Comment 2 for bug 1861268

[Summary]
Alternative D-Bus implementation for Python applications.

MIR team -1 due to duplication of function; if we could switch over all reverse-depends in main this switch would be re-considered.

I've asked the Ubuntu OpenStack team to review use of python3-keyring to see if we can remove 3/4 of the reverse-depends that hold keyring in main - launchpadlib seems to be a potential blocker.

Would require security team review due to integration with D-Bus.

[Duplication]
Pure Python DBus implementation, fulfilling the same function as dbus-python.

python-secretstorage has migrated to jeepney, however there are a large number of other packages that still depend on python3-dbus:

$ reverse-depends -c main python3-dbus
Reverse-Depends
* hplip [amd64 arm64 armhf ppc64el s390x]
* language-selector-common
* networkd-dispatcher
* python3-aptdaemon
* python3-cupshelpers
* python3-dbus-dbg
* python3-secretstorage
* software-properties-common
* system-config-printer
* system-config-printer-common
* system-config-printer-udev [amd64 arm64 armhf ppc64el s390x]
* ubiquity-frontend-gtk [amd64 arm64 armhf ppc64el]
* ubuntu-release-upgrader-gtk
* ubuntu-system-service
* unattended-upgrades
* update-manager
* update-notifier [amd64 arm64 armhf ppc64el s390x]
* update-notifier-common
* usb-creator-common [amd64]
* usb-creator-gtk [amd64]

I suspect its unlikely that these will all migrate during the Focal timeframe so including this package into main would duplicate functionality.

[Embedded sources and static linking]
- no embedded source present
- no static linking

[Security]
- no history of CVEs
- does not use webkit1,2
- does not use lib*v8 directly
- does not process arbitrary web content
- does not use centralized online accounts
- does not integrate arbitrary javascript into the desktop
- does not deal with system authentication (eg, pam), etc)
- does not run a daemon as root
- does not open a port

But it has quite some security sensitive elements:
- does not parse data formats
- integrates with D-Bus
- access to all data passed in between

Will require security team review.

[Common blockers]
- does not currently FTBFS
- no translation present, but none needed
- no python2
- has autopkgtests
- lacks a team bug subscriber

[Packaging red flags]
- In sync with debian
- symbols tracking not applicable for this code.
- d/watch is present and works
- Upstream update history is good
- Limited Debian/Ubuntu history (new for focal)
- the current release is packaged
- no MOTU problem
- no Lintian warnings
- d/rules nice and clean
- not using Built-Using
- no golang package for extra considerations about that

[Upstream red flags]
- no errors during the build
- no incautious use of malloc/sprintf (N/A)
- no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH
- no use of user nobody
- no use of setuid
- no significant open bug reports upstream
- no dependency on webkit, qtwebkit, seed or libgoa-*
- no embedded source copies
- not part of the UI for extra checks