Extended spec PR check to validate the `Distribution` and `Vendor` tags. (#10328)

SPECS-EXTENDED/python-extras/python-extras.spec

@@ -11,10 +11,10 @@
 Summary:        Useful extra bits for Python
 Name:           python-extras
 Version:        1.0.0
-Release:        15%{?dist}
+Release:        16%{?dist}
 License:        MIT
 URL:            https://github.com/testing-cabal/extras
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Source0:        https://pypi.io/packages/source/e/extras/extras-%{version}.tar.gz
 BuildArch:      noarch
@@ -62,6 +62,10 @@ rm -vrf *.egg-info
 %{python3_sitelib}/extras-*.egg-info/
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 1.0.0-16
+- Release bump to fix package information.
+- License verified.
+
 * Tue Oct 13 2020 Steve Laughman <steve.laughman@microsoft.com> - 1.6.0-15
 - Initial CBL-Mariner import from Fedora 33 (license: MIT)
 - Disable circular dependency check

SPECS-EXTENDED/python-pymongo/python-pymongo.spec

@@ -7,12 +7,15 @@
 
 Name:           python-pymongo
 Version:        3.10.1
-Release:        5%{?dist}
-# All code is ASL 2.0 except bson/time64*.{c,h} which is MIT
-License:        ASL 2.0 and MIT
+Release:        6%{?dist}
+# All code is ASL 2.0 except for:
+# - bson/time64*.{c,h} - MIT,
+# - encoding_helpers.c - Unicode with a "Portions Copyright 2001 Unicode, Inc." header,
+# - ssl_match_hostname.py - Python-2.0
+License:        ASL 2.0 and MIT and Python-2.0 and Unicode
 Summary:        Python driver for MongoDB
 URL:            https://github.com/mongodb/mongo-python-driver
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Source0:        https://github.com/mongodb/mongo-python-driver/archive/%{version}/pymongo-%{version}.tar.gz
 # This patch removes the bundled ssl.match_hostname library as it was vulnerable to CVE-2013-7440
@@ -90,28 +93,32 @@ chmod 755 %{buildroot}%{python3_sitearch}/bson/*.so
 chmod 755 %{buildroot}%{python3_sitearch}/pymongo/*.so
 
 %files doc
-%license LICENSE
+%license LICENSE THIRD-PARTY-NOTICES
 %if 0%{!?bootstrap:1}
 %doc doc/_build/html/*
 %endif
 
 %files -n python3-bson
-%license LICENSE
+%license LICENSE THIRD-PARTY-NOTICES
 %doc README.rst
 %{python3_sitearch}/bson
 
 %files -n python3-pymongo
-%license LICENSE
+%license LICENSE THIRD-PARTY-NOTICES
 %doc README.rst
 %{python3_sitearch}/pymongo
 %{python3_sitearch}/pymongo-%{version}-*.egg-info
 
 %files -n python3-pymongo-gridfs
-%license LICENSE
+%license LICENSE THIRD-PARTY-NOTICES
 %doc README.rst
 %{python3_sitearch}/gridfs
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 3.10.1-6
+- Release bump to fix package information.
+- License verified.
+
 * Mon Oct 19 2020 Steve Laughman <steve.laughman@microsoft.com> - 3.10.1-5
 - Initial CBL-Mariner import from Fedora 33 (license: MIT)
 

SPECS-EXTENDED/python-pyrsistent/python-pyrsistent.spec

@@ -18,10 +18,10 @@ original structure is left untouched.}
 Name:           python-%{pypi_name}
 Summary:        Persistent/Functional/Immutable data structures
 Version:        0.17.3
-Release:        2%{?dist}
+Release:        3%{?dist}
 License:        MIT
 URL:            http://github.com/tobgu/pyrsistent/
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Source0:        https://files.pythonhosted.org/packages/source/p/%{pypi_name}/%{pypi_name}-%{version}.tar.gz
 # relax dependencies specified in setup.py
@@ -71,6 +71,10 @@ rm -rf %{pypi_name}.egg-info
 %{python3_sitearch}/%{pypi_name}-%{version}-py%{python3_version}.egg-info/
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 0.17.3-3
+- Release bump to fix package information.
+- License verified.
+
 * Thu Oct 22 2020 Steve Laughman <steve.laughman@microsoft.com> - 0.17.3-2
 - Initial CBL-Mariner import from Fedora 33 (license: MIT)
 

