#ubuntu-meeting log

14:34 <cpaelzer> #startmeeting Weekly Main Inclusion Requests status
14:34 <meetingology> Meeting started at 14:34:30 UTC.  The chair is cpaelzer.  Information about MeetBot at https://wiki.ubuntu.com/meetingology
14:34 <meetingology> Available commands: action, commands, idea, info, link, nick
14:34 <cpaelzer> hi sarnold joalif slyon didrocks jamespage
14:34 <slyon> o/
14:34 <cpaelzer> #topic Review of previous action items
14:35 <cpaelzer> only action is me wanting to thank you all to carry this on while I was sick and on sprint!
14:35 <cpaelzer> #topic current component mismatches
14:35 <cpaelzer> Mission: Identify required actions and spread the load among the teams
14:35 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg
14:35 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg
14:35 <cpaelzer> new cycle, new mismatches showing up
14:35 <cpaelzer> ahve you talked about pipewire->libldac before?
14:35 <slyon> nope, seems new
14:36 <cpaelzer> didrocks: seb128: that seems desktop'ish - would you talk to the team if one can check this new dependency?
14:37 <cpaelzer> hmm didrocks might be unavailable
14:37 <cpaelzer> I have pinged internally, maybe one joins - let us identify more new cases
14:38 <cpaelzer> ruby-xmlrpc -> ruby->webrick is new to me
14:38 <cpaelzer> did you check that last week?
14:38 <slyon> ruby-xmlrpc looks new
14:38 <slyon> ah... I think we might have left that for you :P
14:39 <cpaelzer> fine and fair
14:39 <cpaelzer> I'll talk with kanashiro later
14:39 <slyon> thanks
14:40 <cpaelzer> jaraco.text
14:40 <cpaelzer> that is from the openstack context
14:40 <cpaelzer> jamespage: ? ^^
14:40 <slyon> we pinged him in the past about it, but he might not yet have had the time to check
14:41 <cpaelzer> plenty of others have stubs - which is great as that defines an owner
14:41 <slyon> yes, many are in the foundations backlog
14:42 <cpaelzer> requests (python) -> python-charset-normalizer
14:42 <didrocks> cpaelzer: sorry, meeting running over
14:42 <cpaelzer> that is also server sadly, I do not know why this one pytohn lib is ours, but we will have a look
14:42 <didrocks> yeah, will do pipewire
14:42 <cpaelzer> np, welcome didrocks
14:42 <cpaelzer> and thanks for that
14:42 <didrocks> (still in meeting btw)
14:42 <cpaelzer> I'll take requests for the server team
14:42 <slyon> thanks!
14:44 <cpaelzer> all others have stubs or are known false positives
14:44 <cpaelzer> going on ...
14:44 <cpaelzer> #topic New MIRs
14:44 <cpaelzer> Mission: ensure to assign all incoming reviews for fast processing
14:44 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir
14:45 <cpaelzer> desktop is flooding us :-)
14:45 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/libwpe/+bug/1973031
14:45 <ubottu> Launchpad bug 1973031 in libwpe (Ubuntu) "[MIR] libwpe" [High, New]
14:45 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/wpebackend-fdo/+bug/1973033
14:45 <didrocks> yeah :p
14:45 <ubottu> Launchpad bug 1973033 in wpebackend-fdo (Ubuntu) "[MIR] wpebackend-fdo" [High, New]
14:45 <cpaelzer> both looking for volunteers
14:45 <didrocks> I can probably take one of them
14:45 <cpaelzer> I could do the lib
14:46 <cpaelzer> would you didrocks do the -fdo one?
14:46 <didrocks> ack, I will do the -fdo
14:46 <cpaelzer> assigned both
14:46 <cpaelzer> #topic Incomplete bugs / questions
14:46 <cpaelzer> Mission: Identify required actions and spread the load among the teams
14:46 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir
14:47 <cpaelzer> ok we have a few recent updates ...
