#ubuntu-meeting log

14:33 <didrocks> #startmeeting Weekly Main Inclusion Requests status
14:33 <meetingology> Meeting started at 14:33:11 UTC.  The chair is didrocks.  Information about MeetBot at https://wiki.ubuntu.com/meetingology
14:33 <didrocks> Ping for MIR meeting - didrocks joalif slyon sarnold cpaelzer jamespage
14:33 <meetingology> Available commands: action, commands, idea, info, link, nick
14:33 <didrocks> #topic current component mismatches
14:33 <didrocks> Mission: Identify required actions and spread the load among the teams
14:33 <didrocks> #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg
14:33 <didrocks> #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg
14:33 <didrocks> nothing new apparently
14:33 <didrocks> #topic New MIRs
14:33 <didrocks> Mission: ensure to assign all incoming reviews for fast processing
14:33 <didrocks> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir
14:34 <didrocks> ah, libssh2 as been added :)
14:34 <didrocks> it was a missing dep of libgit2 I think
14:34 <didrocks> any taker? I’m unsure to have time for this this week
14:34 <joalif> i can take it
14:35 <didrocks> \o/
14:35 <didrocks> thanks! I think there will be some fun discussion on libssh vs libssh2 and the security gods are looking :)
14:35 <didrocks> The other is MIR licheerv-rtl8723ds-dkms
14:36 <didrocks> this one seems to come back to the discussion of "drivers/tests"
14:36 <didrocks> I’m happy to have a first look, but I think we should really discuss what to do with those in the QA team
14:37 <didrocks> ok, let’s move to incomplete bugs
14:37 <didrocks> #topic Incomplete bugs / questions
14:37 <didrocks> Mission: Identify required actions and spread the load among the teams
14:37 <didrocks> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir
14:38 <joalif> re http-parser shall we discuss it now or later ?
14:38 <didrocks> we can now
14:38 <joalif> so apart from the upstream project being unmaintained
14:39 <joalif> the package is ok
14:39 <joalif> foundations say they are ok to take over
14:39 <joalif> and also debian is actively maintaining it
14:39 <joalif> so do we say ack or nack ?
14:40 <didrocks> I would then say ack under those circumstances, sanoard, what would you be your vote?
14:40 <sarnold> if we kicked out everything that was unsupported upstream it'd be a vastly smaller distro, but there's no denying that http parsers don't feel like the right place to be orphaned :(
14:41 <didrocks> yep…
14:41 <sarnold> if foundations is really onboard with maintenance as it comes up, that's probably good, but I want to make sure foundations understands that it might be some really heavy lifting, in addition to the far more likely case of nothing needed at all
14:42 <didrocks> I think you can make those points during the security review :)
14:42 <sarnold> trust me, I will :D
14:42 <joalif> I haven't assigned it yet to security, shall I then ?
14:43 <didrocks> I think you are good to go
14:43 <sarnold> has it been upgraded to the latest upstream version yet?
14:43 <didrocks> all my requirements are not answered though. schopin, do you plan on answering the other required TODOs?
14:43 <didrocks> (I would prefer avoiding another ping/pong on the bug)
14:43 <sarnold> oh, or was that for libgit2 only?
14:43 <didrocks> joalif was talking about http-parser
14:43 <schopin> didrocks: IIRC the remaining TODO was better test coverage?
14:44 <schopin> wait, are we talking about libgit2 or http-parser?
14:44 <didrocks> http-parser is ack
14:45 <didrocks> schopin: we are missing on libgit2 an answer for the autopkgtests requirements and also, if possible, the warnings issue as recommended TODO
14:45 <didrocks> (I don’t think we write the recommended TODOs for them just being fully ignored :p)
14:45 <schopin> warnings are adressed in latest upload, still stuck in unapproved atm.
14:45 <didrocks> oh, excellent!
14:45 <schopin> I need to check a few things first before adressing the test case
14:46 <didrocks> sounds good to me
14:46 <didrocks> can we keep it as incomplete for libgit2 until this is done?
14:46 <schopin> makes sense to me
14:46 <didrocks> alright
14:47 <didrocks> moving on to you sarnold :)
14:47 <didrocks> #topic MIR related Security Review Queue
14:47 <didrocks> Mission: Check on progress, do deadlines seem doable?
14:47 <didrocks> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir
14:47 <didrocks> Internal link
14:47 <didrocks> - ensure your teams items are prioritized among each other as you'd expect
14:47 <didrocks> - ensure community requests do not get stomped by teams calling for favors too much
14:47 <didrocks> #link https://warthogs.atlassian.net/jira/software/c/projects/SEC/boards/594
14:47 <didrocks> mic is yours :p
14:48 <sarnold> it's a significantly smaller list than I expected :D much thanks to my team mates who have taken mirs this cycle; it's not down to zero, and probably can't get there in time for release, but I'm pretty happy with how things went
14:48 <sarnold> I'm hopeful that upstream for editorconfig-core will come up with some small changes to not expose user input directly to pcre2 without too much troubl
14:48 <didrocks> anything urgent/worth mentioning on the ones that will probably miss the deadline? (not blocking teams/deliverable for this cycle?)
14:48 <sarnold> but whether they'll be able to come up with something in the very short time left before release seems unlikely :(
14:49 <sarnold> nullboot and fdk-aac will probably not be started in time to make it for kinetic
14:49 <didrocks> indeeed
14:49 <didrocks> can you ensure that the MIR reporters are aware?
14:49 <sarnold> good idea, will do
14:49 <didrocks> excellent, thanks sarnold!
14:49 <didrocks> #topic Any other business?
14:49 <didrocks> (nothing for me)
14:49 <sarnold> nothing here
14:49 <joalif> nothing
14:50 <didrocks> let’s get back those 10 minutes then, thanks everyone!
14:50 <didrocks> #endmeeting