SPECS-EXTENDED/python-pytest-runner/python-pytest-runner.spec

@@ -10,10 +10,10 @@
 Summary:        Invoke py.test as distutils command with dependency resolution
 Name:           python-%{modulename}
 Version:        4.0
-Release:        12%{?dist}
+Release:        13%{?dist}
 License:        MIT
 URL:            https://pypi.python.org/pypi/pytest-runner
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 # setuptools-scm requires a pypi tarball and doesn't like github tarball
 Source0:        https://files.pythonhosted.org/packages/source/p/%{modulename}/%{modulename}-%{version}.tar.gz
@@ -58,6 +58,10 @@ Python 3 version.
 %{python3_sitelib}/__pycache__/ptr.*
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 4.0-13
+- Release bump to fix package information.
+- License verified.
+
 * Thu Oct 22 2020 Steve Laughman <steve.laughman@microsoft.com> - 4.0-12
 - Initial CBL-Mariner import from Fedora 33 (license: MIT)
 

SPECS-EXTENDED/python-recommonmark/python-recommonmark.spec

@@ -16,11 +16,11 @@ Documentation is available on Read the Docs: http://recommonmark.readthedocs.org
 
 Name:           python-%{github_name}
 Version:        0.6.0
-Release:        4%{?dist}
+Release:        5%{?dist}
 Summary:        %{sum}
 License:        MIT
 URL:            https://github.com/%{project_owner}/%{github_name}
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Source0:        https://github.com/%{project_owner}/%{github_name}/archive/%{version}/%{github_name}-%{version}.tar.gz
 BuildArch:      noarch
@@ -81,6 +81,10 @@ popd  # Leave buildroot bindir
 %{_bindir}/cm2*-%{python3_version}
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 0.6.0-5
+- Release bump to fix package information.
+- License verified.
+
 * Thu Oct 14 2021 Pawel Winogrodzki <pawelwi@microsoft.com> - 0.6.0-4
 - Converting the 'Release' tag to the '[number].[distribution]' format.
 

SPECS-EXTENDED/python-testscenarios/python-testscenarios.spec

@@ -5,11 +5,11 @@
 
 Name:           python-%{pypi_name}
 Version:        0.5.0
-Release:        22%{?dist}
+Release:        23%{?dist}
 Summary:        Testscenarios, a pyunit extension for dependency injection
 License:        ASL 2.0 and BSD
 URL:            https://launchpad.net/testscenarios
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Source0:        https://pypi.python.org/packages/source/t/%{pypi_name}/%{pypi_name}-%{version}.tar.gz
 BuildArch:      noarch
@@ -71,6 +71,9 @@ CFLAGS="%{optflags}" %{__python3} setup.py build
 %{python3_sitelib}/*
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 0.5.0-23
+- Release bump to fix package information.
+
 * Fri Apr 29 2022 Muhammad Falak <mwani@microsoft.com> - 0.5.0-22
 - Add BR on `pip` to enable ptest
 - License verified

SPECS-EXTENDED/python-testtools/python-testtools.spec

@@ -27,11 +27,11 @@ framework.}
 
 Name:           python-%{pkgname}
 Version:        2.4.0
-Release:        8%{?dist}
+Release:        9%{?dist}
 Summary:        Extensions to the Python unit testing framework
 License:        MIT
 URL:            https://launchpad.net/testtools
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Source0:        https://files.pythonhosted.org/packages/source/t/%{libname}/%{libname}-%{version}.tar.gz
 Patch0:         testtools-2.4.0-remove_backports.patch
@@ -107,6 +107,10 @@ make PYTHON=%{__python3} check
 %endif
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 2.4.0-9
+- Release bump to fix package information.
+- License verified.
+
 * Tue Oct 13 2020 Steve Laughman <steve.laughman@microsoft.com> - 2.4.0-8
 - Initial CBL-Mariner import from Fedora 33 (license: MIT)
 

