LLMpediaThe first transparent, open encyclopedia generated by LLMs

Fedora Packaging Guidelines

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: RPM Package Manager Hop 5
Expansion Funnel Raw 118 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted118
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
Fedora Packaging Guidelines
NameFedora Packaging Guidelines
DeveloperFedora Project
Released2003
Programming languageRPM, Bash, Python
Operating systemLinux
GenrePackaging policy

Fedora Packaging Guidelines The Fedora Packaging Guidelines provide a set of policies, standards, and procedural norms for creating, maintaining, and distributing software packages within the Fedora ecosystem. They align technical requirements with community governance, quality assurance, and legal compliance to support reproducible builds, collaboration, and secure distribution across Fedora, Red Hat, CentOS, and related projects. The guidelines intersect with upstream projects, continuous integration systems, and licensing frameworks used by organizations and projects in the free and open source software landscape.

Overview

The guidelines were developed by contributors within the Fedora Project, influenced by practices from Red Hat, GNOME Project, KDE, Debian, openSUSE, Free Software Foundation, and standards from the Linux Foundation, Apache Software Foundation, Eclipse Foundation, Mozilla Foundation, Canonical (company), SUSE, Oracle Corporation (insofar as historical RPM interactions), CentOS Project, Gentoo, NetBSD, FreeBSD Foundation, LLVM Project, GNU Project, FSF Europe, OSI, Open Source Initiative, Cloud Native Computing Foundation, Kubernetes, Docker, Inc., Systemd Project, Upstream Linux Kernel Team, X.Org Foundation, Wayland Project, Mesa 3D Graphics Library, PulseAudio, ALSA Project, SQLite Consortium, OpenSSL Project, and LibreOffice. Contributors include maintainers from Red Hat engineering teams, volunteers from Fedora Council, and specialists who have worked on packaging standards for projects such as GNOME, KDE, and Mozilla Firefox.

Packaging Standards and Policies

Standards codify naming, versioning, file-system layout, and dependency declarations to ensure interoperability with tools like RPM Package Manager, Koji, Mock, Bodhi, and Pungi. Policies reference legal and trademark considerations involving entities such as Red Hat, Fedora Project, Open Source Initiative, Creative Commons, United States Patent and Trademark Office, and licensing bodies like GPLv2, GPLv3, LGPL, MIT License, Apache License 2.0, BSD License. Packaging rules adapt to upstream conventions from projects such as Python Software Foundation, Node.js Foundation, Perl Foundation, RubyGems, Eclipse Foundation, and dependency ecosystems like Maven Central, npm, PyPI, CPAN, CRAN, while ensuring compliance with system components like systemd, glibc, binutils, gcc, LLVM Project toolchains.

Specfile and Macro Usage

Specfile practices prescribe macro conventions, changelog policies, and build scriptlets compatible with the RPM Package Manager ecosystem and tooling from Red Hat, Fedora Project, RPM.org, rpmfusion, Fedora Magazine contributors, and maintainers who coordinate with projects like autoconf, automake, cmake, Meson, pkg-config, gettext, intltool, and GNU Compiler Collection. Macro hygiene references shared macro libraries maintained by Fedora Project and influenced by upstream packaging in Debian and openSUSE communities. Examples in guidelines draw on historical packaging cases from Mozilla Firefox, LibreOffice, GIMP, VLC media player, and Apache HTTP Server to illustrate best practices for %prep, %build, %install, and %files sections.

Build and Test Procedures

Build and test procedures integrate continuous build systems and QA services such as Koji, Mock, COPR, Bodhi, OpenQA, Continuous Integration, Travis CI, GitLab CI, GitHub Actions, and containerization technologies like Docker, Inc. and Podman. Test strategies reference upstream test suites from projects including Linux Kernel, Python Software Foundation, Perl Foundation, Node.js Foundation, Qt Project, GTK Project, Mesa 3D Graphics Library, LLVM Project, OpenSSL Project, and LibreOffice for regression prevention. Packaging tests emphasize reproducible builds principles championed by groups such as Reproducible Builds and coordination with distribution-wide initiatives from Fedora Quality Assurance and Fedora Infrastructure.

Source and License Requirements

Source handling mandates provenance, integrity, and licensing clarity consistent with norms from Open Source Initiative, FSF, Creative Commons, GPLv3, MIT License, Apache License 2.0, BSD License, and contributor agreements where applicable with organizations like Red Hat or foundations such as Apache Software Foundation. Sources should be obtained from upstream sites run by projects like GitHub, GitLab, SourceForge, Savannah, GNOME Project, KDE, Apache Software Foundation, Python Software Foundation, Node.js Foundation, and LLVM Project with checksums and tarball conventions that mirror practices from GNU Project and Debian vendors. License metadata must match SPDX identifiers promoted by Linux Foundation initiatives and SPDX work by groups including OpenChain.

Repository Workflow and Submission

Submission workflows use git hosting, review systems, and governance mechanisms provided by Pagure, GitHub, GitLab, Fedora Project, Fedora Account System, Fedora Council, FESCo, Bodhi, Koji, and Fedora Package Database. Contributors follow review and approval patterns influenced by larger projects such as Linux Kernel maintainership, GNOME Project contribution guidelines, and community-driven models from Debian and openSUSE. The workflow integrates with continuous delivery tooling used in projects like Ansible, Puppet, SaltStack, Jenkins, GitLab CI, and GitHub Actions, and aligns with release engineering practices at Red Hat and other enterprise open source vendors.

Security and Maintenance Practices

Security requirements coordinate vulnerability response, patch management, and CVE assignment with organizations such as MITRE, National Vulnerability Database, Red Hat Product Security, Fedora Security Team, OpenSSL Project, Mozilla Foundation, CVE Program, CERT Coordination Center, and US-CERT interoperability efforts. Maintenance policies draw on long-term support models practiced by Red Hat, CentOS Project, Debian LTS, and community teams for projects like GNOME, KDE, LibreOffice, and Python Software Foundation ecosystems. Practices include embargoed fixes, secure build environments using SELinux, AppArmor, GPG, and cryptographic toolkits from OpenSSL Project and GnuPG to ensure package integrity and trust in supply-chain processes.

Category:Fedora Project