14:47 <didrocks> iwd and g-t-e is waiting on desktop
14:47 <cpaelzer> vulkan and smartcards are just tracking updates
14:47 <cpaelzer> and yet to what didrocks said
14:47 <cpaelzer> btw in that context I reviewed "ell" today, that is waiting on security now
14:47 <sarnold> \o/
14:48 <slyon> I'd like to consult the rest of the MIR team about iwd
14:48 <didrocks> see how happy sarnold is :p
14:48 <cpaelzer> let us do that in other business slyon
14:48 <slyon> ack
14:48 <cpaelzer> completing this section with
14:48 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/python-invoke/+bug/1892875
14:48 <ubottu> Launchpad bug 1892875 in python-invoke (Ubuntu) "[MIR] python-invoke" [Medium, Incomplete]
14:48 <cpaelzer> discussion going on betwen bdrung and jamespage - not really a discussion, but TL;DR no action needed atm
14:49 <cpaelzer> #topic MIR related Security Review Queue
14:49 <cpaelzer> Mission: Check on progress, do deadlines seem doable?
14:49 <cpaelzer> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir
14:49 <cpaelzer> ell (just mentioned above) has a milestone set as seb mentioned when it is needed
14:50 <cpaelzer> I'm still waiting for a milestone on vulkan-tools, but I know people are waiting on this as well
14:50 <cpaelzer> sarnold: how does progress look on your side now?
14:50 <sarnold> this last week was some yak-shaving, getting new coverity, new coverity license, installed and working on my poor old build laptop; a bug report I filed on the segfault during build was very well received :D
14:50 <cpaelzer> tracking in place, people/resources available ?
14:50 <sarnold> cpaelzer: it feels much happier now, yes
14:51 <cpaelzer> ok, let me do my groundhog day - any news for telegraf then?
14:51 <cpaelzer> it is at the top of the list, so it is the one I ask about
14:51 <sarnold> a nice visit with an old friend :D https://github.com/influxdata/telegraf/issues/11092#issuecomment-1125404409
14:51 <ubottu> Issue 11092 in influxdata/telegraf "Unchecked net.Listen() causes segfault in instrumental test" [Closed]
14:51 <cpaelzer> hehe
14:52 <sarnold> I think that's it for us
14:52 <cpaelzer> that sounds like "ongoing" then
14:52 <cpaelzer> thanks
14:52 <cpaelzer> #topic Any other business?
14:52 <cpaelzer> iwd from slyon?
14:52 <slyon> bug 1971739
14:52 <ubottu> Bug 1971739 in iwd (Ubuntu) "[MIR] iwd" [Undecided, Incomplete] https://launchpad.net/bugs/1971739
14:52 <slyon> the question is: should we require security review?
14:52 <cpaelzer> reading through it ...
14:53 <slyon> iwd runs a daemon/service as root, but it has very good isolation/security in place in its systemd .service unit
14:53 * didrocks reads too
14:53 <cpaelzer> I'd still vote for getting a review
14:53 <slyon> what is the policy, we apply here? Usually, daemon as root => security review. But IMO that was before systemd-service isolation existed
14:54 <cpaelzer> for me the question is not "is it well isolated" that is for the security team to decide. Instead it is "does this have an attack surface" -> if yes then need review
14:54 <cpaelzer> it is a simplification, but that is how I handle it most of the time
14:54 <didrocks> yeah, me too
14:54 <cpaelzer> I'm not putting all my eggs into the "systemd will keep me safe and warm" basket
14:54 <slyon> ack. I might have some bias there :D
14:54 <didrocks> heh :)
14:54 <slyon> I will be requiring security-review then
14:54 <cpaelzer> to be clear I appreciate every isolation that is used and it makes the feeling better and more likely to pass review
14:55 <cpaelzer> but it still needs one
14:55 <cpaelzer> this will follow the same deadline as ell then, setting milestone
14:55 <slyon> yes
14:56 <cpaelzer> I updated the case
14:57 <cpaelzer> anything else for "other business" ?
14:57 <sarnold> nothing from me
14:57 <didrocks> nothing for me
14:57 <slyon> nothign
14:57 <joalif> nothing
14:58 <cpaelzer> neither from me
14:58 <cpaelzer> to close this - just as expected "new cycle new fun"
14:58 <cpaelzer> thank you all!
14:59 <sarnold> thanks cpaelzer, all :)
14:59 <cpaelzer> #endmeeting