SPECS/bc/bc.spec

@@ -1,8 +1,8 @@
 Summary:        precision numeric processing language
 Name:           bc
 Version:        1.07.1
-Release:        4%{?dist}
-License:        GPLv2+
+Release:        5%{?dist}
+License:        GPLv3+
 URL:            https://www.gnu.org/software/bc/
 Group:          System Environment/base
 Vendor:         Microsoft Corporation
@@ -46,17 +46,26 @@ popd
 %{_mandir}/*/*
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 1.07.1-5
+- License verified.
+
 * Fri Jan 22 2021 Andrew Phelps <anphel@microsoft.com> 1.07.1-4
 - Fix check test. Remove sha1. Change URL to GNU bc homepage.
+
 * Sat May 09 2020 Nick Samson <nisamson@microsoft.com> 1.07.1-3
 - Added %%license line automatically
+
 * Tue Sep 03 2019 Mateusz Malisz <mamalisz@microsoft.com> 1.07.1-2
 - Initial CBL-Mariner import from Photon (license: Apache2).
+
 * Mon Oct 1 2018 Sujay G <gsujay@vmware.com> 1.07.1-1
 - Bump bc version to 1.07.1
+
 * Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 1.06.95-3
 - GA - Bump release of all rpms
+
 * Tue Aug 4 2015 Kumar Kaushik <kaushikk@vmware.com> 1.06.95-2
 - Adding the post uninstall section.
+
 * Wed Nov 5 2014 Divya Thaluru <dthaluru@vmware.com> 1.06.95-1
 - initial version

SPECS/ccache/ccache.spec

@@ -1,10 +1,10 @@
 Summary:        Compiler Cache
 Name:           ccache
 Version:        4.8.3
-Release:        1%{?dist}
+Release:        2%{?dist}
 License:        BeOpen AND BSD AND GPLv3+ AND (Patrick Powell's AND Holger Weiss' license) AND Public Domain AND Python AND zlib
 Vendor:         Microsoft Corporation
-Distribution:   Mariner
+Distribution:   Azure Linux
 URL:            https://ccache.dev
 Source0:        https://github.com/%{name}/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.gz
 BuildRequires:  cmake
@@ -56,6 +56,9 @@ done
 %{_libdir}/*
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 4.8.3-2
+- Fix the 'Distribution' tag.
+
 * Fri Nov 10 2023 Andrew Phelps <anphel@microsoft.com> - 4.8.3-1
 - Upgrade to version 4.8.3
 

SPECS/dejavu-fonts/dejavu-fonts.spec

@@ -8,8 +8,8 @@
 Summary:        The DejaVu fonts families
 Name:           dejavu-fonts
 Version:        2.37
-Release:        2%{?dist}
-License:        Bistream Vera Font AND Arev Fonts
+Release:        3%{?dist}
+License:        Bistream Vera Font AND Arev Fonts AND AMSFonts AND Public Domain
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Group:          System Environment/Base
@@ -101,6 +101,9 @@ install ttf/DejaVuMathTeXGyre.ttf %{buildroot}%{_serif_fontdir}
 %{_serif_fontdir}/*.ttf
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 2.37-3
+- License verified.
+
 * Fri Jul 09 2021 Pawel Winogrodzki <pawelwi@microsoft.com> - 2.37-2
 - Renaming to 'dejavu-fonts'.
 - Adding 'dejavu-sans-mono-fonts' and 'dejavu-serif-fonts' subpackages.

