15:32 <cpaelzer> #startmeeting Weekly Main Inclusion Requests status
15:32 <meetingology> Meeting started at 15:32:47 UTC.  The chair is cpaelzer.  Information about MeetBot at https://wiki.ubuntu.com/meetingology
15:32 <didrocks> just in time after my IRC timed out o/
15:32 <meetingology> Available commands: action, commands, idea, info, link, nick
15:32 <cpaelzer> #topic Review of previous action items
15:33 <cpaelzer> no items other than the reviews assigned to MIR and security team
15:33 <cpaelzer> #topic current component mismatches
15:33 <cpaelzer> Mission: Identify required actions and spread the load among the teams
15:33 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg
15:33 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg
15:33 <cpaelzer> let us start with the -release report
15:33 <cpaelzer> I see updates (two weeks ago) on https://bugs.launchpad.net/ubuntu/+source/glade/+bug/1961023
15:33 <ubottu> Launchpad bug 1961023 in glade (Ubuntu) "[MIR] glade" [Undecided, Incomplete]
15:34 <cpaelzer> didrocks: seb128: does that need further action by you?
15:34 <didrocks> libhandy-1 -> glade: seb128 told me he was going to look at it (false positive, but let’s ensure)
15:34 <cpaelzer> ok, let us know if we need to memorize another false positive
15:34 <cpaelzer> nothing else new in this list
15:34 <didrocks> yeah, I want us to be sure before claiming this
15:34 <cpaelzer> going to -proposed now
15:34 <slyon> python-consul looks new to me
15:34 <cpaelzer> on https://bugs.launchpad.net/ubuntu/+source/python-cheroot/+bug/1930111
15:34 <ubottu> Launchpad bug 1930111 in cherrypy3 (Ubuntu) "[MIR] new dependencies of cherrypy3: jaraco.collections, jaraco.classes, jaraco.text, python-cheroot, python-jaraco.functools, python-tempora, python-portend, zc.lockfile" [Undecided, In Progress]
15:35 <cpaelzer> there was an update
15:35 <cpaelzer> IMHO this is in wrong state, needs to go back to openstack Team
15:35 <cpaelzer> jamespage: I'll assign you and set incomplete for your awareness
15:36 <didrocks> another update: libqmi -> libqtrglib. The dep will be dropped soon rather than MIRing, it’s an optional dep that we don’t really need now
15:36 <sarnold> yay :)
15:36 <cpaelzer> thanks didrocks, I think I have read about this somewhere
15:36 <cpaelzer> so let us ignore libqmi
15:36 <didrocks> and gnome-shell -> libhandy1, I started it but I will need more time to finish it and too much urgent things right now (still aiming before EOW)
15:37 <cpaelzer> but I hear this is on you and we should not bother about it atm
15:37 <didrocks> indeed
15:37 <cpaelzer> python-xmlschema - I have the feeling we had this for a while ...
15:37 <cpaelzer> another false positive
15:37 <cpaelzer> ?
15:38 <cpaelzer> no no alternative
15:38 <cpaelzer> python-pysaml2 -> python3-xmlschema seems legit, and by the uploader names on openstack
15:38 <cpaelzer> jamespage: ^^
15:39 <cpaelzer> bug exists and is
15:39 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/python-xmlschema/+bug/1953363
15:39 <ubottu> Launchpad bug 1953363 in python-xmlschema (Ubuntu) "[MIR] python-xmlschema, elementpath, importlib-resources" [High, New]
15:39 <cpaelzer> ok so right now this one is actually on security AFAICS
15:39 <cpaelzer> ok for me
15:39 <cpaelzer> it is flagged as 22.04 material
15:39 <cpaelzer> sarnold: can you check if this is on your list/queue ?
15:39 <cpaelzer> your teams list I should say?
15:39 <sarnold> cpaelzer: it is
15:39 <cpaelzer> good
15:40 <cpaelzer> next case then ...
