[15:30] good morning [15:30] o/ [15:30] o/ [15:30] o/ [15:31] just a sec [15:32] now I'm ready [15:32] sorry for the delay [15:32] #startmeeting Weekly Main Inclusion Requests status [15:32] Meeting started at 15:32:47 UTC. The chair is cpaelzer. Information about MeetBot at https://wiki.ubuntu.com/meetingology [15:32] just in time after my IRC timed out o/ [15:32] Available commands: action, commands, idea, info, link, nick [15:32] #topic Review of previous action items [15:33] no items other than the reviews assigned to MIR and security team [15:33] #topic current component mismatches [15:33] Mission: Identify required actions and spread the load among the teams [15:33] #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg [15:33] #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg [15:33] let us start with the -release report [15:33] I see updates (two weeks ago) on https://bugs.launchpad.net/ubuntu/+source/glade/+bug/1961023 [15:33] Launchpad bug 1961023 in glade (Ubuntu) "[MIR] glade" [Undecided, Incomplete] [15:34] didrocks: seb128: does that need further action by you? [15:34] libhandy-1 -> glade: seb128 told me he was going to look at it (false positive, but let’s ensure) [15:34] ok, let us know if we need to memorize another false positive [15:34] nothing else new in this list [15:34] yeah, I want us to be sure before claiming this [15:34] going to -proposed now [15:34] python-consul looks new to me [15:34] on https://bugs.launchpad.net/ubuntu/+source/python-cheroot/+bug/1930111 [15:34] Launchpad bug 1930111 in cherrypy3 (Ubuntu) "[MIR] new dependencies of cherrypy3: jaraco.collections, jaraco.classes, jaraco.text, python-cheroot, python-jaraco.functools, python-tempora, python-portend, zc.lockfile" [Undecided, In Progress] [15:35] there was an update [15:35] IMHO this is in wrong state, needs to go back to openstack Team [15:35] jamespage: I'll assign you and set incomplete for your awareness [15:36] another update: libqmi -> libqtrglib. The dep will be dropped soon rather than MIRing, it’s an optional dep that we don’t really need now [15:36] yay :) [15:36] thanks didrocks, I think I have read about this somewhere [15:36] so let us ignore libqmi [15:36] and gnome-shell -> libhandy1, I started it but I will need more time to finish it and too much urgent things right now (still aiming before EOW) [15:37] but I hear this is on you and we should not bother about it atm [15:37] indeed [15:37] python-xmlschema - I have the feeling we had this for a while ... [15:37] another false positive [15:37] ? [15:38] no no alternative [15:38] python-pysaml2 -> python3-xmlschema seems legit, and by the uploader names on openstack [15:38] jamespage: ^^ [15:39] bug exists and is [15:39] https://bugs.launchpad.net/ubuntu/+source/python-xmlschema/+bug/1953363 [15:39] Launchpad bug 1953363 in python-xmlschema (Ubuntu) "[MIR] python-xmlschema, elementpath, importlib-resources" [High, New] [15:39] ok so right now this one is actually on security AFAICS [15:39] ok for me [15:39] it is flagged as 22.04 material [15:39] sarnold: can you check if this is on your list/queue ? [15:39] your teams list I should say? [15:39] cpaelzer: it is [15:39] good [15:40] next case then ... [15:40] https://bugs.launchpad.net/ubuntu/+source/libadwaita-1/+bug/1962568 is new but already assigned [15:40] Launchpad bug 1962568 in libadwaita-1 (Ubuntu) "[MIR] libadwaita-1" [Undecided, New] [15:40] didrocks: is busy these days [15:40] :) [15:40] but this one us openstack and not handled yet [15:40] consider it in a perfect world not be in the list next week :) [15:40] https://launchpad.net/ubuntu/+source/masakari-monitors -> python-consul [15:41] jamespage: ^^ [15:41] we see the new upload held back by this [15:41] https://launchpad.net/ubuntu/+source/masakari-monitors/12.0.0+git2022030313.a89511e-0ubuntu1 [15:41] coreycb: ^^ your upload [15:41] the rest in this list looks known to me [15:41] cpaelzer: thanks, I'll take a look [15:41] didrocks: final check on libreoffice -> epiphany? [15:42] IIRC that dep was meant to be dropped [15:42] is that task assigned to someone? [15:42] cpaelzer: definitively false positive [15:42] the alternative has firefox as first [15:42] which is seeded [15:42] oh ok - then just keep reminding me until I have learned [15:42] thanks in advance [15:42] so another one for the list :/ [15:42] #topic New MIRs [15:42] Mission: ensure to assign all