SPECS/docbook-style-xsl/docbook-style-xsl.spec

@@ -1,8 +1,8 @@
 Summary:        Docbook-xsl-1.79.1
 Name:           docbook-style-xsl
 Version:        1.79.1
-Release:        13%{?dist}
-License:        ASL 2.0
+Release:        14%{?dist}
+License:        ASL 2.0 AND MIT
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Group:          Development/Tools
@@ -96,12 +96,15 @@ fi
 
 %files
 %defattr(-,root,root)
-%license COPYING
+%license COPYING extensions/LICENSE.txt
 %{_datadir}/xml/docbook/xsl-stylesheets-%{version}
 %{_datadir}/sgml/docbook/xsl-stylesheets
 %{_docdir}/*
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 1.79.1-14
+- License verified.
+
 * Sat May 09 2020 Nick Samson <nisamson@microsoft.com> - 1.79.1-10
 - Added %%license line automatically
 

SPECS/hardening-check/hardening-check.spec

@@ -3,7 +3,7 @@
 Summary:        Tool to check ELF binary hardening configuration
 Name:           hardening-check
 Version:        2.6
-Release:        2%{?dist}
+Release:        3%{?dist}
 License:        GPLv2+
 URL:            http://packages.debian.org/hardening-wrapper
 Group:          Development/Tools
@@ -53,6 +53,9 @@ make
 %{_mandir}/man1/hardening-check.1.*
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 2.6-3
+- License verified.
+
 * Wed May 20 2020 Henry Beberman <henry.beberman@microsoft.com> - 2.6-2
 - Initial CBL-Mariner import from Fedora 26 (license: MIT).
 - Changed package name from 'hardening-wrapper'.

SPECS/kube-vip-cloud-provider/kube-vip-cloud-provider.spec

@@ -1,11 +1,11 @@
 Summary:        The Kube-Vip cloud provider functions as a general-purpose cloud provider for on-premises bare-metal or virtualized setups
 Name:           kube-vip-cloud-provider
 Version:        0.0.10
-Release:        1%{?dist}
+Release:        2%{?dist}
 License:        ASL 2.0
 URL:            https://github.com/kube-vip/kube-vip-cloud-provider
 Group:          Applications/Text
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Source0:        https://github.com/kube-vip/%{name}/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 #Note that the source file should be renamed to the format {name}-%{version}.tar.gz
@@ -40,6 +40,9 @@ install kube-vip-cloud-provider %{buildroot}%{_bindir}/kube-vip-cloud-provider
 %{_bindir}/kube-vip-cloud-provider
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 0.0.10-2
+- Release bump to fix package information.
+
 * Mon Jul 08 2024 Tobias Brick <tobiasb@microsoft.com> - 0.0.10-1
 - Upgrade to 0.0.10
 - Patch CVE-2023-47108

SPECS/local-path-provisioner/local-path-provisioner.spec

@@ -1,11 +1,11 @@
 Summary:        Provides a way for the Kubernetes users to utilize the local storage in each node
 Name:           local-path-provisioner
 Version:        0.0.24
-Release:        1%{?dist}
+Release:        2%{?dist}
 License:        ASL 2.0
 URL:            https://github.com/rancher/local-path-provisioner
 Group:          Applications/Text
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Source0:        https://github.com/rancher/%{name}/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 #Note that the source file should be renamed to the format {name}-%{version}.tar.gz
@@ -30,6 +30,9 @@ install local-path-provisioner %{buildroot}%{_bindir}/local-path-provisioner
 %{_bindir}/local-path-provisioner
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 0.0.24-2
+- Release bump to fix package information.
+
 * Fri Oct 27 2023 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 0.0.24-1
 - Auto-upgrade to 0.0.24 - Azure Linux 3.0 - package upgrades
 

SPECS/ncompress/ncompress.spec

@@ -1,13 +1,12 @@
 Summary:        A fast, simple LZW file compressor
 Name:           ncompress
 Version:        5.0
-Release:        1%{?dist}
+Release:        2%{?dist}
 License:        Unlicense
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 URL:            https://github.com/vapier/ncompress
-#Source0:       https://github.com/vapier/%{name}/archive/v%{version}.tar.gz
-Source0:        %{name}-%{version}.tar.gz
+Source0:        https://github.com/vapier/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 BuildRequires:  gcc
 BuildRequires:  glibc-devel
 BuildRequires:  make
@@ -47,5 +46,8 @@ make PREFIX=%{_prefix} DESTDIR=%{buildroot} install_core
 %{_mandir}/man1/*
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 5.0-2
+- License verified.
+
 * Mon May 17 2021 Thomas Crain <thcrain@microsoft.com> - 5.0-1
 - Original version for CBL-Mariner

