2022-08-09 13:43:47 |
Jeremy Bícha |
bug |
|
|
added bug |
2022-08-09 13:43:54 |
Jeremy Bícha |
editorconfig-core (Ubuntu): status |
New |
Incomplete |
|
2022-08-09 13:44:09 |
Jeremy Bícha |
bug |
|
|
added subscriber MIR approval team |
2022-08-09 13:55:53 |
Jeremy Bícha |
description |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
RULE: - To support a package, we must be reasonably convinced that upstream
RULE: supports and cares for the package.
RULE: - The status of important bugs in Debian, Ubuntu and upstream's bug
RULE: tracking systems must be evaluated. Important bugs must be pointed out
RULE: and discussed in the MIR report.
TODO: - The package is maintained well in Debian/Ubuntu and has not too many
TODO: and long term critical bugs open
TODO: - Ubuntu https://bugs.launchpad.net/ubuntu/+source/TBDSRC/+bug
TODO: - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=TBDSRC
TODO: - The package has important open bugs, listing them: TBD
TODO-A: - The package does not deal with exotic hardware we cannot support
TODO-B: - The package does deal with exotic hardware, it is present at TBD
TODO-B: to be able to test, fix and verify bugs
[Quality assurance - testing]
RULE: - The package must include a non-trivial test suite
RULE: - it should run at package build and fail the build if broken
TODO-A: - The package runs a test suite on build time, if it fails
TODO-A: it makes the build fail, link to build log TBD
TODO-B: - The package does not run a test at build time because TBD
RULE: - The package should, but is not required to, also contain
RULE: non-trivial autopkgtest(s).
TODO-A: - The package runs an autopkgtest, and is currently passing on
TODO-A: this TBD list of architectures, link to test logs TBD
TODO-B: - The package does not run an autopkgtest because TBD
RULE: - existing but failing tests that shall be handled as "ok to fail"
RULE: need to be explained along the test logs below
TODO-A: - The package does have not failing autopkgtests right now
TODO-B: - The package does have failing autopkgtests tests right now, but since
TODO-B: they always failed they are handled as "ignored failure", this is
TODO-B: ok because TBD
RULE: - If no build tests nor autopkgtests are included, and/or if the package
RULE: requires specific hardware to perform testing, the subscribed team
RULE: must provide a written test plan in a comment to the MIR bug, and
RULE: commit to running that test either at each upload of the package or
RULE: at least once each release cycle. In the comment to the MIR bug,
RULE: please link to the codebase of these tests (scripts or doc of manual
RULE: steps) and attach a full log of these test runs. This is meant to
RULE: assess their validity (e.g. not just superficial)
TODO: - The package can not be tested at build or autopktest time because TBD
TODO: to make up for that here TBD is a test plan/automation and example
TODO: test TBD (logs/scripts)
RULE: - In some cases a solution that is about to be promoted consists of
RULE: several very small libraries and one actual application uniting them
RULE: to achieve something useful. This is rather common in the go/rust space.
RULE: In that case often these micro-libs on their own can and should only
RULE: provide low level unit-tests. But more complex autopkgtests make no
RULE: sense on that level. Therefore in those cases one might want to test on
RULE: the solution level.
RULE: - Process wise MIR-requesting teams can ask (on the bug) for this
RULE: special case to apply for a given case, which reduces the test
RULE: constraints on the micro libraries but in return increases the
RULE: requirements for the test of the actual app/solution.
RULE: - Since this might promote micro-lib packages to main with less than
RULE: the common level of QA any further MIRed program using them will have
RULE: to provide the same amount of increased testing.
TODO: - This package is minimal and will be tested in a more wide reaching
TODO: solution context TBD, details about this testing are here TBD
[Quality assurance - packaging]
RULE: - The package uses a debian/watch file whenever possible. In cases where
RULE: this is not possible (e.g. native packages), the package should either
RULE: provide a debian/README.source file or a debian/watch file (with
RULE: comments only) providing clear instructions on how to generate the
RULE: source tar file.
TODO-A: - debian/watch is present and works
TODO-B: - debian/watch is not present, instead it has TBD
TODO-C: - debian/watch is not present because it is a native package
RULE: - The package should define the correct "Maintainer:" field in
RULE: debian/control. This needs to be updated, using `update-maintainer`
RULE: whenever any Ubuntu delta is applied to the package, as suggested by
RULE: dpkg (LP: #1951988)
TODO: - debian/control defines a correct Maintainer field
RULE: - It is often useful to run `lintian --pedantic` on the package to spot
RULE: the most common packaging issues in advance
RULE: - Non-obvious or non-properly commented lintian overrides should be
RULE: explained
TODO: - This package does not yield massive lintian Warnings, Errors
TODO: - Please link to a recent build log of the package <TBD>
TODO: - Please attach the full output you have got from
TODO: `lintian --pedantic` as an extra post to this bug.
