14:34 <cpaelzer> #startmeeting Weekly Main Inclusion Requests status 14:34 <meetingology> Meeting started at 14:34:30 UTC. The chair is cpaelzer. Information about MeetBot at https://wiki.ubuntu.com/meetingology 14:34 <meetingology> Available commands: action, commands, idea, info, link, nick 14:34 <cpaelzer> hi sarnold joalif slyon didrocks jamespage 14:34 <slyon> o/ 14:34 <cpaelzer> #topic Review of previous action items 14:35 <cpaelzer> only action is me wanting to thank you all to carry this on while I was sick and on sprint! 14:35 <cpaelzer> #topic current component mismatches 14:35 <cpaelzer> Mission: Identify required actions and spread the load among the teams 14:35 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg 14:35 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg 14:35 <cpaelzer> new cycle, new mismatches showing up 14:35 <cpaelzer> ahve you talked about pipewire->libldac before? 14:35 <slyon> nope, seems new 14:36 <cpaelzer> didrocks: seb128: that seems desktop'ish - would you talk to the team if one can check this new dependency? 14:37 <cpaelzer> hmm didrocks might be unavailable 14:37 <cpaelzer> I have pinged internally, maybe one joins - let us identify more new cases 14:38 <cpaelzer> ruby-xmlrpc -> ruby->webrick is new to me 14:38 <cpaelzer> did you check that last week? 14:38 <slyon> ruby-xmlrpc looks new 14:38 <slyon> ah... I think we might have left that for you :P 14:39 <cpaelzer> fine and fair 14:39 <cpaelzer> I'll talk with kanashiro later 14:39 <slyon> thanks 14:40 <cpaelzer> jaraco.text 14:40 <cpaelzer> that is from the openstack context 14:40 <cpaelzer> jamespage: ? ^^ 14:40 <slyon> we pinged him in the past about it, but he might not yet have had the time to check 14:41 <cpaelzer> plenty of others have stubs - which is great as that defines an owner 14:41 <slyon> yes, many are in the foundations backlog 14:42 <cpaelzer> requests (python) -> python-charset-normalizer 14:42 <didrocks> cpaelzer: sorry, meeting running over 14:42 <cpaelzer> that is also server sadly, I do not know why this one pytohn lib is ours, but we will have a look 14:42 <didrocks> yeah, will do pipewire 14:42 <cpaelzer> np, welcome didrocks 14:42 <cpaelzer> and thanks for that 14:42 <didrocks> (still in meeting btw) 14:42 <cpaelzer> I'll take requests for the server team 14:42 <slyon> thanks! 14:44 <cpaelzer> all others have stubs or are known false positives 14:44 <cpaelzer> going on ... 14:44 <cpaelzer> #topic New MIRs 14:44 <cpaelzer> Mission: ensure to assign all incoming reviews for fast processing 14:44 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir 14:45 <cpaelzer> desktop is flooding us :-) 14:45 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/libwpe/+bug/1973031 14:45 <ubottu> Launchpad bug 1973031 in libwpe (Ubuntu) "[MIR] libwpe" [High, New] 14:45 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/wpebackend-fdo/+bug/1973033 14:45 <didrocks> yeah :p 14:45 <ubottu> Launchpad bug 1973033 in wpebackend-fdo (Ubuntu) "[MIR] wpebackend-fdo" [High, New] 14:45 <cpaelzer> both looking for volunteers 14:45 <didrocks> I can probably take one of them 14:45 <cpaelzer> I could do the lib 14:46 <cpaelzer> would you didrocks do the -fdo one? 14:46 <didrocks> ack, I will do the -fdo 14:46 <cpaelzer> assigned both 14:46 <cpaelzer> #topic Incomplete bugs / questions 14:46 <cpaelzer> Mission: Identify required actions and spread the load among the teams 14:46 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir 14:47 <cpaelzer> ok we have a few recent updates ... 