15:30 <slyon> #startmeeting Weekly Main Inclusion Requests status 15:30 <meetingology> Meeting started at 15:30:34 UTC. The chair is slyon. Information about MeetBot at https://wiki.ubuntu.com/meetingology 15:30 <meetingology> Available commands: action, commands, idea, info, link, nick 15:30 <slyon> Ping for MIR meeting - didrocks joalif slyon sarnold cpaelzer jamespage ( eslerm dviererbe ) 15:30 <slyon> #topic current component mismatches 15:30 <slyon> Mission: Identify required actions and spread the load among the teams 15:30 <slyon> #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg 15:30 <slyon> #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg 15:30 <joalif> o/ 15:31 <sarnold> good morning 15:32 <slyon> for c-m: We got trace-cmd seeded while the MIR is not yet fully ready. But It's beeing worked on. I linked the most recent MIRs for libtraceevent and libtracefs this morning 15:32 <slyon> libtraceevent is making some progress (patch adding tests needs review & sponsoring), libtracefs is stuck currently reaching out for help from the Foundations system squad 15:33 <slyon> c-m-proposed: we have a bunch of new stuff in here.. 15:33 <slyon> gst-plugins-good1.0 and roc-toolkit are desktop-packages. So I'd like to ask didrocks to investigate those (later on) 15:34 <slyon> jaraco.text and python-openstacksdk are ubuntu-openstack packages, for jamespage to look into. 15:34 <slyon> Everything else seems known/explained 15:34 <jamespage> will look 15:34 <slyon> thx! 15:34 <slyon> #topic New MIRs 15:34 <slyon> Mission: ensure to assign all incoming reviews for fast processing 15:34 <slyon> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir 15:35 <slyon> bug #2056099 15:35 <slyon> was this discussed last week? (I wasn't here) 15:36 <slyon> looks like foundations agreed to own the package. So it could go through MIR review. 15:36 <sarnold> I think last week we decided to see if foundations would accept it 15:36 <ahresse_> Hello, this has been discussed last year and a owner was missing but foundation is actually willing to take it. 15:36 <sarnold> and the last comment suggests that they have :) 15:36 <ahresse_> last week* 15:36 <slyon> do we have any volunteers? (I'd like to abstain, as this will be foundations owned) 15:36 <slyon> joalif or cpaelzer maybe? 15:37 <joalif> slyon: I can take it 15:37 <slyon> thank you! 15:37 <slyon> assigned. 15:37 <slyon> #topic Incomplete bugs / questions 15:37 <slyon> Mission: Identify required actions and spread the load among the teams 15:37 <slyon> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir 15:39 <slyon> there are two *trace* updates (bug #2051916 & bug #2051925) that I explained earlier. Nothing actionable for the MIR team, yet. 15:39 <slyon> Finally, bug #2054480 15:39 * slyon reading... 15:40 <slyon> MIR reviewer asked for additional/improved testing. Upstream developers are involved. So this is correctly set to "Incomplete" and back to the reporter for now until resolved. 15:40 <slyon> Nothing to do for us 15:41 <slyon> #topic Process/Documentation improvements 15:41 <slyon> Mission: Review pending process/documentation pull-requests or issues 15:41 <slyon> #link https://github.com/canonical/ubuntu-mir/pulls 15:41 <slyon> #link https://github.com/canonical/ubuntu-mir/issues 15:42 <slyon> https://github.com/canonical/ubuntu-mir/issues/52 which is related to the `tree` MIR above 15:42 <slyon> being addressed via https://github.com/canonical/ubuntu-mir/pull/53 15:43 <slyon> let's put our +1 or suggestions for improvement on GitHub, so paelzer can mere once ready 15:43 <slyon> merge* 15:44 <slyon> Then we have eslerm's https://github.com/canonical/ubuntu-mir/issues/51 15:45 <slyon> consensus seems to be adding per-package hacks in debian/rules to delete unnecessary vendored crates. Which was my understanding, too. 15:46 <slyon> This is not nice, but probably better than shipping (and reviewing) lots of unused code. 15:46 <slyon> I brought the cause up with the Foundations toolchaing squad. They are currently busy, so we should not expect a centralized solution soon. I'll try to push it for next cycle's roadmap, though. 15:47 <slyon> so I guess that it's mostly for didrocks to look into fixing/cleaning up his package manually 15:47 <slyon> #topic MIR related Security Review Queue 15:47 <slyon> Mission: Check on progress, do deadlines seem doable? 15:47 <slyon> Some clients can only work with one, some with the other escaping - the URLs point to the same place. 15:47 <slyon> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir 15:47 <slyon> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=[MIR]&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir 15:47 <slyon> Internal link 15:47 <slyon> #link https://warthogs.atlassian.net/jira/software/c/projects/SEC/boards/594 15:47 <slyon> sarnold: what's the security-team's status? 15:49 <slyon> bug #2055434 looks like it needs a `sec-*` tag 15:49 <sarnold> slyon: I belivee that we're still doing alright, but some departures from the team may impact our velocity if we have late additions in the cycle 15:50 <slyon> The number of new MIRs has been relatively low (or rather balanced before feature freeze) this cycle. Let's hope it stays this way and we don't get a lot of late additions. 15:50 <sarnold> there we go, https://warthogs.atlassian.net/browse/SEC-3971 15:50 <slyon> sweet thanks! 15:51 <slyon> #topic Any other business? 15:51 <sarnold> yeah, it's felt very calm .. a little too calm .. *harmonica music* 15:51 <joalif> sarnold: wrt https://warthogs.atlassian.net/browse/SEC-3971 it may not need a sec review after all 15:51 <sarnold> none here (well, I've got a very small nagging feeling that I've forgotten something. sigh. but if I can't remember it now...) 15:53 <slyon> joalif: that's because it's not a root daemon? 15:53 <sarnold> joalif: it sounded a bit like it's got a root daemon and a client of some sort, but I couldn't quickly tell if non-root was supposed to be able to use it, etc .. 15:53 <sarnold> if non-root processes are communicating with a root daemon as part of the task, then it's probably worth a quick look 15:54 <joalif> well it's not a deamon, and th i spent quite some time if this needs a sec review and decided to play on safe side and put it for sec review 15:55 <joalif> ok lemme discuss it with waveform on the bug and if need be i'll remove it from sec review 15:55 <slyon> thanks joalif! 15:55 <sarnold> nice, thanks :) 15:56 <slyon> If nothing else, that's all for today. 15:56 <joalif> nothing else from me 15:56 <slyon> thanks all! 15:56 <slyon> #endmeeting