TODO-A: - Lintian overrides are not present
TODO-B: - Lintian overrides are present, but ok because TBD
RULE: - The package should not rely on obsolete or about to be demoted packages.
RULE: That currently includes package dependencies on Python2 (without
RULE: providing Python3 packages), and packages depending on GTK2.
TODO: - This package does not rely on obsolete or about to be demoted packages.
TODO: - This package has no python2 or GTK2 dependencies
RULE: - Debconf questions should not bother the default user too much
TODO-A: - The package will be installed by default, but does not ask debconf
TODO-A: questions higher than medium
TODO-B: - The package will not be installed by default
RULE: - The source packaging (in debian/) should be reasonably easy to
RULE: understand and maintain.
TODO-A: - Packaging and build is easy, link to d/rules TBD
TODO-B: - Packaging is complex, but that is ok because TBD
[UI standards]
TODO-A: - Application is not end-user facing (does not need translation)
TODO-B: - Application is end-user facing, Translation is present, via standard
TODO-B: intltool/gettext or similar build and runtime internationalization
TODO-B: system see TBD
TODO-A: - End-user applications that ships a standard conformant desktop file,
TODO-B: see TBD
TODO-B: - End-user applications without desktop file, not needed because TBD
[Dependencies]
RULE: - In case of alternative the preferred alternative must be in main.
RULE: - Build(-only) dependencies can be in universe
RULE: - If there are further dependencies they need a separate MIR discussion
RULE: (this can be a separate bug or another task on the main MIR bug)
TODO-A: - No further depends or recommends dependencies that are not yet in main
TODO-B: - There are further dependencies that are not yet in main, MIR for them
TODO-B: is at TBD
TODO-C: - There are further dependencies that are not yet in main, the MIR
TODO-C: process for them is handled as part of this bug here.
[Standards compliance]
RULE: - Major violations should be documented and justified.
RULE: - [[https://refspecs.linuxfoundation.org/fhs.shtml|FHS]]
RULE: - [[http://www.debian.org/doc/debian-policy/|Debian Policy]]
TODO-A: - This package correctly follows FHS and Debian Policy
TODO-B: - This package violates FHS or Debian Polciy, reasons for that are TBD
[Maintenance/Owner]
RULE: The package must have an acceptable level of maintenance corresponding
RULE: to its complexity:
RULE: - All packages must have a designated "owning" team, regardless of
RULE: complexity, which is set as a package bug contact. This is not a
RULE: requirement for the MIR team ACK, but for the package to be promoted
RULE: by an archive admin. Still, it is strongly suggested to subscribe,
RULE: as the owning team will get a preview of the to-be-expected incoming
RULE: bugs later on.
RULE: - Simple packages (e.g. language bindings, simple Perl modules, small
RULE: command-line programs, etc.) might not need very much maintenance
RULE: effort, and if they are maintained well in Debian we can just keep them
RULE: synced. They still need a subscribing team to handle bugs, FTBFS and
RULE: tests
RULE: - More complex packages will usually need a developer or team of
RULE: developers paying attention to their bugs, whether that be in Ubuntu
RULE: or elsewhere (often Debian). Packages that deliver major new headline
RULE: features in Ubuntu need to have commitment from Ubuntu developers
RULE: willing to spend substantial time on them.
TODO: - Owning Team will be TBD
TODO-A: - Team is already subscribed to the package
TODO-B: - Team is not yet, but will subscribe to the package before promotion
RULE: - Responsibilities implied by static builds promoted to main, which is
RULE: not a recommended but a common case with golang and rust packages.