SPECS/uuid/uuid.spec

@@ -1,8 +1,8 @@
 Summary:        Universally Unique Identifier library
 Name:           uuid
 Version:        1.6.2
-Release:        50%{?dist}
-License:        MIT
+Release:        51%{?dist}
+License:        ISC
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 URL:            http://www.ossp.org/pkg/lib/uuid/
@@ -117,6 +117,7 @@ make check
 %postun -p /sbin/ldconfig
 
 %files
+%license README
 %doc AUTHORS ChangeLog HISTORY NEWS PORTING README SEEALSO THANKS TODO USERS
 %{_bindir}/uuid
 %{_libdir}/libossp-uuid.so.*
@@ -147,6 +148,9 @@ make check
 %{_libdir}/libossp-uuid_dce.so
 
 %changelog
+* Tue Sep 03 2024 Pawel Winogrodzki <pawelwi@microsoft.com> - 1.6.2-51
+- License verified.
+
 * Mon Nov 30 2020 Nicolas Ontiveros <niontive@microsoft.com> - 1.6.2-50
 - Initial CBL-Mariner import from Fedora 33 (license: MIT).
 - Replace ldconfig_scriptlets with post/postun ldconfig calls

toolkit/resources/manifests/package/pkggen_core_aarch64.txt

@@ -202,7 +202,7 @@ createrepo_c-1.0.3-1.azl3.aarch64.rpm
 libxml2-2.11.5-1.azl3.aarch64.rpm
 libxml2-devel-2.11.5-1.azl3.aarch64.rpm
 docbook-dtd-xml-4.5-11.azl3.noarch.rpm
-docbook-style-xsl-1.79.1-13.azl3.noarch.rpm
+docbook-style-xsl-1.79.1-14.azl3.noarch.rpm
 libsepol-3.6-1.azl3.aarch64.rpm
 glib-2.78.1-4.azl3.aarch64.rpm
 libltdl-2.4.7-1.azl3.aarch64.rpm

toolkit/resources/manifests/package/pkggen_core_x86_64.txt

@@ -202,7 +202,7 @@ createrepo_c-1.0.3-1.azl3.x86_64.rpm
 libxml2-2.11.5-1.azl3.x86_64.rpm
 libxml2-devel-2.11.5-1.azl3.x86_64.rpm
 docbook-dtd-xml-4.5-11.azl3.noarch.rpm
-docbook-style-xsl-1.79.1-13.azl3.noarch.rpm
+docbook-style-xsl-1.79.1-14.azl3.noarch.rpm
 libsepol-3.6-1.azl3.x86_64.rpm
 glib-2.78.1-4.azl3.x86_64.rpm
 libltdl-2.4.7-1.azl3.x86_64.rpm

toolkit/resources/manifests/package/toolchain_aarch64.txt

@@ -42,8 +42,8 @@ ca-certificates-base-3.0.0-7.azl3.noarch.rpm
 ca-certificates-legacy-3.0.0-7.azl3.noarch.rpm
 ca-certificates-shared-3.0.0-7.azl3.noarch.rpm
 ca-certificates-tools-3.0.0-7.azl3.noarch.rpm
-ccache-4.8.3-1.azl3.aarch64.rpm
-ccache-debuginfo-4.8.3-1.azl3.aarch64.rpm
+ccache-4.8.3-2.azl3.aarch64.rpm
+ccache-debuginfo-4.8.3-2.azl3.aarch64.rpm
 check-0.15.2-1.azl3.aarch64.rpm
 check-debuginfo-0.15.2-1.azl3.aarch64.rpm
 chkconfig-1.25-1.azl3.aarch64.rpm
@@ -75,7 +75,7 @@ debugedit-debuginfo-5.0-2.azl3.aarch64.rpm
 diffutils-3.10-1.azl3.aarch64.rpm
 diffutils-debuginfo-3.10-1.azl3.aarch64.rpm
 docbook-dtd-xml-4.5-11.azl3.noarch.rpm
-docbook-style-xsl-1.79.1-13.azl3.noarch.rpm
+docbook-style-xsl-1.79.1-14.azl3.noarch.rpm
 dwz-0.14-2.azl3.aarch64.rpm
 dwz-debuginfo-0.14-2.azl3.aarch64.rpm
 e2fsprogs-1.47.0-2.azl3.aarch64.rpm