incoming reviews for fast processing [15:42] we should have a deny-list at some point.. [15:42] #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir [15:42] slyon: yeah we all agree [15:43] the first to get to code one has is allowed to skip one review [15:43] new MIRs list is empty [15:43] one only? :) [15:43] \o/ [15:43] :) [15:43] #topic Incomplete bugs / questions [15:43] Mission: Identify required actions and spread the load among the teams [15:43] #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir [15:44] sarnold: I have to go by the market, only if no one implements it for one the price increases [15:44] HODL HODL HODL! [15:44] we have four updates since last week in the list of incompletes [15:44] checking them one by one [15:45] https://bugs.launchpad.net/ubuntu/+source/tcmu/+bug/1854362 [15:45] Launchpad bug 1854362 in ceph-iscsi (Ubuntu) "[MIR] ceph-iscsi, tcmu, python-configshell-fb, python-rtslib-fb, urwid, targetcli-fb" [Undecided, In Progress] [15:45] that is ok, openstack can use this now [15:45] I found it forgotten and updated the case, they are aware [15:45] to be extra sure coreycb jamespage ^^ FYI [15:45] https://bugs.launchpad.net/ubuntu/+source/libqrtr-glib/+bug/1963707 [15:45] Launchpad bug 1963707 in libqrtr-glib (Ubuntu) "[MIR] libqrtr-glib" [Low, Incomplete] [15:45] filed by desktop, related to qmi, which we were told the dependency will be dropped [15:45] discussed above, the dep will be dropped as soon as seb128 has a sec [15:45] so action [15:46] https://bugs.launchpad.net/ubuntu/+source/rustc/+bug/1957932 [15:46] Launchpad bug 1957932 in rustc (Ubuntu) "[MIR] rustc, cargo" [Critical, Incomplete] [15:46] that is documentation of what was discussed at the sprint [15:46] no action yet [15:46] https://bugs.launchpad.net/ubuntu/+source/python-cheroot/+bug/1930111 [15:46] Launchpad bug 1930111 in cherrypy3 (Ubuntu) "[MIR] new dependencies of cherrypy3: jaraco.collections, jaraco.classes, jaraco.text, python-cheroot, python-jaraco.functools, python-tempora, python-portend, zc.lockfile" [Undecided, In Progress] [15:47] that was unblocked by security (thanks) and is back on openstack [15:47] jamespage: ^^ FYI [15:47] I have already updated the case to reflect that [15:47] #topic MIR related Security Review Queue [15:47] Mission: Check on progress, do deadlines seem doable? [15:47] #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir [15:48] we recently finished plocate https://bugs.launchpad.net/ubuntu/+source/plocate/+bug/1960864 -- and glusterfs is in progress https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1950321 -- swtpm is also in-progress of a sort, no progress in the last few days https://bugs.launchpad.net/ubuntu/+source/swtpm/+bug/1948748 [15:48] a few are left [15:48] Launchpad bug 1960864 in Release Notes for Ubuntu "[MIR] plocate" [Undecided, New] [15:48] Launchpad bug 1950321 in glusterfs (Ubuntu) "[MIR] glusterfs" [Critical, Confirmed] [15:48] Launchpad bug 1948748 in swtpm (Ubuntu) "[MIR] swtpm" [High, New] [15:48] yes sarnold I've seen and updated the bug [15:48] thank you [15:48] glusterfs sounds like it's still pretty gronky code [15:48] why isn't gluster in this list anymore ? [15:48] 'assigned to sbeat tie' [15:49] oh reassigned [15:49] ok [15:49] the list still shringks every week [15:49] * sbeattie is trying to get through it, but it'd help if people'd stop finding security issues in other software. [15:49] it == glusterfs [15:49] yespls [15:49] so again thank you sarnold and sbeattie and all the reviewer you train up [15:49] sbeattie: can we stop other people finding other issues somehow? [15:50] we can beg people to run coverity and cppcheck and .. :) [15:50] hehe [15:50] so to sum it up, progress is made on the security reviews, that makes people happy, we still might be able to complete all 22.04 material in time [15:50] #topic Any other business? [15:50] https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187 [15:50] Launchpad bug 1887187 in nftables (Ubuntu) "[MIR] nftables" [Critical, New] [15:51] right that is recent as well slyon [15:51] joalif and myself finished the MIR review on that one today [15:51] not sure why it didn't show up in the new MIRs queue [15:51] sweet [15:51] thanks slyon again! [15:51] basically it is back to the security team for security review and a small packaging change (missing .symbols file) [15:51] slyon: does it have required