RULE: - the security team will track CVEs for all vendored/embedded sources in main
RULE: - the security team will provide updates to main for all `golang-*-dev`
RULE: packages
RULE: - the security team will provide updates to main for non-vendored
RULE: dependencies as per normal procedures (including e.g.,
RULE: sponsoring/coordinating uploads from teams/upstream projects, etc)
RULE: - the security team will perform no-change-rebuilds for all packages
RULE: listing an CVE-fixed package as Built-Using and coordinate testing
RULE: with the owning teams responsible for the rebuilt packages
RULE: - for packages that build using any `golang-*-dev` packages:
RULE: - the owning team must state their commitment to test
RULE: no-change-rebuilds triggered by a dependent library/compiler and to
RULE: fix any issues found for the lifetime of the release (including ESM
RULE: when included)
RULE: - the owning team must provide timely testing of no-change-rebuilds
RULE: from the security team, fixing the rebuilt package as necessary
RULE: - for packages that build with approved vendored code:
RULE: - the owning team must state their commitment to provide updates to
RULE: the security team for any affected vendored code for the lifetime of
RULE: the release (including ESM when included)
RULE: - the security team will alert the owning team of issues that may
RULE: affect their vendored code
RULE: - the owning team will provide timely, high quality updates for the
RULE: security team to sponsor to fix issues in the affected vendored code
RULE: - if subsequent uploads add new vendored components or dependencies
RULE: these have to be reviewed and agreed by the security team.
RULE: - Such updates in the project might be trivial, but imply that a
RULE: dependency for e.g. a CVE fix will be moved to a new major version.
RULE: Being vendored that does gladly at least not imply incompatibility
RULE: issues with other packages or the SRU policy. But it might happen
RULE: that this triggers either:
RULE: a) The need to adapt the current version of the main package and/or
RULE: other vendored dependencies to work with the new dependency
RULE: b) The need to backport the fix in the dependency as the main
RULE: package will functionally only work well with the older version
RULE: c) The need to backport the fix in the dependency, as it would imply
RULE: requiring a newer toolchain to be buildable that isn't available
RULE: in the target release.
RULE: - The rust ecosystem currently isn't yet considered stable enough for
RULE: classic lib dependencies and transitions in main; therefore the
RULE: expectation for those packages is to vendor (and own/test) all
RULE: dependencies (except those provided by the rust runtime itself).
RULE: This implies that all the rules for vendored builds always
RULE: apply to them. In addition:
RULE: - The rules and checks for rust based packages are preliminary and might
RULE: change over time as the ecosytem matures and while
RULE: processing the first few rust based packages.
RULE: - It is expected rust builds will use dh-cargo so that a later switch
RULE: to non vendored dependencies isn't too complex (e.g. it is likely
RULE: that over time more common libs shall become stable and then archive
RULE: packages will be used to build).
RULE: - Right now that tooling to get a Cargo.lock that will include internal
RULE: vendored dependencies isn't in place yet (expect a dh-cargo change
RULE: later). Until it is available, as a fallback one can scan the
RULE: directory at build time and let it be generated in debian/rules.
RULE: An example might look like:
RULE: d/rules:
RULE: override_dh_auto_test:
RULE: CARGO_HOME=debian /usr/share/cargo/bin/cargo test --offline
RULE: d/<pkg>.install:
RULE: Cargo.lock /usr/share/doc/<pkg>
RULE: d/config.toml
RULE: # Use the vendorized sources to produce the Cargo.lock file. This
RULE: # can be performed by pointing $CARGO_HOME to the path containing
RULE: # this file.
RULE: [source]
RULE: [source.my-vendor-source]
RULE: directory = "vendor"
RULE: [source.crates-io]
RULE: replace-with = "my-vendor-source"
RULE: - All vendored dependencies (no matter what language) shall have a
RULE: way to be refreshed
TODO-A: - This does not use static builds
TODO-B: - The team TBD is aware of the implications by a static build and
TODO-B: commits to test no-change-rebuilds and to fix any issues found for the
TODO-B: lifetime of the release (including ESM)
TODO-A: - This does not use vendored code
TODO-B: - The team TBD is aware of the implications of vendored code and (as
TODO-B: alerted by the security team) commits to provide updates and backports
TODO-B: to the security team for any affected vendored code for the lifetime
TODO-B: of the release (including ESM).
TODO-A: - This does not use vendored code
TODO-B: - This package uses vendored go code tracked in go.sum as shiped in the
TODO-B: package, refreshing that code is outlined in debian/README.source
TODO-C: - This package uses vendored rust code tracked in Cargo.lock as shipped,
TODO-C: in the package (at /usr/share/doc/<pkgname>/Cargo.lock - might be
TODO-C: compressed), refreshing that code is outlined in debian/README.source
TODO-D: - This package uses vendored code, refreshing that code is outlined
TODO-D: in debian/README.source
TODO-A: - This package is not rust based
TODO-B: - This package is rust based and vendors all non language-runtime
TODO-B: dependencies
RULE: - if there has been an archive test rebuild that has occurred more recently
RULE: than the last upload, the package must have rebuilt successfully
TODO-A: - The package has been built in the archive more recently than the last
TODO-A: test rebuild
TODO-B: - The package successfully built during the most recent test rebuild
TODO-C: - The package was test rebuilt in PPA or sbuild recently (provide link/logs)
[Background information]
RULE: - The package descriptions should explain the general purpose and context
RULE: of the package. Additional explanations/justifications should be done in
RULE: the MIR report.