toolkit/resources/manifests/package/toolchain_x86_64.txt

@@ -43,8 +43,8 @@ ca-certificates-base-3.0.0-7.azl3.noarch.rpm
 ca-certificates-legacy-3.0.0-7.azl3.noarch.rpm
 ca-certificates-shared-3.0.0-7.azl3.noarch.rpm
 ca-certificates-tools-3.0.0-7.azl3.noarch.rpm
-ccache-4.8.3-1.azl3.x86_64.rpm
-ccache-debuginfo-4.8.3-1.azl3.x86_64.rpm
+ccache-4.8.3-2.azl3.x86_64.rpm
+ccache-debuginfo-4.8.3-2.azl3.x86_64.rpm
 check-0.15.2-1.azl3.x86_64.rpm
 check-debuginfo-0.15.2-1.azl3.x86_64.rpm
 chkconfig-1.25-1.azl3.x86_64.rpm
@@ -78,7 +78,7 @@ debugedit-debuginfo-5.0-2.azl3.x86_64.rpm
 diffutils-3.10-1.azl3.x86_64.rpm
 diffutils-debuginfo-3.10-1.azl3.x86_64.rpm
 docbook-dtd-xml-4.5-11.azl3.noarch.rpm
-docbook-style-xsl-1.79.1-13.azl3.noarch.rpm
+docbook-style-xsl-1.79.1-14.azl3.noarch.rpm
 dwz-0.14-2.azl3.x86_64.rpm
 dwz-debuginfo-0.14-2.azl3.x86_64.rpm
 e2fsprogs-1.47.0-2.azl3.x86_64.rpm

toolkit/scripts/check_spec_guidelines.py

@@ -12,38 +12,67 @@ import sys
 
 from spec_source_attributions import get_spec_source, VALID_SOURCE_ATTRIBUTIONS
 
+EXPECTED_DISTRIBUTION_TAG = "Azure Linux"
+EXPECTED_VENDOR_TAG = "Microsoft Corporation"
+
+# Checking if the specs contains a 'Distribution' tag.
+DISTRIBUTION_TAG_PRESENT_REGEX = re.compile(r"^\s*Distribution:\s*", re.MULTILINE)
+
 # Checking if the specs include only the valid 'Distribution: Azure Linux' tag.
-invalid_distribution_tag_regex = re.compile(
-    r'^\s*Distribution:\s*(?!Azure Linux\s*$)\S+', re.MULTILINE)
+INVALID_DISTRIBUTION_TAG_REGEX = re.compile(
+    rf"^\s*Distribution:\s*(?!{EXPECTED_DISTRIBUTION_TAG}\s*$)\S+", re.MULTILINE
+)
+
+# Checking if the specs include only the valid 'Vendor: Microsoft Corporation' tag.
+INVALID_VENDOR_TAG_REGEX = re.compile(
+    rf"^\s*Vendor:\s*(?!{EXPECTED_VENDOR_TAG}\s*$)\S+", re.MULTILINE
+)
+
+# Checking if the specs contains a 'Vendor' tag.
+VENDOR_TAG_PRESENT_REGEX = re.compile(r"^\s*Vendor:\s*", re.MULTILINE)
 
 # Checking for the deprecated '%patch[number]' format.
 # For more info, see: https://rpm-software-management.github.io/rpm/manual/spec.html.
-invalid_patch_macro_regex = re.compile(
-    r'^\s*%patch\d', re.MULTILINE)
+INVALID_PATCH_MACRO_REGEX = re.compile(r"^\s*%patch\d", re.MULTILINE)
 