15:40 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/libadwaita-1/+bug/1962568 is new but already assigned
15:40 <ubottu> Launchpad bug 1962568 in libadwaita-1 (Ubuntu) "[MIR] libadwaita-1" [Undecided, New]
15:40 <cpaelzer> didrocks:  is busy these days
15:40 <sarnold> :)
15:40 <cpaelzer> but this one us openstack and not handled yet
15:40 <didrocks> consider it in a perfect world not be in the list next week :)
15:40 <cpaelzer> https://launchpad.net/ubuntu/+source/masakari-monitors -> python-consul
15:41 <cpaelzer> jamespage: ^^
15:41 <cpaelzer> we  see the new upload held back by this
15:41 <cpaelzer> https://launchpad.net/ubuntu/+source/masakari-monitors/12.0.0+git2022030313.a89511e-0ubuntu1
15:41 <cpaelzer> coreycb: ^^ your upload
15:41 <cpaelzer> the rest in this list looks known to me
15:41 <coreycb> cpaelzer: thanks, I'll take a look
15:41 <cpaelzer> didrocks: final check on libreoffice -> epiphany?
15:42 <cpaelzer> IIRC that dep was meant to be dropped
15:42 <cpaelzer> is that task assigned to someone?
15:42 <didrocks> cpaelzer: definitively false positive
15:42 <didrocks> the alternative has firefox as first
15:42 <didrocks> which is seeded
15:42 <cpaelzer> oh ok - then just keep reminding me until I have learned
15:42 <cpaelzer> thanks in advance
15:42 <didrocks> so another one for the list :/
15:42 <cpaelzer> #topic New MIRs
15:42 <cpaelzer> Mission: ensure to assign all incoming reviews for fast processing
15:42 <slyon> we should have a deny-list at some point..
15:42 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir
15:42 <cpaelzer> slyon: yeah we all agree
15:43 <cpaelzer> the first to get to code one has is allowed to skip one review
15:43 <cpaelzer> new MIRs list is empty
15:43 <didrocks> one only? :)
15:43 <didrocks> \o/
15:43 <slyon> :)
15:43 <cpaelzer> #topic Incomplete bugs / questions
15:43 <cpaelzer> Mission: Identify required actions and spread the load among the teams
15:43 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir
15:44 <cpaelzer> sarnold: I have to go by the market, only if no one implements it for one the price increases
15:44 <sarnold> HODL HODL HODL!
15:44 <cpaelzer> we have four updates since last week in the list of incompletes
15:44 <cpaelzer> checking them one by one
15:45 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/tcmu/+bug/1854362
15:45 <ubottu> Launchpad bug 1854362 in ceph-iscsi (Ubuntu) "[MIR] ceph-iscsi, tcmu, python-configshell-fb, python-rtslib-fb, urwid, targetcli-fb" [Undecided, In Progress]
15:45 <cpaelzer> that is ok, openstack can use this now
15:45 <cpaelzer> I found it forgotten and updated the case, they are aware
15:45 <cpaelzer> to be extra sure coreycb jamespage ^^ FYI
15:45 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/libqrtr-glib/+bug/1963707
15:45 <ubottu> Launchpad bug 1963707 in libqrtr-glib (Ubuntu) "[MIR] libqrtr-glib" [Low, Incomplete]
15:45 <cpaelzer> filed by desktop, related to qmi, which we were told the dependency will be dropped
15:45 <didrocks> discussed above, the dep will be dropped as soon as seb128 has a sec
15:45 <cpaelzer> so action
15:46 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/rustc/+bug/1957932
15:46 <ubottu> Launchpad bug 1957932 in rustc (Ubuntu) "[MIR] rustc, cargo" [Critical, Incomplete]
15:46 <cpaelzer> that is documentation of what was discussed at the sprint
15:46 <cpaelzer> no action yet
15:46 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/python-cheroot/+bug/1930111
15:46 <ubottu> Launchpad bug 1930111 in cherrypy3 (Ubuntu) "[MIR] new dependencies of cherrypy3: jaraco.collections, jaraco.classes, jaraco.text, python-cheroot, python-jaraco.functools, python-tempora, python-portend, zc.lockfile" [Undecided, In Progress]
15:47 <cpaelzer> that was unblocked by security (thanks) and is back on openstack
15:47 <cpaelzer> jamespage: ^^ FYI
15:47 <cpaelzer> I have already updated the case to reflect that
15:47 <cpaelzer> #topic MIR related Security Review Queue
15:47 <cpaelzer> Mission: Check on progress, do deadlines seem doable?