RULE: - If the package was renamed recently, or has a different upstream name,
RULE: this needs to be explained in the MIR report.
TODO: The Package description explains the package well
TODO: Upstream Name is TBD
TODO: Link to upstream project TBD
TODO: TBD (any further background that might be helpful
Link to upstream project:
https://github.com/editorconfig/editorconfig-core-c |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR
TODO: Check Debian bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
RULE: - The package must include a non-trivial test suite
RULE: - it should run at package build and fail the build if broken
TODO-A: - The package runs a test suite on build time, if it fails
TODO-A: it makes the build fail, link to build log TBD
TODO-B: - The package does not run a test at build time because TBD
RULE: - The package should, but is not required to, also contain
RULE: non-trivial autopkgtest(s).
TODO-A: - The package runs an autopkgtest, and is currently passing on
TODO-A: this TBD list of architectures, link to test logs TBD
TODO-B: - The package does not run an autopkgtest because TBD
RULE: - existing but failing tests that shall be handled as "ok to fail"
RULE: need to be explained along the test logs below
TODO-A: - The package does have not failing autopkgtests right now
TODO-B: - The package does have failing autopkgtests tests right now, but since
TODO-B: they always failed they are handled as "ignored failure", this is
TODO-B: ok because TBD
RULE: - If no build tests nor autopkgtests are included, and/or if the package
RULE: requires specific hardware to perform testing, the subscribed team
RULE: must provide a written test plan in a comment to the MIR bug, and
RULE: commit to running that test either at each upload of the package or
RULE: at least once each release cycle. In the comment to the MIR bug,
RULE: please link to the codebase of these tests (scripts or doc of manual
RULE: steps) and attach a full log of these test runs. This is meant to
RULE: assess their validity (e.g. not just superficial)
TODO: - The package can not be tested at build or autopktest time because TBD
TODO: to make up for that here TBD is a test plan/automation and example
TODO: test TBD (logs/scripts)
RULE: - In some cases a solution that is about to be promoted consists of
RULE: several very small libraries and one actual application uniting them
RULE: to achieve something useful. This is rather common in the go/rust space.
RULE: In that case often these micro-libs on their own can and should only
RULE: provide low level unit-tests. But more complex autopkgtests make no
RULE: sense on that level. Therefore in those cases one might want to test on
RULE: the solution level.
RULE: - Process wise MIR-requesting teams can ask (on the bug) for this
RULE: special case to apply for a given case, which reduces the test
RULE: constraints on the micro libraries but in return increases the
RULE: requirements for the test of the actual app/solution.
RULE: - Since this might promote micro-lib packages to main with less than
RULE: the common level of QA any further MIRed program using them will have
RULE: to provide the same amount of increased testing.
TODO: - This package is minimal and will be tested in a more wide reaching
TODO: solution context TBD, details about this testing are here TBD
[Quality assurance - packaging]
debian/watch is present and works
RULE: - It is often useful to run `lintian --pedantic` on the package to spot
RULE: the most common packaging issues in advance
RULE: - Non-obvious or non-properly commented lintian overrides should be
RULE: explained
TODO: - This package does not yield massive lintian Warnings, Errors
TODO: - Please link to a recent build log of the package <TBD>
TODO: - Please attach the full output you have got from
TODO: `lintian --pedantic` as an extra post to this bug.
TODO-A: - Lintian overrides are not present
TODO-B: - Lintian overrides are present, but ok because TBD
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
TODO-A: - Application is not end-user facing (does not need translation)
TODO-B: - Application is end-user facing, Translation is present, via standard
TODO-B: intltool/gettext or similar build and runtime internationalization
TODO-B: system see TBD
TODO-A: - End-user applications that ships a standard conformant desktop file,
TODO-B: see TBD
TODO-B: - End-user applications without desktop file, not needed because TBD
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Bugs
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package successfully built during the most recent test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c |
|
2022-08-09 14:36:57 |
Jeremy Bícha |
description |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR
TODO: Check Debian bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
RULE: - The package must include a non-trivial test suite
RULE: - it should run at package build and fail the build if broken
TODO-A: - The package runs a test suite on build time, if it fails
TODO-A: it makes the build fail, link to build log TBD
TODO-B: - The package does not run a test at build time because TBD
RULE: - The package should, but is not required to, also contain
RULE: non-trivial autopkgtest(s).
