#ubuntu-meeting log

14:32 <cpaelzer> #startmeeting Weekly Main Inclusion Requests status
14:32 <meetingology> Meeting started at 14:32:48 UTC.  The chair is cpaelzer.  Information about MeetBot at https://wiki.ubuntu.com/meetingology
14:32 <meetingology> Available commands: action, commands, idea, info, link, nick
14:32 <cpaelzer> Ping for MIR meeting - didrocks joalif slyon sarnold cpaelzer jamespage ( eslerm dviererbe )
14:33 <cpaelzer> most are already here and waiting :-)
14:33 <cpaelzer> #topic current component mismatches
14:33 <cpaelzer> Mission: Identify required actions and spread the load among the teams
14:33 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg
14:33 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg
14:33 <cpaelzer> one day this will copy&paste an embarrassing buffer of mine :-)
14:33 <cpaelzer> new is kea
14:33 <cpaelzer> which is an approved MIR
14:33 <cpaelzer> and intentional
14:33 <cpaelzer> just needs to be acted on by an AA
14:33 <cpaelzer> I've done a lot in this case and own the team doing it
14:33 <cpaelzer> it felt odd to also promote
14:34 <cpaelzer> didrocks: would you think you could have a look and promote if it LGTY ?
14:34 <sarnold> we're far enough along in the process I think it's probably about time to promote yourself
14:34 <didrocks> for sure!
14:34 <sarnold> ah, if we've got another one to hand, that's fine then :)
14:34 <cpaelzer> sarnold: I could and I have done so at times, but that doesn't have to be the common pattern :-)
14:34 <cpaelzer> thanks didrocks
14:34 * didrocks will be the monkey key pusher :)
14:34 <cpaelzer> nothing else in there
14:34 <dviererbe> :D
14:34 <cpaelzer> +1 credit to didrocks
14:35 <cpaelzer> #topic New MIRs
14:35 <cpaelzer> Mission: ensure to assign all incoming reviews for fast processing
14:35 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir
14:35 <cpaelzer> as seb128 warned us last week, dbus-broker will come
14:35 <cpaelzer> and he mentioned to better do this in nearly 23.10 than late
14:35 <cpaelzer> so here it is
14:35 <slyon> I think I could do the review on dbus-broker, as I've already been involved with this in the past
14:35 <sarnold> mir open before the cycle starts, impressive :)
14:35 <cpaelzer> oh you were slyon, didn't realize that
14:35 <cpaelzer> yeah sure
14:36 <cpaelzer> thank you
14:36 <cpaelzer> assigned
14:36 <cpaelzer> sarnold: it is not a "first", all of pcs and a few more were early as well
14:36 <sarnold> cpaelzer: heh, good thing too, that was big [tm]
14:36 <cpaelzer> sarnold: and "early 23.10" is just 3-6 weeks away, so things are as urgent as always
14:37 <cpaelzer> #topic Incomplete bugs / questions
14:37 <cpaelzer> Mission: Identify required actions and spread the load among the teams
14:37 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir
14:37 <cpaelzer> one recent comment on cpdb-backend-file
14:37 <cpaelzer> ok, that is no action on us
14:38 <didrocks> yep :)
14:38 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/cpdb-libs/+bug/1747759 is on security
14:38 <cpaelzer> good for the scope of this meeting
14:38 <cpaelzer> all else is older
14:38 <cpaelzer> #topic Process/Documentation improvements
14:38 <cpaelzer> Mission: Review pending process/documentation pull-requests or issues
14:38 <cpaelzer> #link https://github.com/canonical/ubuntu-mir/pulls
14:38 <cpaelzer> #link https://github.com/canonical/ubuntu-mir/issues
14:38 <cpaelzer> we have landed a few small but helpful changes last week
14:38 <cpaelzer> one more is up
14:38 <cpaelzer> https://github.com/canonical/ubuntu-mir/pull/16
14:39 <cpaelzer> dviererbe: already commented there
14:39 <dviererbe> I think we should wait until the owner responded
14:40 <cpaelzer> ack
14:40 <cpaelzer> that is my thought as well now reading it
14:40 <cpaelzer> I'm sure seb128 will update once he has a chance to do so
14:40 <cpaelzer> generally I think we all feel +1'ish
14:40 <cpaelzer> #topic MIR related Security Review Queue
14:40 <cpaelzer> Mission: Check on progress, do deadlines seem doable?