todos? [15:51] yes it has some [15:52] so I'll set incomplete [15:52] cpaelzer: yes it does have two small required TODOs [15:52] then it would have shown [15:52] thank you [15:52] And this is on security twice now - for review and for driving the case (IIUC) [15:52] exactly [15:52] *very* secure [15:52] hehe [15:53] https://github.com/cpaelzer/ubuntu-mir/pull/9 [15:53] Pull 9 in cpaelzer/ubuntu-mir "RFC: ensure package built in most recent archive test rebuild" [Open] [15:53] I updated https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187 [15:53] Launchpad bug 1887187 in nftables (Ubuntu) "[MIR] nftables" [Critical, Incomplete] [15:53] let us look at the PR [15:53] sorry for bug handling not being present sbeattie [15:53] reading the case [15:53] no problem [15:54] I'd plus one this suggestion [15:55] could we vote on this please, if we are overall +1 I can add it right away [15:55] +1 [15:55] +1 [15:55] +1, maybe we could suggest doing a local build, too? [15:55] I'd like to avoid the issue found in the python-cheroot security review, feel free to wordsmith, bikeshed, etc. [15:55] +1 as well [15:55] +1 [15:56] like running sbuild on the package locally. This would be even newer than the latest archive rebuild [15:56] slyon: I can add that as C [15:56] that or a proposed PPA rebuild [15:56] this suggestion is better than nothing, wordsmithing can happen if this ever is a pain to someone [15:56] I'd add it right now [15:56] cpaelzer: that'd be nice [15:56] that seems to be all we have [15:57] thanks! [15:57] ok closing then [15:57] #endmeeting [15:57] Meeting ended at 15:57:27 UTC. Minutes at https://ubottu.com/meetingology/logs/ubuntu-meeting/2022/ubuntu-meeting.2022-03-08-15.32.moin.txt [15:57] thanks cpaelzer, all :) [15:57] thanks everyone! [15:57] thanks cpaelzer, all! [15:57] o/ [15:57] thanks all o/ === chiluk_ is now known as chiluk [20:00] o/ [20:00] o/ [20:00] oh, I see cyphermox on the channel \o/ But I guess he might be AFK or busy [20:00] nope, I'm there [20:00] double-booked though [20:01] cyphermox: will you be able to chair in that case? Since I think it's your turn, but rbasak is set as the backup [20:01] * vorlon waves [20:02] yeah, I should be able to chair [20:02] cyphermox: double-booked> I hadn't had a chance to email, would it help you if we changed the meeting time? [20:02] not really, I'll adapt [20:02] Did I fail to update the agenda after the last meeting? Sorry. [20:03] https://irclogs.ubuntu.com/2022/02/22/%23ubuntu-meeting.html has the previous log [20:03] let's start? [20:03] https://new.ubottu.com/meetingology/logs/ubuntu-meeting/2022/ubuntu-meeting.2022-02-22-20.05.html has the summary [20:03] #startmeeting Ubuntu Technical Board [20:03] Meeting started at 20:03:47 UTC. The chair is cyphermox. Information about MeetBot at https://wiki.ubuntu.com/meetingology [20:03] Sure [20:03] Available commands: action, commands, idea, info, link, nick [20:03] I was just looking up previous action items [20:04] #chairs cyphermox rbasak [20:04] I think everything was carried [20:04] probably [20:04] And I also had " [20:04] rbasak will send out the private removal emails [20:04] " [20:04] which I've done [20:04] thanks :) [20:04] #topic Action Review [20:05] ACTION: formal ratification of third party seeded snap security policy, depends on: (rbasak, 19:06) [20:05] I think we were going to collapse this all into the ongoing (pad) discussion on seeded snap requirements, but I failed to update the agenda [20:08] ok [20:08] so carry? [20:09] no longer double-booked. [20:09] I'd say yes [20:09] ACTION: vorlon to circle around with store, snapcraft, et all, and revise the snap source revision policy to be more clear with regards to rebuildability and GPL compliance. (rbasak, 19:06) [20:09] carry-over [20:10] (I think at this point it makes sense for the above to be dependent on finalizing the ratification of the policy) [20:10] I agree, I'll update the agenda to that effect [20:10] ACTION: sil2100 to start a draft summarizing the OEM archive portion of the meeting which x-nox and TB will review, edit, and ratify before we move on to figuring out the next step (rbasak, 19:08) [20:10] Yes, so the draft is started, but still not finished! [20:11] alright, thanks sil2100 :) [20:11] So carry over please ;) [20:11] (https://wiki.ubuntu.com/OEMArchive for the record) [20:11] ACTION: Review and leave feedback on the first version