TODO-A: - The package runs an autopkgtest, and is currently passing on
TODO-A: this TBD list of architectures, link to test logs TBD
TODO-B: - The package does not run an autopkgtest because TBD
RULE: - existing but failing tests that shall be handled as "ok to fail"
RULE: need to be explained along the test logs below
TODO-A: - The package does have not failing autopkgtests right now
TODO-B: - The package does have failing autopkgtests tests right now, but since
TODO-B: they always failed they are handled as "ignored failure", this is
TODO-B: ok because TBD
RULE: - If no build tests nor autopkgtests are included, and/or if the package
RULE: requires specific hardware to perform testing, the subscribed team
RULE: must provide a written test plan in a comment to the MIR bug, and
RULE: commit to running that test either at each upload of the package or
RULE: at least once each release cycle. In the comment to the MIR bug,
RULE: please link to the codebase of these tests (scripts or doc of manual
RULE: steps) and attach a full log of these test runs. This is meant to
RULE: assess their validity (e.g. not just superficial)
TODO: - The package can not be tested at build or autopktest time because TBD
TODO: to make up for that here TBD is a test plan/automation and example
TODO: test TBD (logs/scripts)
RULE: - In some cases a solution that is about to be promoted consists of
RULE: several very small libraries and one actual application uniting them
RULE: to achieve something useful. This is rather common in the go/rust space.
RULE: In that case often these micro-libs on their own can and should only
RULE: provide low level unit-tests. But more complex autopkgtests make no
RULE: sense on that level. Therefore in those cases one might want to test on
RULE: the solution level.
RULE: - Process wise MIR-requesting teams can ask (on the bug) for this
RULE: special case to apply for a given case, which reduces the test
RULE: constraints on the micro libraries but in return increases the
RULE: requirements for the test of the actual app/solution.
RULE: - Since this might promote micro-lib packages to main with less than
RULE: the common level of QA any further MIRed program using them will have
RULE: to provide the same amount of increased testing.
TODO: - This package is minimal and will be tested in a more wide reaching
TODO: solution context TBD, details about this testing are here TBD
[Quality assurance - packaging]
debian/watch is present and works
RULE: - It is often useful to run `lintian --pedantic` on the package to spot
RULE: the most common packaging issues in advance
RULE: - Non-obvious or non-properly commented lintian overrides should be
RULE: explained
TODO: - This package does not yield massive lintian Warnings, Errors
TODO: - Please link to a recent build log of the package <TBD>
TODO: - Please attach the full output you have got from
TODO: `lintian --pedantic` as an extra post to this bug.
TODO-A: - Lintian overrides are not present
TODO-B: - Lintian overrides are present, but ok because TBD
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
TODO-A: - Application is not end-user facing (does not need translation)
TODO-B: - Application is end-user facing, Translation is present, via standard
TODO-B: intltool/gettext or similar build and runtime internationalization
TODO-B: system see TBD
TODO-A: - End-user applications that ships a standard conformant desktop file,
TODO-B: see TBD
TODO-B: - End-user applications without desktop file, not needed because TBD
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Bugs
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package successfully built during the most recent test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
RULE: - The package must include a non-trivial test suite
RULE: - it should run at package build and fail the build if broken
TODO-A: - The package runs a test suite on build time, if it fails
TODO-A: it makes the build fail, link to build log TBD
TODO-B: - The package does not run a test at build time because TBD
RULE: - The package should, but is not required to, also contain
RULE: non-trivial autopkgtest(s).
TODO-A: - The package runs an autopkgtest, and is currently passing on
TODO-A: this TBD list of architectures, link to test logs TBD
TODO-B: - The package does not run an autopkgtest because TBD
RULE: - existing but failing tests that shall be handled as "ok to fail"
RULE: need to be explained along the test logs below
TODO-A: - The package does have not failing autopkgtests right now
TODO-B: - The package does have failing autopkgtests tests right now, but since
TODO-B: they always failed they are handled as "ignored failure", this is
TODO-B: ok because TBD
RULE: - If no build tests nor autopkgtests are included, and/or if the package
RULE: requires specific hardware to perform testing, the subscribed team
RULE: must provide a written test plan in a comment to the MIR bug, and
RULE: commit to running that test either at each upload of the package or
RULE: at least once each release cycle. In the comment to the MIR bug,
RULE: please link to the codebase of these tests (scripts or doc of manual
RULE: steps) and attach a full log of these test runs. This is meant to
RULE: assess their validity (e.g. not just superficial)
TODO: - The package can not be tested at build or autopktest time because TBD
TODO: to make up for that here TBD is a test plan/automation and example
TODO: test TBD (logs/scripts)
RULE: - In some cases a solution that is about to be promoted consists of
RULE: several very small libraries and one actual application uniting them
RULE: to achieve something useful. This is rather common in the go/rust space.