15:47 <cpaelzer> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir
15:48 <sarnold> we recently finished plocate https://bugs.launchpad.net/ubuntu/+source/plocate/+bug/1960864 -- and glusterfs is in progress https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1950321 -- swtpm is also in-progress of a sort, no progress in the last few days https://bugs.launchpad.net/ubuntu/+source/swtpm/+bug/1948748
15:48 <cpaelzer> a few are left
15:48 <ubottu> Launchpad bug 1960864 in Release Notes for Ubuntu "[MIR] plocate" [Undecided, New]
15:48 <ubottu> Launchpad bug 1950321 in glusterfs (Ubuntu) "[MIR] glusterfs" [Critical, Confirmed]
15:48 <ubottu> Launchpad bug 1948748 in swtpm (Ubuntu) "[MIR] swtpm" [High, New]
15:48 <cpaelzer> yes sarnold I've seen and updated the bug
15:48 <cpaelzer> thank you
15:48 <sarnold> glusterfs sounds like it's still pretty gronky code
15:48 <cpaelzer> why isn't gluster in this list anymore ?
15:48 <sarnold> 'assigned to sbeat tie'
15:49 <cpaelzer> oh reassigned
15:49 <cpaelzer> ok
15:49 <cpaelzer> the list still shringks every week
15:49 * sbeattie is trying to get through it, but it'd help if people'd stop finding security issues in other software.
15:49 <sbeattie> it == glusterfs
15:49 <sarnold> yespls
15:49 <cpaelzer> so again thank you sarnold and sbeattie and all the reviewer you train up
15:49 <cpaelzer> sbeattie: can we stop other people finding other issues somehow?
15:50 <sarnold> we can beg people to run coverity and cppcheck and ..  :)
15:50 <cpaelzer> hehe
15:50 <cpaelzer> so to sum it up, progress is made on the security reviews, that makes people happy, we still might be able to complete all 22.04 material in time
15:50 <cpaelzer> #topic Any other business?
15:50 <slyon> https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187
15:50 <ubottu> Launchpad bug 1887187 in nftables (Ubuntu) "[MIR] nftables" [Critical, New]
15:51 <cpaelzer> right that is recent as well slyon
15:51 <slyon> joalif and myself finished the MIR review on that one today
15:51 <slyon> not sure why it didn't show up in the new MIRs queue
15:51 <sarnold> sweet
15:51 <joalif> thanks slyon again!
15:51 <slyon> basically it is back to the security team for security review and a small packaging change (missing .symbols file)
15:51 <cpaelzer> slyon: does it have required todos?
15:51 <cpaelzer> yes it has some
15:52 <cpaelzer> so I'll set incomplete
15:52 <slyon> cpaelzer: yes it does have two small required TODOs
15:52 <cpaelzer> then it would have shown
15:52 <slyon> thank you
15:52 <cpaelzer> And this is on security twice now - for review and for driving the case (IIUC)
15:52 <slyon> exactly
15:52 <sarnold> *very* secure
15:52 <slyon> hehe
15:53 <sbeattie> https://github.com/cpaelzer/ubuntu-mir/pull/9
15:53 <ubottu> Pull 9 in cpaelzer/ubuntu-mir "RFC: ensure package built in most recent archive test rebuild" [Open]
15:53 <cpaelzer> I updated https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187
15:53 <ubottu> Launchpad bug 1887187 in nftables (Ubuntu) "[MIR] nftables" [Critical, Incomplete]
15:53 <cpaelzer> let us look at the PR
15:53 <cpaelzer> sorry for bug handling not being present sbeattie
15:53 <cpaelzer> reading the case
15:53 <sbeattie> no problem
15:54 <cpaelzer> I'd plus one this suggestion
15:55 <cpaelzer> could we vote on this please, if we are overall +1 I can add it right away
15:55 <sarnold> +1
15:55 <cpaelzer> +1
15:55 <slyon> +1, maybe we could suggest doing a local build, too?
15:55 <sbeattie> I'd like to avoid the issue found in the python-cheroot security review, feel free to wordsmith, bikeshed, etc.
15:55 <didrocks> +1 as well
15:55 <joalif> +1
15:56 <slyon> like running sbuild on the package locally. This would be even newer than the latest archive rebuild
15:56 <cpaelzer> slyon: I can add that as C
15:56 <cpaelzer> that or a proposed PPA rebuild
15:56 <cpaelzer> this suggestion is better than nothing, wordsmithing can happen if this ever is a pain to someone
15:56 <cpaelzer> I'd add it right now
15:56 <slyon> cpaelzer: that'd be nice
15:56 <cpaelzer> that seems to be all we have
15:57 <sbeattie> thanks!
15:57 <cpaelzer> ok closing then
15:57 <cpaelzer> #endmeeting