15:32 <cpaelzer> #startmeeting Weekly Main Inclusion Requests status 15:32 <meetingology> Meeting started at 15:32:47 UTC. The chair is cpaelzer. Information about MeetBot at https://wiki.ubuntu.com/meetingology 15:32 <didrocks> just in time after my IRC timed out o/ 15:32 <meetingology> Available commands: action, commands, idea, info, link, nick 15:32 <cpaelzer> #topic Review of previous action items 15:33 <cpaelzer> no items other than the reviews assigned to MIR and security team 15:33 <cpaelzer> #topic current component mismatches 15:33 <cpaelzer> Mission: Identify required actions and spread the load among the teams 15:33 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg 15:33 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg 15:33 <cpaelzer> let us start with the -release report 15:33 <cpaelzer> I see updates (two weeks ago) on https://bugs.launchpad.net/ubuntu/+source/glade/+bug/1961023 15:33 <ubottu> Launchpad bug 1961023 in glade (Ubuntu) "[MIR] glade" [Undecided, Incomplete] 15:34 <cpaelzer> didrocks: seb128: does that need further action by you? 15:34 <didrocks> libhandy-1 -> glade: seb128 told me he was going to look at it (false positive, but let’s ensure) 15:34 <cpaelzer> ok, let us know if we need to memorize another false positive 15:34 <cpaelzer> nothing else new in this list 15:34 <didrocks> yeah, I want us to be sure before claiming this 15:34 <cpaelzer> going to -proposed now 15:34 <slyon> python-consul looks new to me 15:34 <cpaelzer> on https://bugs.launchpad.net/ubuntu/+source/python-cheroot/+bug/1930111 15:34 <ubottu> Launchpad bug 1930111 in cherrypy3 (Ubuntu) "[MIR] new dependencies of cherrypy3: jaraco.collections, jaraco.classes, jaraco.text, python-cheroot, python-jaraco.functools, python-tempora, python-portend, zc.lockfile" [Undecided, In Progress] 15:35 <cpaelzer> there was an update 15:35 <cpaelzer> IMHO this is in wrong state, needs to go back to openstack Team 15:35 <cpaelzer> jamespage: I'll assign you and set incomplete for your awareness 15:36 <didrocks> another update: libqmi -> libqtrglib. The dep will be dropped soon rather than MIRing, it’s an optional dep that we don’t really need now 15:36 <sarnold> yay :) 15:36 <cpaelzer> thanks didrocks, I think I have read about this somewhere 15:36 <cpaelzer> so let us ignore libqmi 15:36 <didrocks> and gnome-shell -> libhandy1, I started it but I will need more time to finish it and too much urgent things right now (still aiming before EOW) 15:37 <cpaelzer> but I hear this is on you and we should not bother about it atm 15:37 <didrocks> indeed 15:37 <cpaelzer> python-xmlschema - I have the feeling we had this for a while ... 15:37 <cpaelzer> another false positive 15:37 <cpaelzer> ? 15:38 <cpaelzer> no no alternative 15:38 <cpaelzer> python-pysaml2 -> python3-xmlschema seems legit, and by the uploader names on openstack 15:38 <cpaelzer> jamespage: ^^ 15:39 <cpaelzer> bug exists and is 15:39 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/python-xmlschema/+bug/1953363 15:39 <ubottu> Launchpad bug 1953363 in python-xmlschema (Ubuntu) "[MIR] python-xmlschema, elementpath, importlib-resources" [High, New] 15:39 <cpaelzer> ok so right now this one is actually on security AFAICS 15:39 <cpaelzer> ok for me 15:39 <cpaelzer> it is flagged as 22.04 material 15:39 <cpaelzer> sarnold: can you check if this is on your list/queue ? 15:39 <cpaelzer> your teams list I should say? 15:39 <sarnold> cpaelzer: it is 15:39 <cpaelzer> good 15:40 <cpaelzer> next case then ... 