE-NEEDSPONSOR The submitter requires a sponsor; the review can be done by anyone, but a sponsor will need to come and sponsor the submittor.
FE-DEADREVIEW The review has been closed out because the submitter has left; users looking for packages to submit may find some possibilities in these dead tickets.
FE-Legal The package is currently awaiting review by the legal team.

The Whiteboard

To save time for reviewers, the page at http://fedoraproject.org/PackageReviewStatus/NEW.html will hide certain tickets which are not reviewable. The Whiteboard field can be used to mark a ticket with various additional bits of status which will cause it to be hidden or displayed differently.

NotReady The package is not yet ready for review. It is possible to open a review ticket, mark it as NotReady, and continue to work on it until it's ready to be seen by a reviewer.
BuildFails The package fails to build.
AwaitingSubmitter The package review is stalled and cannot proceed without input from the submitter.
Trivial The package is trivial to review. See below.

The "Trivial" status is intended to indicate packages which, as an aid to new reviewers, are especially uncomplicated and easy to review. A ticket should not be marked as being trivial unless:

  • The package is known to build and a link to a scratch build is included.
  • The ticket explains any rpmlint output which is present.
  • The spec contains nothing which is unnecessary in modern Fedora (such as BuildRoot:, a %clean section or %defattr).
  • The spec is free from excessive or complicated macro usage.
  • The spec uses only the least complicated scriptlets which are taken directly from the Packaging:Scriptlets page.
  • The package contains no daemons.
  • The package is not especially security sensitive.
  • The code has undergone a thorough inspection for licensing issues. Anomalies which would be found by licensecheck should be explained.

In short, this should be reserved only for those tickets which should be easily approachable by someone doing their first package review.

Tracking of Package Requests

The cached Package Review Tracker provides various review-related reports and a simple way to search for reviews by package name or reporter name or others.

Authorship

This document was originally authored by Tom 'spot' Callaway in 2007 and has since been modified by many others.