RULE: In that case often these micro-libs on their own can and should only
RULE: provide low level unit-tests. But more complex autopkgtests make no
RULE: sense on that level. Therefore in those cases one might want to test on
RULE: the solution level.
RULE: - Process wise MIR-requesting teams can ask (on the bug) for this
RULE: special case to apply for a given case, which reduces the test
RULE: constraints on the micro libraries but in return increases the
RULE: requirements for the test of the actual app/solution.
RULE: - Since this might promote micro-lib packages to main with less than
RULE: the common level of QA any further MIRed program using them will have
RULE: to provide the same amount of increased testing.
TODO: - This package is minimal and will be tested in a more wide reaching
TODO: solution context TBD, details about this testing are here TBD
[Quality assurance - packaging]
debian/watch is present and works
RULE: - It is often useful to run `lintian --pedantic` on the package to spot
RULE: the most common packaging issues in advance
RULE: - Non-obvious or non-properly commented lintian overrides should be
RULE: explained
TODO: - This package does not yield massive lintian Warnings, Errors
TODO: - Please link to a recent build log of the package <TBD>
TODO: - Please attach the full output you have got from
TODO: `lintian --pedantic` as an extra post to this bug.
TODO-A: - Lintian overrides are not present
TODO-B: - Lintian overrides are present, but ok because TBD
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
TODO-A: - Application is not end-user facing (does not need translation)
TODO-B: - Application is end-user facing, Translation is present, via standard
TODO-B: intltool/gettext or similar build and runtime internationalization
TODO-B: system see TBD
TODO-A: - End-user applications that ships a standard conformant desktop file,
TODO-B: see TBD
TODO-B: - End-user applications without desktop file, not needed because TBD
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Bugs
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package successfully built during the most recent test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c |
|
2022-08-09 21:40:22 |
Jeremy Bícha |
description |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
RULE: - The package must include a non-trivial test suite
RULE: - it should run at package build and fail the build if broken
TODO-A: - The package runs a test suite on build time, if it fails
TODO-A: it makes the build fail, link to build log TBD
TODO-B: - The package does not run a test at build time because TBD
RULE: - The package should, but is not required to, also contain
RULE: non-trivial autopkgtest(s).
TODO-A: - The package runs an autopkgtest, and is currently passing on
TODO-A: this TBD list of architectures, link to test logs TBD
TODO-B: - The package does not run an autopkgtest because TBD
RULE: - existing but failing tests that shall be handled as "ok to fail"
RULE: need to be explained along the test logs below
TODO-A: - The package does have not failing autopkgtests right now
TODO-B: - The package does have failing autopkgtests tests right now, but since
TODO-B: they always failed they are handled as "ignored failure", this is
TODO-B: ok because TBD
RULE: - If no build tests nor autopkgtests are included, and/or if the package
RULE: requires specific hardware to perform testing, the subscribed team
RULE: must provide a written test plan in a comment to the MIR bug, and
RULE: commit to running that test either at each upload of the package or
RULE: at least once each release cycle. In the comment to the MIR bug,
RULE: please link to the codebase of these tests (scripts or doc of manual
RULE: steps) and attach a full log of these test runs. This is meant to
RULE: assess their validity (e.g. not just superficial)
TODO: - The package can not be tested at build or autopktest time because TBD
TODO: to make up for that here TBD is a test plan/automation and example
TODO: test TBD (logs/scripts)
RULE: - In some cases a solution that is about to be promoted consists of
RULE: several very small libraries and one actual application uniting them
RULE: to achieve something useful. This is rather common in the go/rust space.
RULE: In that case often these micro-libs on their own can and should only
RULE: provide low level unit-tests. But more complex autopkgtests make no
RULE: sense on that level. Therefore in those cases one might want to test on
RULE: the solution level.
RULE: - Process wise MIR-requesting teams can ask (on the bug) for this
RULE: special case to apply for a given case, which reduces the test
RULE: constraints on the micro libraries but in return increases the
RULE: requirements for the test of the actual app/solution.
RULE: - Since this might promote micro-lib packages to main with less than
RULE: the common level of QA any further MIRed program using them will have
RULE: to provide the same amount of increased testing.