15:40 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/libadwaita-1/+bug/1962568 is new but already assigned 15:40 <ubottu> Launchpad bug 1962568 in libadwaita-1 (Ubuntu) "[MIR] libadwaita-1" [Undecided, New] 15:40 <cpaelzer> didrocks: is busy these days 15:40 <sarnold> :) 15:40 <cpaelzer> but this one us openstack and not handled yet 15:40 <didrocks> consider it in a perfect world not be in the list next week :) 15:40 <cpaelzer> https://launchpad.net/ubuntu/+source/masakari-monitors -> python-consul 15:41 <cpaelzer> jamespage: ^^ 15:41 <cpaelzer> we see the new upload held back by this 15:41 <cpaelzer> https://launchpad.net/ubuntu/+source/masakari-monitors/12.0.0+git2022030313.a89511e-0ubuntu1 15:41 <cpaelzer> coreycb: ^^ your upload 15:41 <cpaelzer> the rest in this list looks known to me 15:41 <coreycb> cpaelzer: thanks, I'll take a look 15:41 <cpaelzer> didrocks: final check on libreoffice -> epiphany? 15:42 <cpaelzer> IIRC that dep was meant to be dropped 15:42 <cpaelzer> is that task assigned to someone? 15:42 <didrocks> cpaelzer: definitively false positive 15:42 <didrocks> the alternative has firefox as first 15:42 <didrocks> which is seeded 15:42 <cpaelzer> oh ok - then just keep reminding me until I have learned 15:42 <cpaelzer> thanks in advance 15:42 <didrocks> so another one for the list :/ 15:42 <cpaelzer> #topic New MIRs 15:42 <cpaelzer> Mission: ensure to assign all incoming reviews for fast processing 15:42 <slyon> we should have a deny-list at some point.. 15:42 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir 15:42 <cpaelzer> slyon: yeah we all agree 15:43 <cpaelzer> the first to get to code one has is allowed to skip one review 15:43 <cpaelzer> new MIRs list is empty 15:43 <didrocks> one only? :) 15:43 <didrocks> \o/ 15:43 <slyon> :) 15:43 <cpaelzer> #topic Incomplete bugs / questions 15:43 <cpaelzer> Mission: Identify required actions and spread the load among the teams 15:43 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir 15:44 <cpaelzer> sarnold: I have to go by the market, only if no one implements it for one the price increases 15:44 <sarnold> HODL HODL HODL! 15:44 <cpaelzer> we have four updates since last week in the list of incompletes 15:44 <cpaelzer> checking them one by one 15:45 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/tcmu/+bug/1854362 15:45 <ubottu> Launchpad bug 1854362 in ceph-iscsi (Ubuntu) "[MIR] ceph-iscsi, tcmu, python-configshell-fb, python-rtslib-fb, urwid, targetcli-fb" [Undecided, In Progress] 15:45 <cpaelzer> that is ok, openstack can use this now 15:45 <cpaelzer> I found it forgotten and updated the case, they are aware 15:45 <cpaelzer> to be extra sure coreycb jamespage ^^ FYI 15:45 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/libqrtr-glib/+bug/1963707 15:45 <ubottu> Launchpad bug 1963707 in libqrtr-glib (Ubuntu) "[MIR] libqrtr-glib" [Low, Incomplete] 15:45 <cpaelzer> filed by desktop, related to qmi, which we were told the dependency will be dropped 15:45 <didrocks> discussed above, the dep will be dropped as soon as seb128 has a sec 15:45 <cpaelzer> so action 15:46 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/rustc/+bug/1957932 15:46 <ubottu> Launchpad bug 1957932 in rustc (Ubuntu) "[MIR] rustc, cargo" [Critical, Incomplete] 15:46 <cpaelzer> that is documentation of what was discussed at the sprint 15:46 <cpaelzer> no action yet 15:46 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/python-cheroot/+bug/1930111 15:46 <ubottu> Launchpad bug 1930111 in cherrypy3 (Ubuntu) "[MIR] new dependencies of cherrypy3: jaraco.collections, jaraco.classes, jaraco.text, python-cheroot, python-jaraco.functools, python-tempora, python-portend, zc.lockfile" [Undecided, In Progress] 15:47 <cpaelzer> that was unblocked by security (thanks) and is back on openstack 15:47 <cpaelzer> jamespage: ^^ FYI 15:47 <cpaelzer> I have already updated the case to reflect that 15:47 <cpaelzer> #topic MIR related Security Review Queue 15:47 <cpaelzer> Mission: Check on progress, do deadlines seem doable? 