== Meeting information == * #ubuntu-meeting: Weekly Main Inclusion Requests status meeting, started by cpaelzer, 19 Nov at 15:31 — 15:52 UTC. * Full logs at https://ubottu.com/meetingology/logs/ubuntu-meeting/2024/ubuntu-meeting.2024-11-19-15.31.log.html == Meeting summary == === current component mismatches === Discussion started by cpaelzer at 15:31. * ''LINK:'' https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg (cpaelzer, 15:31) * ''LINK:'' https://people.canonical.com/~ubuntu-archive/component-mismatches.svg (cpaelzer, 15:31) * ''LINK:'' https://bugs.launchpad.net/ubuntu/+source/jemalloc/+bug/2088056 (cpaelzer, 15:33) === New MIRs === Discussion started by cpaelzer at 15:37. * ''LINK:'' https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir (cpaelzer, 15:37) * ''LINK:'' https://bugs.launchpad.net/ubuntu/+source/node-undici/+bug/2080872 (cpaelzer, 15:37) === Incomplete bugs / questions === Discussion started by cpaelzer at 15:42. * ''LINK:'' https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir (cpaelzer, 15:42) === Process/Documentation improvements === Discussion started by cpaelzer at 15:46. * ''LINK:'' https://github.com/canonical/ubuntu-mir/pulls (cpaelzer, 15:46) * ''LINK:'' https://github.com/canonical/ubuntu-mir/issues (cpaelzer, 15:46) === MIR related Security Review Queue === Discussion started by cpaelzer at 15:47. * ''LINK:'' https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir (cpaelzer, 15:47) * ''LINK:'' https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=[MIR]&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir (cpaelzer, 15:47) * ''LINK:'' https://warthogs.atlassian.net/jira/software/c/projects/SEC/boards/594 (cpaelzer, 15:47) === Any other business? === Discussion started by cpaelzer at 15:49. == People present (lines said) == * cpaelzer (91) * sarnold (18) * slyon (16) * jamespage (3) * meetingology (2) == Full log == 15:31 #startmeeting Weekly Main Inclusion Requests status 15:31 Meeting started at 15:31:19 UTC. The chair is cpaelzer. Information about MeetBot at https://wiki.ubuntu.com/meetingology 15:31 Available commands: action, commands, idea, info, link, nick 15:31 Ping for MIR meeting - didrocks joalif slyon sarnold cpaelzer jamespage ( eslerm dviererbe ) 15:31 thanks you all for driving some meetings I missed :-/ 15:31 #topic current component mismatches 15:31 Mission: Identify required actions and spread the load among the teams 15:31 #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg 15:31 #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg 15:32 good morning 15:32 hrm, I created a stub for jemalloc 15:32 why is that not shown ... 15:33 https://bugs.launchpad.net/ubuntu/+source/jemalloc/+bug/2088056 15:33 anyway - assume server knows and will handle it 15:33 missing subsriber.. 15:33 right, it was too incomplete but otherwise it indeed doe not pull it 15:33 thanks sarnold 15:34 I saw an agreement between desktop/foundations on architecture-propoerties 15:34 not me, i'm barely awake :) 15:34 which leaves two new blocks 15:34 tell me if you handled them last time 15:34 cpaelzer: yes, architecture-properties only needs an AA for the promotion 15:34 slyon: ok, I can deal with that tomorrow 15:34 thx 15:35 There is python-osprofiler leading to a lot - has that been discussed? 15:35 on my TODO list from last week 15:35 it is ok to live there 15:35 is highway also only waiting for an AA 15:35 checkign ... 15:35 cpaelzer: not yet 15:35 it's only useful if jpeg-xl also goes in 15:36 waiting got xl 15:36 well, it's basically ready, but we need jpeg-xl first 15:36 ok 15:36 and scrolling to the right 15:36 python-pint -> flexcache/flexparser 15:36 jamespage: also on your list, or is this something else? 15:36 iirc also jamespage, also known 15:36 it is 15:36 ok 15:36 nothing really new we need to deal with then 15:36 \o/ 15:37 #topic New MIRs 15:37 Mission: ensure to assign all incoming reviews for fast processing 15:37 #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir 15:37 https://bugs.launchpad.net/ubuntu/+source/node-undici/+bug/2080872 15:37 yeah... the http-parser replacement 15:37 I'd love some security team input on that one. Debian switched back to legacy/deprecated http-parser for now 15:38 But we should still come up with a decision, so we're prepared to drop http-parser sooner rather than later. 