#ubuntu-meeting log

14:31 <cpaelzer> #startmeeting Weekly Main Inclusion Requests status
14:31 <meetingology> Meeting started at 14:31:20 UTC.  The chair is cpaelzer.  Information about MeetBot at https://wiki.ubuntu.com/meetingology
14:31 <meetingology> Available commands: action, commands, idea, info, link, nick
14:31 <cpaelzer> Ping for MIR meeting - didrocks joalif slyon sarnold cpaelzer jamespage ( eslerm dviererbe )
14:31 <cpaelzer> #topic current component mismatches
14:31 <cpaelzer> Mission: Identify required actions and spread the load among the teams
14:31 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg
14:31 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg
14:31 <cpaelzer> 3 new sets
14:31 <cpaelzer> and a bunch of known ones
14:32 <slyon> o/
14:32 <cpaelzer> usidks2 -> exfatprogs
14:32 <cpaelzer> Desktop needs to think about what they want
14:32 <cpaelzer> jbicha: are you around and could make that happen?
14:32 <cpaelzer> rustc-1.76 -> fonts-open-sand/highlight.js
14:32 <cpaelzer> you might say it is foundations
14:32 <cpaelzer> but this smells
14:33 <cpaelzer> like a -doc package
14:33 <cpaelzer> that was forgotten to be added to auto-exclude
14:33 <slyon> https://git.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/+git/ubuntu/commit/?id=b278dfbe5072555b101b23f64100b88619109d4f
14:33 <didrocks> not the first time from rustc IIRC, and yes, that was the -doc package
14:33 <cpaelzer> hehe :-) like this
14:33 <slyon> we might need to demote rust-1.76-doc, though
14:33 <slyon> not sure if the seed change is enough
14:33 <cpaelzer> IIRC if nothing holds it it would be auto-demoted
14:33 <slyon> ok. let's wait and see
14:34 <cpaelzer> otherwise let me know
14:34 <slyon> ack
14:34 <cpaelzer> next is curl -> nghttp3 / ngtcp2
14:34 <slyon> https://launchpad.net/ubuntu/+source/curl/8.8.0-3ubuntu3
14:34 <slyon> we are dropping this.
14:34 <cpaelzer> wow - did we reach http3, I'm so outdated
14:34 <cpaelzer> ok, already resolved
14:34 <cpaelzer> thanks
14:34 <slyon> I discussed it with foundations this morning. We might re-enable http3 at some point in the future (once it lands in OpenSSL)
14:34 <cpaelzer> going on
14:34 <cpaelzer> #topic New MIRs
14:35 <cpaelzer> Mission: ensure to assign all incoming reviews for fast processing
14:35 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir
14:35 <cpaelzer> empty
14:35 <cpaelzer> \o/
14:35 <didrocks> weird at this point of the cycle
14:35 <didrocks> I’m fearing August now :)
14:35 <sarnold> so weird
14:35 <cpaelzer> Some reviews of last week have been handed out last week
14:35 <cpaelzer> some concluded, some still ongogin AFAICS
14:35 <cpaelzer> so it isn't that there is nothing going on
14:35 <cpaelzer> #topic Incomplete bugs / questions
14:35 <cpaelzer> Mission: Identify required actions and spread the load among the teams
14:35 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir
14:35 <slyon> jbicha: FYI bug #2071396 is looking mostly good, but we'd want to have the most recent version v0.2.0
14:36 <cpaelzer> thanks jbicha, waiting for you to call it ready
14:36 <slyon> sarnold: I wasn't sure if we need security review on this ^
14:36 <cpaelzer> also https://bugs.launchpad.net/ubuntu/+source/highway/+bug/2070807 is known but not yet ready
14:36 <slyon> see comment #0
14:37 <cpaelzer> sarnold: it parses media files, that needs security
14:37 <slyon> I decieded we don't need security update, as they are mostly parsing EDID data from trusted sources (kernel)
14:37 <cpaelzer> oh is that all they do ...
14:37 <cpaelzer> reading more ...
14:37 <sarnold> slyon: yeah, I'm also not sure .. I think I'd expect the kernel to just hand over raw blobs without inspection.. but if they've already got fuzzing in place, that's very impressive, and our capacity issues this cycle suggests that we ought to try to steer things away from us where it makes sense
14:37 <slyon> yeah mostly sysfs data
14:38 <didrocks> yeah, I would say from the comment as it’s only sysfs info, it shouldn’t need?