of the preamble and three first requirements https://pad.ubuntu.com/third-party-repository-requirements (all of the TB) (sil2100, 20:09) [20:12] I had left my feedback months ago [20:13] hmmm, yeah, I didn't leave my comment on the actual preamble [20:13] Well, it's about the formal preamble, that's quite new [20:13] I'll re-review for myself too [20:13] ACTION: Discuss DMB inactivity expiration policy (all of the TB) (sil2100, 20:27) [20:13] cyphermox: yes, but I'd like more feedback please now that I've actually started drafting the proposed final wording after having gathered everyone's opinions [20:13] We were working on the rules themselves, but then rbasak started working on the actual wording - I need to sit down on that [20:13] oops sorry [20:13] arewe continuing on using a pad for this, vs perhaps moving it to a google doc? [20:14] +1 for a Google doc, if we're doing final wording [20:14] I'm happy to move it to a Google Doc if you all think it's worth doing that. I used the pad because I thought it'd be more open, but it turns out to be really hard to use the pad effectively [20:14] OK I'll do that thanks [20:15] ok, what about the DMB inactivity policy? [20:15] and perhaps, TB inactivity, since I was so kind to just disappear for three months myself :/ [20:16] That's resolved for the current situation, but longer term I think the TB needs to decide what to do if the situation recurs [20:16] ok [20:16] That's not urgent though. [20:18] should we discuss it now, or take that back to the mL? [20:18] We need someone to drive it on the ML :-/ [20:18] (IMHO) [20:20] yep [20:22] Or, it gets left until it actually comes up I guess. [20:23] ok [20:25] +1 [20:26] alright. that's a drop then, for all intents and purposes [20:26] I still think the retention policy is a good idea [20:26] postpone until it comes up [20:26] ah [20:27] FTR, I basically agree with what the DMB wants to do. I think we just need to refine the detail about the interaction between the DMB and the TB to actually do the removal, and communicate with the DMB members being removed, etc. [20:27] sil2100: does that mean you want to drive the discussion on the list? [20:27] vorlon: eh, I'm worried that I have so many DMB + the TB action that it might not be driven to completion [20:27] I would love to, since I think this policy will be helpful [20:28] I agree that it would be helpful but am wary of committing myself to driving it [20:28] I think, given recent events, it would be best if I didn't drive this one. [20:28] (but I will provide input, etc) [20:28] Ok, so maybe please assign it to me and if I can't make it by the next meeting, we'll try finding someone else [20:31] alright [20:31] Thanks o/ [20:31] (sil2100) Discuss if the membership to ~ubuntu-archive should be managed by the Technical Board, and if yes: consider new timezone-diverse additions to the team (i.e. bdmurray). [20:32] I thought ~ubuntu-archive managed their own membership, and various existing members were added that way? [20:33] Yeah, I think that's correct, I think the action item is invalid! [20:33] err okay :P [20:33] Sorry about that ;p [20:33] moving on [20:33] OK [20:33] Definition of our third party repository policy. See https://lists.ubuntu.com/archives/technical-board/2021-July/002562.html and https://pad.ubuntu.com/third-party-repository-requirements [20:34] To be clear, if members of ~ubuntu-archive want to change things, then consulting with the TB is probably worthwhile. [20:34] But unless there's some reason we'd probably leave it as-is [20:34] Sure, but I think that's all up to the ubuntu-archive admins - I think as of right now there is no actions required [20:35] *action [20:35] OK [20:36] On the pad, I'll take the action to move it to a Google Doc then, update everyone on the TB with the link and ask for further feedback there. [20:36] yes [20:37] I don't think there's anything else on this, except to say that I really want to make progress on this and need to know that you're happy with the direction it's going in since I'll need the final wording to be agreed later. [20:39] #topic Mailing list review [20:39] Not sure if this is the right moment to bring this up: [20:39] there was only one email there, not sure if it had been actioned yet, DMB allow [20:40] But there was the e-mail from Marc? [20:41] Should we think about starting an election? [20:41] yeah, I suppose there is