15:47 <cpaelzer> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir 15:48 <sarnold> we recently finished plocate https://bugs.launchpad.net/ubuntu/+source/plocate/+bug/1960864 -- and glusterfs is in progress https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1950321 -- swtpm is also in-progress of a sort, no progress in the last few days https://bugs.launchpad.net/ubuntu/+source/swtpm/+bug/1948748 15:48 <cpaelzer> a few are left 15:48 <ubottu> Launchpad bug 1960864 in Release Notes for Ubuntu "[MIR] plocate" [Undecided, New] 15:48 <ubottu> Launchpad bug 1950321 in glusterfs (Ubuntu) "[MIR] glusterfs" [Critical, Confirmed] 15:48 <ubottu> Launchpad bug 1948748 in swtpm (Ubuntu) "[MIR] swtpm" [High, New] 15:48 <cpaelzer> yes sarnold I've seen and updated the bug 15:48 <cpaelzer> thank you 15:48 <sarnold> glusterfs sounds like it's still pretty gronky code 15:48 <cpaelzer> why isn't gluster in this list anymore ? 15:48 <sarnold> 'assigned to sbeat tie' 15:49 <cpaelzer> oh reassigned 15:49 <cpaelzer> ok 15:49 <cpaelzer> the list still shringks every week 15:49 * sbeattie is trying to get through it, but it'd help if people'd stop finding security issues in other software. 15:49 <sbeattie> it == glusterfs 15:49 <sarnold> yespls 15:49 <cpaelzer> so again thank you sarnold and sbeattie and all the reviewer you train up 15:49 <cpaelzer> sbeattie: can we stop other people finding other issues somehow? 15:50 <sarnold> we can beg people to run coverity and cppcheck and .. :) 15:50 <cpaelzer> hehe 15:50 <cpaelzer> so to sum it up, progress is made on the security reviews, that makes people happy, we still might be able to complete all 22.04 material in time 15:50 <cpaelzer> #topic Any other business? 15:50 <slyon> https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187 15:50 <ubottu> Launchpad bug 1887187 in nftables (Ubuntu) "[MIR] nftables" [Critical, New] 15:51 <cpaelzer> right that is recent as well slyon 15:51 <slyon> joalif and myself finished the MIR review on that one today 15:51 <slyon> not sure why it didn't show up in the new MIRs queue 15:51 <sarnold> sweet 15:51 <joalif> thanks slyon again! 15:51 <slyon> basically it is back to the security team for security review and a small packaging change (missing .symbols file) 15:51 <cpaelzer> slyon: does it have required todos? 15:51 <cpaelzer> yes it has some 15:52 <cpaelzer> so I'll set incomplete 15:52 <slyon> cpaelzer: yes it does have two small required TODOs 15:52 <cpaelzer> then it would have shown 15:52 <slyon> thank you 15:52 <cpaelzer> And this is on security twice now - for review and for driving the case (IIUC) 15:52 <slyon> exactly 15:52 <sarnold> *very* secure 15:52 <slyon> hehe 15:53 <sbeattie> https://github.com/cpaelzer/ubuntu-mir/pull/9 15:53 <ubottu> Pull 9 in cpaelzer/ubuntu-mir "RFC: ensure package built in most recent archive test rebuild" [Open] 15:53 <cpaelzer> I updated https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187 15:53 <ubottu> Launchpad bug 1887187 in nftables (Ubuntu) "[MIR] nftables" [Critical, Incomplete] 15:53 <cpaelzer> let us look at the PR 15:53 <cpaelzer> sorry for bug handling not being present sbeattie 15:53 <cpaelzer> reading the case 15:53 <sbeattie> no problem 15:54 <cpaelzer> I'd plus one this suggestion 15:55 <cpaelzer> could we vote on this please, if we are overall +1 I can add it right away 15:55 <sarnold> +1 15:55 <cpaelzer> +1 15:55 <slyon> +1, maybe we could suggest doing a local build, too? 15:55 <sbeattie> I'd like to avoid the issue found in the python-cheroot security review, feel free to wordsmith, bikeshed, etc. 15:55 <didrocks> +1 as well 15:55 <joalif> +1 15:56 <slyon> like running sbuild on the package locally. This would be even newer than the latest archive rebuild 15:56 <cpaelzer> slyon: I can add that as C 15:56 <cpaelzer> that or a proposed PPA rebuild 15:56 <cpaelzer> this suggestion is better than nothing, wordsmithing can happen if this ever is a pain to someone 15:56 <cpaelzer> I'd add it right now 15:56 <slyon> cpaelzer: that'd be nice 15:56 <cpaelzer> that seems to be all we have 15:57 <sbeattie> thanks! 15:57 <cpaelzer> ok closing then 15:57 <cpaelzer> #endmeeting