14:40 <cpaelzer> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir
14:40 <cpaelzer> Internal link
14:40 <cpaelzer> - ensure your teams items are prioritized among each other as you'd expect
14:40 <cpaelzer> - ensure community requests do not get stomped by teams calling for favors too much
14:40 <cpaelzer> #link https://warthogs.atlassian.net/jira/software/c/projects/SEC/boards/594
14:41 <cpaelzer> I see all in the LP list also in jira
14:41 <cpaelzer> seems to normally progress
14:41 <cpaelzer> slyon: do you have context on the urgency of libheiff related things
14:41 <cpaelzer> slyon: will that be 23.10 or ... ?
14:42 <slyon> it's non-urgent and currently disabled in the packages
14:42 <slyon> but would be a nice to have to support heif/heic images (e.g. iPhone images) in libgd2
14:42 <slyon> I think it put the priorities accordingly in jira
14:43 <slyon> i.e. it should be after cargo + depends
14:43 <cpaelzer> thanks
14:43 <cpaelzer> #topic Any other business?
14:43 <joalif> i have a question
14:43 <cpaelzer> ok, we finally reach the "end of cycle calmness" phase
14:43 <cpaelzer> go joalif
14:44 <joalif> i reviewed bug 1973031 , libwpe for jammy, that got a sec review for kinetic
14:44 <joalif> do i need to assign for sec review again ?
14:44 <joalif> package is generally good
14:44 <cpaelzer> that was the "now let us also consider for jammy" case
14:45 <joalif> yup
14:45 <cpaelzer> you'd want to also have security ack that
14:45 <cpaelzer> so yes, assign them
14:45 <cpaelzer> but
14:45 <joalif> ok thanks cpaelzer
14:45 <cpaelzer> we'd not expect another full review
14:45 <joalif> ack
14:45 <eslerm> I'll followup with the previous security reviewer for libwpe
14:45 <slyon> jammy is shipping 1.12, which was also reviewed by security already..
14:45 <cpaelzer> we expect them, to check the difference back then and comment if that should still be ok (or if not what needs to be adressed)
14:45 <cpaelzer> I haven't looked
14:45 <cpaelzer> even the same packaging version ?
14:46 <slyon> "1.12.0-1 as checked into kinetic"
14:46 <slyon> yes
14:46 <slyon> so I think we should be fine...
14:46 <sarnold> in this case I expect pretty much a rubber stamp; marc was liable to use it for the next security update anyway -- if I understand corrrectly, it's the only thing upstream supports anyway
14:46 <cpaelzer> well then, I'd still want them to say yes - but sarnold can probably do that in a minute
14:46 <cpaelzer> thanks for bringing it up joalif
14:47 <cpaelzer> steps from here: 1. joalif to assign it to security 2. security giving it a glimps if that is really the same 3. ack 4. adding dependencies 5. promotion to main
14:47 <slyon> Yes.. there might be some fixes that we'd want to cherry-pick: "The bugs discovered during review were immediately fixed by the upstream project and now waiting for upstream's input on assigning CVEs to some of them."
14:47 <cpaelzer> ok, makes sense
14:48 <cpaelzer> anything else ?
14:48 <didrocks> nothing for me
14:48 <cpaelzer> not from me or server-team
14:48 <joalif> nothing else
14:48 <sarnold> nothing from me
14:48 <slyon> nothing from foundations
14:49 <cpaelzer> I have actually a heif question, but after we close the official part
14:49 <cpaelzer> #endmeeting