https://bugzilla.redhat.com/show_bug.cgi?id=2376217 --- Comment #42 from Dave Dykstra <dwd@xxxxxxx> --- > I just pushed > https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-3d60df796c that > provides a %gobuild backport for EPEL 8. I made an update that now always uses the provided %gobuild macro. > I don't see the Unicode nor the BSD-3-Clause-Views license included in the > License tag. They're there now. > Are there bundled web assets (HTML, CSS, JS) in this package? I didn't realize > that this wasn't just a pure Go package (my bad), but I saw these files in the > git repository. If there are, you also need to follow the guidelines for web > assets and javascript. Ideally, you could build the web assets from source like > the forgejo package does. Also, license expression and bundled Provides would > need to encompass the web assets. I'm not super well-versed in packaging web > assets, but AFAIK, proper licensing and bundled Provides are mandatory and > things should be built from source unless it's completely impractical (e.g., > upstream only includes bundled css or javascript libraries or minified/ > precompiled css or javascript files in the sources with no easy way to unbundle > or regenerate them). See > https://docs.fedoraproject.org/en-US/packaging-guidelines/Web_Assets/ and > https://docs.fedoraproject.org/en-US/packaging-guidelines/JavaScript/. The web assets are converted into go code and included in the go binary, they're not included as separate files. So I don't see anything from those packaging guidelines that I can apply. I looked into it but there is no straightforward way to unbundle or regenerate them from the original source. The process requires a lot of network access too. In order to include the licensing and bundled Provides for the bundled web assets, I made an upstream PR to include the license and node module version information in the release distribution tarball. Since it won't be made available upstream until their next release, for this time around I changed the package to get the distribution tarball from a tag on my own github org. I expanded the License field to include those licenses and expanded the bundled Provides to include all the nodejs packages in the format used by the nodejs macros (Provides: bundled(nodejs-<modulename>) = <moduleversion>). Spec URL: https://raw.githubusercontent.com/opensciencegrid/openbao-rpm/refs/tags/v2.4.0/openbao.spec SRPM URL: https://github.com/opensciencegrid/openbao-rpm/releases/download/v2.4.0/openbao-2.4.0-1.src.rpm Copr build: https://copr.fedorainfracloud.org/coprs/dwd/openbao/build/9521263/ -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2376217 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202376217%23c42 -- _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