14:47 <didrocks> iwd and g-t-e is waiting on desktop 14:47 <cpaelzer> vulkan and smartcards are just tracking updates 14:47 <cpaelzer> and yet to what didrocks said 14:47 <cpaelzer> btw in that context I reviewed "ell" today, that is waiting on security now 14:47 <sarnold> \o/ 14:48 <slyon> I'd like to consult the rest of the MIR team about iwd 14:48 <didrocks> see how happy sarnold is :p 14:48 <cpaelzer> let us do that in other business slyon 14:48 <slyon> ack 14:48 <cpaelzer> completing this section with 14:48 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/python-invoke/+bug/1892875 14:48 <ubottu> Launchpad bug 1892875 in python-invoke (Ubuntu) "[MIR] python-invoke" [Medium, Incomplete] 14:48 <cpaelzer> discussion going on betwen bdrung and jamespage - not really a discussion, but TL;DR no action needed atm 14:49 <cpaelzer> #topic MIR related Security Review Queue 14:49 <cpaelzer> Mission: Check on progress, do deadlines seem doable? 14:49 <cpaelzer> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir 14:49 <cpaelzer> ell (just mentioned above) has a milestone set as seb mentioned when it is needed 14:50 <cpaelzer> I'm still waiting for a milestone on vulkan-tools, but I know people are waiting on this as well 14:50 <cpaelzer> sarnold: how does progress look on your side now? 14:50 <sarnold> this last week was some yak-shaving, getting new coverity, new coverity license, installed and working on my poor old build laptop; a bug report I filed on the segfault during build was very well received :D 14:50 <cpaelzer> tracking in place, people/resources available ? 14:50 <sarnold> cpaelzer: it feels much happier now, yes 14:51 <cpaelzer> ok, let me do my groundhog day - any news for telegraf then? 14:51 <cpaelzer> it is at the top of the list, so it is the one I ask about 14:51 <sarnold> a nice visit with an old friend :D https://github.com/influxdata/telegraf/issues/11092#issuecomment-1125404409 14:51 <ubottu> Issue 11092 in influxdata/telegraf "Unchecked net.Listen() causes segfault in instrumental test" [Closed] 14:51 <cpaelzer> hehe 14:52 <sarnold> I think that's it for us 14:52 <cpaelzer> that sounds like "ongoing" then 14:52 <cpaelzer> thanks 14:52 <cpaelzer> #topic Any other business? 14:52 <cpaelzer> iwd from slyon? 14:52 <slyon> bug 1971739 14:52 <ubottu> Bug 1971739 in iwd (Ubuntu) "[MIR] iwd" [Undecided, Incomplete] https://launchpad.net/bugs/1971739 14:52 <slyon> the question is: should we require security review? 14:52 <cpaelzer> reading through it ... 14:53 <slyon> iwd runs a daemon/service as root, but it has very good isolation/security in place in its systemd .service unit 14:53 * didrocks reads too 14:53 <cpaelzer> I'd still vote for getting a review 14:53 <slyon> what is the policy, we apply here? Usually, daemon as root => security review. But IMO that was before systemd-service isolation existed 14:54 <cpaelzer> for me the question is not "is it well isolated" that is for the security team to decide. Instead it is "does this have an attack surface" -> if yes then need review 14:54 <cpaelzer> it is a simplification, but that is how I handle it most of the time 14:54 <didrocks> yeah, me too 14:54 <cpaelzer> I'm not putting all my eggs into the "systemd will keep me safe and warm" basket 14:54 <slyon> ack. I might have some bias there :D 14:54 <didrocks> heh :) 14:54 <slyon> I will be requiring security-review then 14:54 <cpaelzer> to be clear I appreciate every isolation that is used and it makes the feeling better and more likely to pass review 14:55 <cpaelzer> but it still needs one 14:55 <cpaelzer> this will follow the same deadline as ell then, setting milestone 14:55 <slyon> yes 14:56 <cpaelzer> I updated the case 14:57 <cpaelzer> anything else for "other business" ? 14:57 <sarnold> nothing from me 14:57 <didrocks> nothing for me 14:57 <slyon> nothign 14:57 <joalif> nothing 14:58 <cpaelzer> neither from me 14:58 <cpaelzer> to close this - just as expected "new cycle new fun" 14:58 <cpaelzer> thank you all! 14:59 <sarnold> thanks cpaelzer, all :) 14:59 <cpaelzer> #endmeeting