14:38 <didrocks> and yeah fuzzing <3
14:38 <cpaelzer> oh you are on libdisplay-info still
14:38 <didrocks> yeah, sorry cpaelzer :)
14:38 <sarnold> yeah, I type so slow, heh
14:38 <cpaelzer> I was on the src:highway already
14:38 <slyon> Right, they have fuzzing in place for their parser. Seems solid overall.
14:39 <slyon> I think we can stay with no security review
14:39 <didrocks> that’s why you are managing people, ahead of us :p
14:39 <cpaelzer> that src:highway I expect needing a security review once it is ready in general
14:39 <sarnold> :D
14:39 <sarnold> yes, highway feels like it needs security review, jpegs are reachable via more than "plug in a device" :)
14:39 <cpaelzer> although, it is just "Efficient and performance-portable SIMD wrapper "
14:39 <cpaelzer> so it does not know it deals with image files
14:40 <sarnold> heh
14:40 <cpaelzer> up to you to decide once it is ready
14:40 <cpaelzer> but still, uncontrolled source usually means better have a look to be safe
14:40 <cpaelzer> going on here ...
14:40 <cpaelzer> #topic Process/Documentation improvements
14:40 <cpaelzer> Mission: Review pending process/documentation pull-requests or issues
14:40 <cpaelzer> #link https://github.com/canonical/ubuntu-mir/pulls
14:40 <cpaelzer> #link https://github.com/canonical/ubuntu-mir/issues
14:40 <cpaelzer> cleaned of all but the long waiting cases
14:40 <cpaelzer> and those got an update why they are stuck
14:41 <cpaelzer> #topic MIR related Security Review Queue
14:41 <cpaelzer> Mission: Check on progress, do deadlines seem doable?
14:41 <cpaelzer> Some clients can only work with one, some with the other escaping - the URLs point to the same place.
14:41 <cpaelzer> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir
14:41 <cpaelzer> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=[MIR]&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir
14:41 <cpaelzer> Internal link
14:41 <cpaelzer> - ensure your teams items are prioritized among each other as you'd expect
14:41 <cpaelzer> - ensure community requests do not get stomped by teams calling for favors too much
14:41 <cpaelzer> #link https://warthogs.atlassian.net/jira/software/c/projects/SEC/boards/594
14:41 <sarnold> "restart to keep using firefox" sheesh
14:42 <sarnold> alas, no progress in the last week, and given my interview schedule this week, unlikely any progress this week, either :(
14:42 <sarnold> our director is keenly aware of our capacity problems
14:43 <sarnold> hiring and onboarding new people takes immense time .. so .. this might be a repeating story for a while.
14:43 <cpaelzer> "our director is keenly aware of our capacity problems" is what we wanted to hear
14:43 <cpaelzer> thanks
14:43 <cpaelzer> #topic Any other business?
14:44 <sarnold> his advice was to get in the most important pieces early
14:44 <didrocks> nothing for me
14:44 <slyon> nothing here
14:44 <sarnold> nothing here
14:44 <cpaelzer> I know there will be a big MIR not yet in the queue soon
14:44 <jbicha> .
14:44 <cpaelzer> to satisfy sarnold missing more activity
14:45 <didrocks> lucky him :)
14:45 <sarnold> oh boy oh boy! just like old times :)
14:45 <jbicha> except for highway needing an autopkgtest, I consider it ready for review. Sorry I didn't get to that last week
14:45 <cpaelzer> about a package new to the archive and aiming to go to main in all releases soon
14:45 <cpaelzer> something hwlib from the cert team, but it was not yet ready for review today
14:45 <cpaelzer> but FYI for now
14:46 <sarnold> new toys!
14:46 <cpaelzer> yep
14:46 <cpaelzer> ok, all looks good
14:47 <cpaelzer> and jbicha, no need to excuse. You know it is needed and you prep it right away - that is good and nothing to excuse :-)
14:47 <cpaelzer> ok, with that I think we can close for today
14:47 <slyon> thanks cpaelzer, all!
14:47 <sarnold> thanks cpaelzer, all :)
14:47 <didrocks> thanks you all!
14:48 <cpaelzer> https://oeis.org/A000332
14:48 <cpaelzer> 35
14:48 <cpaelzer> 15
14:48 <cpaelzer> 5
14:48 <cpaelzer> 1
14:48 <cpaelzer> 0
14:48 <cpaelzer> 0
14:48 <cpaelzer> 0
14:48 <cpaelzer> 0
14:48 <cpaelzer> #endmeeting