 # Check for '%patch' macros not using the '-P' flag.
-invalid_toolchain_patch_macro = re.compile(
-    r'^\s*%patch((?!-P\s+\d+).)*$', re.MULTILINE)
+INVALID_TOOLCHAIN_PATCH_MACRO = re.compile(r"^\s*%patch((?!-P\s+\d+).)*$", re.MULTILINE)
 
-license_regex = re.compile(
-    r"\b(license verified|verified license)\b", re.IGNORECASE)
+LICENSE_REGEX = re.compile(r"\b(license verified|verified license)\b", re.IGNORECASE)
 
-valid_release_tag_regex = re.compile(
-    r'^[1-9]\d*%\{\?dist\}$')
+VALID_RELEASE_TAG_REGEX = re.compile(r"^[1-9]\d*%\{\?dist\}$")
 
-valid_source_attributions_one_per_line = "\n".join(f"- {key}: '{value}'" for key, value in VALID_SOURCE_ATTRIBUTIONS.items())
+VALID_SOURCE_ATTRIBUTIONS_ONE_PER_LINE = "\n".join(
+    f"- {key}: '{value}'" for key, value in VALID_SOURCE_ATTRIBUTIONS.items()
+)
 
 
-def check_distribution_tag(spec_path: str):
+def check_distribution_tag_correct(spec_path: str):
     """Checks if the 'Distribution' tags match 'Azure Linux'. """
     with open(spec_path) as file:
         contents = file.read()
 
-    if invalid_distribution_tag_regex.search(contents) is not None:
+    if INVALID_DISTRIBUTION_TAG_REGEX.search(contents) is not None:
         print(f"""
 ERROR: detected an invalid 'Distribution' tag.
 
-    Please use 'Distribution: Azure Linux'.
+    Please use 'Distribution: {EXPECTED_DISTRIBUTION_TAG}'.
+""")
+        return False
+
+    return True
+
+
+def check_distribution_tag_exists(spec_path: str):
+    """Checks if the 'Distribution' tag exists. """
+    with open(spec_path) as file:
+        contents = file.read()
+
+    if DISTRIBUTION_TAG_PRESENT_REGEX.search(contents) is None:
+        print(f"""
+ERROR: missing 'Distribution' tag.
+
+    Please add 'Distribution: {EXPECTED_DISTRIBUTION_TAG}'.
 """)
         return False
 
@@ -55,7 +84,7 @@ def check_patch_macro(spec_path: str):
     with open(spec_path) as file:
         contents = file.read()
 
-    if invalid_patch_macro_regex.search(contents) is not None:
+    if INVALID_PATCH_MACRO_REGEX.search(contents) is not None:
         print(f"""
 ERROR: use of deprecated '%patch[number]' format (no space between '%patch' and the number of the patch).
 
@@ -73,7 +102,7 @@ def check_release_tag(spec_path: str):
     """Checks if the 'Release' tag is in one of Azure Linux's expected formats. """
     spec = Spec.from_file(spec_path)
 
-    if valid_release_tag_regex.match(spec.release) is None:
+    if VALID_RELEASE_TAG_REGEX.match(spec.release) is None:
         print(f"""
 ERROR: invalid 'Release' tag.
 
@@ -90,7 +119,7 @@ def check_license_verification(spec_path: str):
     """Checks if the package's license has been verified. """
     spec = Spec.from_file(spec_path)
 
-    if len(license_regex.findall(spec.changelog)) == 0:
+    if len(LICENSE_REGEX.findall(spec.changelog)) == 0:
         print(f"""
 ERROR: license not verified.
 
@@ -117,7 +146,7 @@ ERROR: no valid source attribution.
     Make sure to indicate the origin of the spec file in the changelog.
     Currently supported source attributions (in form of regular expressions):
 
-{valid_source_attributions_one_per_line}
+{VALID_SOURCE_ATTRIBUTIONS_ONE_PER_LINE}
 
     If you're importing a spec from a source, which doesn't fit the currently supported list,
     please update the 'VALID_SOURCE_ATTRIBUTIONS' variable inside the '{dirname(realpath(__file__))}/spec_source_attributions.py' script.
@@ -137,8 +166,8 @@ def check_toolchain_patch_lines(spec_path: str, toolchain_specs: set):
 
     with open(spec_path) as file:
         contents = file.read()
-        
-    if invalid_toolchain_patch_macro.search(contents) is not None:
+
+    if INVALID_TOOLCHAIN_PATCH_MACRO.search(contents) is not None:
         print(f"""
 ERROR: detected a toolchain spec with invalid '%patch' macros.
 
