[MIR] dotnet7

[Availability]
 - The package dotnet7 is already in Ubuntu universe.
 - The package dotnet7 build for the architectures it is designed to work on.
   - See https://github.com/dotnet/core/blob/main/release-notes/7.0/supported-os.md
 - It currently builds and works for architetcures: amd64, arm64
 - Link to package https://launchpad.net/ubuntu/+source/dotnet7

[Rationale]
 - The package dotnet7 is required in Ubuntu main as part of
   Canonicals partnership with Microsoft to shorten the supply
   chain between Canonical and Microsoft and improve the .NET
   developer experience on Ubuntu. Read more here:
   - https://canonical.com/blog/install-dotnet-on-ubuntu
   - https://devblogs.microsoft.com/dotnet/dotnet-6-is-now-in-ubuntu-2204/
 - The package dotnet7 will generally be useful for a large part of
   our user base
 - It would be great and useful to community/processes to have the
   package dotnet7 in Ubuntu main, but there is no definitive deadline.

[Security]
 - dotnet7 had security issues in the past that have been
   fixed, see trackers:
   - https://ubuntu.com/security/cves?package=dotnet7
   - NOTE: When searching for .NET CVEs in other trackers,
     keep in mind that .NET Framework and .NET (Core) is not
     the same and that many CVEs do not affect Linux distributions.
 - The Security Team and Foundations Toolchain Squad already
   work together with Microsoft to release security updates
   to Ubuntu.
 - Microsoft has weekly meetings with .NET Security Partners
   (including Canonical) where they get and keep informed
   about Security Issues.
 - .NET Security Partners (including Canonical) have early
   access to .NET releases containing CVE patches.
 - Microsoft and .NET Security Partners (including Canonical)
   coordinate releases to disclose and provide patches for
   security issues on all plattforms at the same time.
 - Microsoft informs Users about (security) issues in the
   monthly release notes where they aslo recommend actions
   to mitigate these issues.
   See example Release Note containing CVE warning:
   https://devblogs.microsoft.com/dotnet/february-2023-updates/
 - no `suid` or `sgid` binaries
 - no executables in `/sbin` and `/usr/sbin`
 - Packages does not open privileged ports (ports < 1024)
 - Packages does not contain extensions to security-sensitive software
   (filters, scanners, plugins, UI skins, ...)

[Quality assurance - function/usage]
 - The package works well right after install

[Quality assurance - maintenance]
 - The package is maintained well in Ubuntu/Upstream and does
   not have too many, long-term & critical, open bugs
   - Ubuntu https://bugs.launchpad.net/ubuntu/+source/dotnet7/+bug
   - Upstream's bug tracker: https://github.com/dotnet/source-build/issues
     (The .NET project has also multiple other bug trackers
     for the individual components it consits of, e.g.:
     - https://github.com/dotnet/installer/issues
     - https://github.com/dotnet/runtime/issues
     - https://github.com/dotnet/sdk/issues
     - https://github.com/dotnet/aspnetcore/issues
     Microsoft will CC us if issues are related to packaging)
 - The package does not deal with exotic hardware we cannot support

[Quality assurance - testing]
 - The package runs a test suite on build time, if it fails
   it makes the build fail, link to build logs:
   - mantic amd64: https://launchpad.net/ubuntu/+source/dotnet7/7.0.105-0ubuntu3/+build/26165937
   - mantic arm64: https://launchpad.net/ubuntu/+source/dotnet7/7.0.105-0ubuntu3/+build/26165938
   - lunar amd64: https://launchpad.net/~ubuntu-security/+archive/ubuntu/ppa/+build/25976312
   - lunar arm64: https://launchpad.net/~ubuntu-security/+archive/ubuntu/ppa/+build/25976313
   - kinetic amd64: https://launchpad.net/~ubuntu-security/+archive/ubuntu/ppa/+build/25964399
   - kinetic arm64: https://launchpad.net/~ubuntu-security/+archive/ubuntu/ppa/+build/25964400
   - jammy amd64: https://launchpad.net/ubuntu/+source/dotnet7/7.0.105-0ubuntu1~22.04.1/+build/26037168
   - jammy arm64: https://launchpad.net/ubuntu/+source/dotnet7/7.0.105-0ubuntu1~22.04.1/+build/26037169
 - The package runs an autopkgtest, and is currently passing
   on jammy/mantic/lunar amd64/arm64 https://autopkgtest.ubuntu.com/packages/dotnet7
 - The package does have failing autopkgtests tests right now,
   because the failing test has a bug.
   This does not matter as the testsuite gets replaced by a
   more sophisticated one with the next release.

[Quality assurance - packaging]
 - debian/watch is present and works*
   (*Canonical has to work around the debian/watch file to
   consume embargoed releses before the release)
 - debian/control defines a correct Maintainer field
 - This package does yield massive lintian Warnings/Errors,
   but they are either false-postives or acceptable.
 - Lintian overrides are present, but ok because of false-positive
   lintian warnings. The concrete reasons are explained as a
   comment in the overwrite files.
 - The package will not be installed by default
 - Packaging is complex, but that is ok because the software
   we are packaging is complex and we are working with
   Microsoft to reduce the complexity.

[UI standards]
 - Application is end-user facing, Translation is NOT present,
   this is ok, as the application just provides a Command Line
   Interface for developers. The CLI output should not be
   translated to maintain online searchable error messages.
 - The exception messages of the .NET Runtime are localized.
 - End-user applications without desktop file, not needed,
   because it just provides libraries and command line tools

[Dependencies]
 - There are further dependencies that are not yet in main, the MIR
   process for them is handled as part of this bug here.
   - lld binary and source package is in universe
   - llvm binary and source package is in universe
   - locales-all is in universe, but its source glibc is already in main

[Standards compliance]
RULE: - Major violations should be documented and justified.
RULE: - FHS: https://refspecs.linuxfoundation.org/fhs.shtml
RULE: - Debian Policy: https://www.debian.org/doc/debian-policy/
 - AFAICT, This package correctly follows FHS and Debian Policy

[Maintenance/Owner]
 - Team is already subscribed to the package
 - This does not use static builds
 - This does not use vendored code
 - This package is not rust based
 - The package has been built in the archive more recently than the last
   test rebuild

[Background information]
 - The Package description explains the package well
 - Upstream Name is ".NET 7"
 - Upstream project: https://github.com/dotnet/source-build
 - This MIR exists in parralel to the MIR for dotnet6