TODO: - This package is minimal and will be tested in a more wide reaching
TODO: solution context TBD, details about this testing are here TBD
[Quality assurance - packaging]
debian/watch is present and works
RULE: - It is often useful to run `lintian --pedantic` on the package to spot
RULE: the most common packaging issues in advance
RULE: - Non-obvious or non-properly commented lintian overrides should be
RULE: explained
TODO: - This package does not yield massive lintian Warnings, Errors
TODO: - Please link to a recent build log of the package <TBD>
TODO: - Please attach the full output you have got from
TODO: `lintian --pedantic` as an extra post to this bug.
TODO-A: - Lintian overrides are not present
TODO-B: - Lintian overrides are present, but ok because TBD
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
TODO-A: - Application is not end-user facing (does not need translation)
TODO-B: - Application is end-user facing, Translation is present, via standard
TODO-B: intltool/gettext or similar build and runtime internationalization
TODO-B: system see TBD
TODO-A: - End-user applications that ships a standard conformant desktop file,
TODO-B: see TBD
TODO-B: - End-user applications without desktop file, not needed because TBD
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Bugs
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package successfully built during the most recent test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
TODO - The package does not run an autopkgtest.
[Quality assurance - packaging]
debian/watch is present and works
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because it's a difference of opinion over how to handle debian/copyright formatting
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/source/lintian-overrides
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Packages
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package successfully built during the most recent test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c
and
https://github.com/editorconfig/editorconfig-core-test (shipped as a second orig tarball to fill out the tests/ directory) |
|
2022-08-09 21:40:37 |
Jeremy Bícha |
editorconfig-core (Ubuntu): status |
Incomplete |
New |
|
2022-08-09 21:54:54 |
Jeremy Bícha |
attachment added |
|
editorconfig-core-lintian.txt https://bugs.launchpad.net/ubuntu/+source/editorconfig-core/+bug/1984104/+attachment/5607569/+files/editorconfig-core-lintian.txt |
|
2022-08-09 21:56:12 |
Jeremy Bícha |
description |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
TODO - The package does not run an autopkgtest.
[Quality assurance - packaging]
debian/watch is present and works
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because it's a difference of opinion over how to handle debian/copyright formatting
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/source/lintian-overrides
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Packages
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package successfully built during the most recent test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c
and
https://github.com/editorconfig/editorconfig-core-test (shipped as a second orig tarball to fill out the tests/ directory) |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
TODO - The package does not run an autopkgtest.
[Quality assurance - packaging]
debian/watch is present and works
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because it's a difference of opinion over how to handle debian/copyright formatting
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/source/lintian-overrides
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Packages
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c
and
https://github.com/editorconfig/editorconfig-core-test (shipped as a second orig tarball to fill out the tests/ directory) |
|
2022-08-09 22:05:42 |
Jeremy Bícha |
description |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
TODO - The package does not run an autopkgtest.
[Quality assurance - packaging]
debian/watch is present and works
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because it's a difference of opinion over how to handle debian/copyright formatting
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/source/lintian-overrides
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Packages
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c
and
https://github.com/editorconfig/editorconfig-core-test (shipped as a second orig tarball to fill out the tests/ directory) |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
TODO - The package does not run an autopkgtest.
[Quality assurance - packaging]
debian/watch is present and works
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because it's a difference of opinion over how to handle debian/copyright formatting
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/source/lintian-overrides
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
- Uses pcre2 instead of the obsolete pcre3
https://people.canonical.com/~ubuntu-archive/transitions/html/pcre2-main.html
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Packages
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c
and
https://github.com/editorconfig/editorconfig-core-test (shipped as a second orig tarball to fill out the tests/ directory) |
|
2022-08-10 08:48:00 |
Christian Ehrhardt |
editorconfig-core (Ubuntu): assignee |
|
Ubuntu Security Team (ubuntu-security) |
|
2022-08-22 16:40:59 |
Steve Beattie |
tags |
kinetic |
kinetic sec-1241 |
|
2022-08-23 14:05:29 |
Jeremy Bícha |
description |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
TODO - The package does not run an autopkgtest.
[Quality assurance - packaging]
debian/watch is present and works
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because it's a difference of opinion over how to handle debian/copyright formatting
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/source/lintian-overrides
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
- Uses pcre2 instead of the obsolete pcre3
https://people.canonical.com/~ubuntu-archive/transitions/html/pcre2-main.html
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Packages
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c
and
https://github.com/editorconfig/editorconfig-core-test (shipped as a second orig tarball to fill out the tests/ directory) |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
TODO - The package does not run an autopkgtest.