15:39 we could wait for some proper llhttp packaging to happen (there's now a Debian bug report about it), or use the vendored llhttp by libgit2 upstream for the time being 15:39 (if approved by security) 15:39 so the proposal is using the vendored one until it available on its own? 15:39 yes, that would be my proposal 15:40 I think we need to assign https://bugs.launchpad.net/ubuntu/+source/libgit2/+bug/2080872 back to security unless sarnold wants to answer that right away 15:40 good idea 15:40 sarnold: what do you think, able to answer right away or taking some time to do that right and assigning ubuntu-security? 15:40 I'll answer now 15:41 thank you 15:41 thx! 15:41 do you do so on the bug or here (in which case we copy and paste it to the bug) :-) 15:42 let us assume on the bug :-) 15:42 #topic Incomplete bugs / questions 15:42 Mission: Identify required actions and spread the load among the teams 15:42 #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir 15:42 the two flexes as part of pint as discussed before 15:42 but a few more 15:43 on bug 2058192 the creation of isolation features continues 15:43 on bug 2015538 there is hope for a new tool, up to foundations to find time I guess slyon? 15:44 bug 2054480 got an MP linked 15:44 great, happy to see that coming 15:44 yeah... unclear who is driving the dbus-broker thing at the moment. Last it was the desktop team 15:44 thanks waveform for working on this 15:45 OK slyon, I was only assuming as it was your comment - but indeed it used to be desktop before 15:45 didrocks isn't around or he could just poke for opinions internally, maybe jbicha ^^? 15:45 right, we discussed it during foundations triage, without specific action items, though 15:46 bug 2087937 was fixed by downgrading the dependency 15:46 bug 2071717 still is worked on by industrial people 15:46 ok, all in incomplete is in better state than we could hope for 15:46 #topic Process/Documentation improvements 15:46 Mission: Review pending process/documentation pull-requests or issues 15:46 #link https://github.com/canonical/ubuntu-mir/pulls 15:46 #link https://github.com/canonical/ubuntu-mir/issues 15:47 I've made about 10 minutes of progress on #70 but then reality caught up :-/ 15:47 nothing else that is new 15:47 70 = https://github.com/canonical/ubuntu-mir/issues/70 15:47 #topic MIR related Security Review Queue 15:47 Mission: Check on progress, do deadlines seem doable? 15:47 Some clients can only work with one, some with the other escaping - the URLs point to the same place. 15:47 #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir 15:47 #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=[MIR]&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir 15:47 Internal link 15:47 - ensure your teams items are prioritized among each other as you'd expect 15:47 - ensure community requests do not get stomped by teams calling for favors too much 15:47 #link https://warthogs.atlassian.net/jira/software/c/projects/SEC/boards/594 15:48 we see the formerly mentioned jpeg-xl and a few ohers 15:48 sarnold: I'm happy to see new faces as assigned 15:48 is training more going well? 15:49 alas, I'm the bottleneck there, I still need to make progress on pushing better documentation and tooling over the finish line 15:49 :-) 15:49 but i'm very happy to see enthusiasm and interest from folks 15:49 \o/ 15:49 glad to hear that 15:49 I just hope that we have easier cases than jpeg-xl and provd for first reviews :) 15:49 AFAICS there is not much more in these queues today 15:49 agreed 15:49 jamespage: will provide some easy python libs soon 15:49 #topic Any other business? 15:50 oh yeah, those are likely ideal :) 15:50 I'm on PTO next week, I'll miss next week's meeting 15:50 have a nice break :) 15:50 and only a few days in the year after that 15:50 thanks :D 15:50 enjoy it sarnold 15:50 I should have resolved my conflicts that have held me back the recent weeks 15:50 (US federal holiday means many of your colleagues will be out some of the week) 15:50 until end of year shutdown my availability here should be better 15:51 indeed, thanks giving free infrastructure time to us in EMEA 15:51 :D 15:51 ok then party people, that seems to be it for today 15:51 any last words? 15:51 just so long as nobody breaks the holiday sales, hehe 15:51 hehe 15:52 famous last words - if you want a great random password, do not use "J%FV\E1,[@k!" 15:52 bye 15:52 lol 15:52 haha! 15:52 thanks all! o/ 15:52 thanks cpaelzer, all 15:52 there is no magic, came out of pwgen, but now it is in IRC logs messing up the AI overlords 15:52 #endmeeting Generated by MeetBot 0.4.0 (https://wiki.ubuntu.com/meetingology)