that too [20:41] We need the CC to do that I think. [20:41] cyphermox: do you want to give us a gmail address for you to use for the google doc? I think that will make comment etc. tracking saner so it's not accidentally "anonymous" [20:41] At least that's what's happened in the past. [20:41] vorlon: I will share it, yes [20:41] Unless you want to do like the DMB and have us run the TB election admin ourselves [20:42] I guess someone will have to take the AI to contact the CC in that case [20:42] historically it's been the CC [20:42] I will take that action [20:42] Thanks! [20:42] I'm doing the best I can to refer election management either up or down so I don't have to do it ;-) [20:42] I will contact the CC to trigger the election [20:43] Now that I've done the DMB one twice I've got the process in my head and don't mind doing it. But it'd probably be better if the CC can. [20:43] #topic Check up on community bugs [20:43] there are no open bugs [20:43] \o/ [20:43] #topic Select a chair for the next meeting [20:43] One AOB item please [20:43] sure [20:44] rbasak, it's your turn next to chair I think? [20:44] I chaired last week! But sure. [20:44] Uh, last time - two weeks ago. [20:44] unless someone wants to save you [20:44] I don't mind. [20:44] if I'm not double-booked I can do it again [20:44] okay, moving on [20:44] #topic AOB [20:45] Is everyone happy with my response on the question of DMB nomination eligibility? [20:45] It wasn't my intention to speak for the TB but it seems to have been taken that way. [20:46] (I also fail to see how asking the TB for a vote is any different to asking the DMB for a vote in terms of "formality" but there you go) [20:48] I'm trying to skim the mailing list thread quickly, since I don't remember this [20:48] Today on ubuntu-devel@ [20:48] the old one on tech-board [20:48] Oh right sorry [20:49] giving the timing I can well understand why I personally didn't reply to it :) [20:50] I agree that ~ubuntu-sru-developers is narrower than what we expect DMB to assess and therefore isn't a good fit [20:50] also wonder why anyone on the ~ubuntu-sru-developers team who was actually interested in running for DMB wouldn't also just get core-dev first [20:51] I would be fine to vote on this if necessary [20:51] btw. do we have this documented somewhere besides the ML? [20:51] Like, who can actually be nominated for a seat for the DMB [20:52] Following that ML post, I put it in my call for nominations [20:53] Additionally I wrote it up in https://wiki.ubuntu.com/DeveloperMembershipBoard/KnowledgeBase#Running_a_DMB_election - not specifically the rule, but it does link to my call for nomination email as an example to use as a basis. [20:53] Ah, ok! [20:53] Noted ;) [20:53] I can document the rule explicitly there if you think it'd be helpful. [20:55] vorlon: thanks, but also, are you happy with the position that it's for the TB to decide eligbility and not the DMB? That's what ddstreet seems to be complaining about as "all this formality". I don't see any other reasonable option though. [20:55] (and same question to the others) [20:57] rbasak: yes, TB should decide this, not DMB [20:58] Does anyone on the TB want to support any change to the status quo? [20:58] If not then I'm done - thank you for clarifying. [20:58] hm, it's hard to say from my POV, I don't have a strong opinion. But I think that since the TB does manage the DMB membership (besides the fact of startin elections), I think it makes sense to assume that the TB is the one setting the base rules [20:58] I wanted to make sure that this is handled openly since I'm dancing a fine line of ensuring that the election is done properly :-/ [20:59] But as said, I'm of no strong opinion here [21:06] okay, so do we need a vote or do we already have consensus on the topic? [21:07] I don't think anyone has called for a vote here. [21:07] So I think we're good. Thanks! [21:07] o/ [21:08] Does that mean "I'd like to raise something" or "bye"? :) [21:08] haha [21:08] ...that is a bit confusing, yes! But the latter ;) [21:09] alrighty then, any other other business? [21:09] #endmeeting [21:09] Meeting ended at 21:09:48 UTC. Minutes at https://ubottu.com/meetingology/logs/ubuntu-meeting/2022/ubuntu-meeting.2022-03-08-20.03.moin.txt [21:10] Thanks all, and cyphermox for chairing! [21:11] thanks all o/ [21:12] thanks! [21:13] Thanks all! cyphermox thank you for chairing!