[Quality assurance - packaging]
debian/watch is present and works
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because it's a difference of opinion over how to handle debian/copyright formatting
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/source/lintian-overrides
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
- Uses pcre2 instead of the obsolete pcre3
https://people.canonical.com/~ubuntu-archive/transitions/html/pcre2-main.html
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Packages
- Team is already subscribed to the package
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c
and
https://github.com/editorconfig/editorconfig-core-test (shipped as a second orig tarball to fill out the tests/ directory) |
|
2022-10-20 14:45:10 |
Nathan Teodosio |
attachment added |
|
editorconfig-core.diff https://bugs.launchpad.net/bugs/1984104/+attachment/5625505/+files/editorconfig-core.diff |
|
2022-10-20 14:45:10 |
Nathan Teodosio |
attachment added |
|
logtest https://bugs.launchpad.net/bugs/1984104/+attachment/5625506/+files/logtest |
|
2022-12-02 14:15:13 |
Jeremy Bícha |
description |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
TODO - The package does not run an autopkgtest.
[Quality assurance - packaging]
debian/watch is present and works
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because it's a difference of opinion over how to handle debian/copyright formatting
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/source/lintian-overrides
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
- Uses pcre2 instead of the obsolete pcre3
https://people.canonical.com/~ubuntu-archive/transitions/html/pcre2-main.html
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Packages
- Team is already subscribed to the package
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c
and
https://github.com/editorconfig/editorconfig-core-test (shipped as a second orig tarball to fill out the tests/ directory) |
[Availability]
The package editorconfig-core is already in Ubuntu universe.
The package editorconfig-core build for the architectures it is designed to work on (all Ubuntu architectures except i386 which isn't needed)
https://launchpad.net/ubuntu/+source/editorconfig-core
[Rationale]
The package libeditorconfig0 is required in Ubuntu main for gnome-text-editor 43.
It is required in Ubuntu main no later than August 25 because that's Feature Freeze for Ubuntu 22.10. It's a desktop team goal to ship GNOME 43 as completely as possible for Ubuntu 22.10.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no open Ubuntu bug reports except for this MIR. No serious Debian bugs.
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/editorconfig-core
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=editorconfig-core
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
- The package runs an autopkgtest, and is currently passing on all architectures except i386 (where it's not built)
https://autopkgtest.ubuntu.com/packages/e/editorconfig-core
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/tests/upstream-tests
[Quality assurance - packaging]
debian/watch is present and works
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu2
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because it's a difference of opinion over how to handle debian/copyright formatting
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/source/lintian-overrides
- This package has no python2 or GTK2 dependencies
- The package will be installed by default and does not ask debconf questions
- Packaging and build is easy using dh7 style rules
https://salsa.debian.org/debian/editorconfig-core/-/blob/master/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
- Uses pcre2 instead of the obsolete pcre3
https://people.canonical.com/~ubuntu-archive/transitions/html/pcre2-main.html
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Desktop Packages
- Team is already subscribed to the package
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
Homepage: https://editorconfig.org/
Link to upstream code:
https://github.com/editorconfig/editorconfig-core-c
and
https://github.com/editorconfig/editorconfig-core-test (shipped as a second orig tarball to fill out the tests/ directory) |
|
2023-01-23 20:40:02 |
Mark Esler |
bug watch added |
|
https://github.com/editorconfig/editorconfig-core-c/issues/55 |
|
2023-01-23 20:40:02 |
Mark Esler |
cve linked |
|
2022-24765 |
|
2023-01-23 20:40:02 |
Mark Esler |
cve linked |
|
2023-0341 |
|
2023-01-23 20:40:10 |
Mark Esler |
editorconfig-core (Ubuntu): assignee |
Ubuntu Security Team (ubuntu-security) |
|
|
2023-01-23 20:40:16 |
Mark Esler |
editorconfig-core (Ubuntu): status |
New |
In Progress |
|
2023-01-23 20:40:23 |
Mark Esler |
bug |
|
|
added subscriber Mark Esler |
2023-01-28 18:14:50 |
Jeremy Bícha |
tags |
kinetic sec-1241 |
kinetic lunar sec-1241 update-excuse |
|
2023-01-31 16:11:17 |
Lukas Märdian |
editorconfig-core (Ubuntu): status |
In Progress |
Fix Committed |
|
2023-01-31 16:11:25 |
Lukas Märdian |
bug |
|
|
added subscriber Ubuntu Package Archive Administrators |
2023-01-31 18:39:54 |
Steve Langasek |
editorconfig-core (Ubuntu): status |
Fix Committed |
Fix Released |
|