@@ -150,26 +179,59 @@ ERROR: detected a toolchain spec with invalid '%patch' macros.
     return True
 
 
+def check_vendor_tag_correct(spec_path: str):
+    """Checks if the 'Vendor' tags match 'Microsoft Corporation'. """
+    with open(spec_path) as file:
+        contents = file.read()
+
+    if INVALID_VENDOR_TAG_REGEX.search(contents) is not None:
+        print(f"""
+ERROR: detected an invalid 'Vendor' tag.
+
+    Please use 'Vendor: {EXPECTED_VENDOR_TAG}'.
+""")
+        return False
+
+    return True
+
+
+def check_vendor_tag_exists(spec_path: str):
+    """Checks if the 'Vendor' tag exists. """
+    with open(spec_path) as file:
+        contents = file.read()
+
+    if VENDOR_TAG_PRESENT_REGEX.search(contents) is None:
+        print(f"""
+ERROR: missing 'Vendor' tag.
+
+    Please add 'Vendor: {EXPECTED_VENDOR_TAG}'.
+""")
+        return False
+
+    return True
+
+
+SPEC_CHECKS = [
+    check_distribution_tag_correct,
+    check_distribution_tag_exists,
+    check_license_verification,
+    check_patch_macro,
+    check_release_tag,
+    check_source_attribution,
+    check_vendor_tag_correct,
+    check_vendor_tag_exists,
+]
+
+
 def check_spec(spec_path, toolchain_specs):
     spec_correct = True
 
-    print(f"Checking {spec_path}")
+    print(f"Checking {spec_path}.")
 
-    if not check_distribution_tag(spec_path):
-        spec_correct = False
+    for spec_check in SPEC_CHECKS:
+        if not spec_check(spec_path):
+            spec_correct = False
 
-    if not check_patch_macro(spec_path):
-        spec_correct = False
-
-    if not check_release_tag(spec_path):
-        spec_correct = False
-
-    if not check_source_attribution(spec_path):
-        spec_correct = False
-
-    if not check_license_verification(spec_path):
-        spec_correct = False
-    
     if not check_toolchain_patch_lines(spec_path, toolchain_specs):
         spec_correct = False
 
@@ -190,7 +252,7 @@ if __name__ == '__main__':
                         nargs='+',
                         help='path to an RPM spec file')
     args = parser.parse_args()
-    
+
     toolchain_specs = set(args.toolchain_specs.split())
 
     specs_correct = True

toolkit/tools/internal/rpm/testdata/no_default_package_or_check.spec

@@ -5,7 +5,7 @@ Release:        1%{?dist}
 License:        MIT
 URL:            https://test.com
 Group:          Test
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 
 %description

toolkit/tools/internal/rpm/testdata/no_exclusive_architecture.spec

@@ -5,7 +5,7 @@ Release:        1%{?dist}
 License:        MIT
 URL:            https://test.com
 Group:          Test
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 
 %description

toolkit/tools/internal/rpm/testdata/supported_unsupported_architectures.spec

@@ -5,7 +5,7 @@ Release:        1%{?dist}
 License:        MIT
 URL:            https://test.com
 Group:          Test
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 
 BuildArch:      noarch

toolkit/tools/internal/rpm/testdata/unsupported_architectures.spec

@@ -5,7 +5,7 @@ Release:        1%{?dist}
 License:        MIT
 URL:            https://test.com
 Group:          Test
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 
 BuildArch:      noarch

toolkit/tools/internal/rpm/testdata/with_epoch_and_check.spec

@@ -6,7 +6,7 @@ Release:        1%{?dist}
 License:        MIT
 URL:            https://test.com
 Group:          Test
-Vendor:         Microsoft
+Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 
 %description