[MIR] libhandy
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libhandy (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Availability
============
Built for all supported architectures. In sync with Debian.
Rationale
=========
libhandy is an extension of GTK3 to allow for so-called responsive design or reactive layout. libhandy is developed by Purism which aims to produce a phone running a complete free software stack. Purism wants to enable a form of GNOME to run on the phone as an option (KDE Plasma and even Ubuntu Touch may be available later too).
Ubuntu 19.04's gnome-control-
Besides gnome-control-
Security
========
No known security issues
https:/
https:/
Quality assurance
=================
- Ubuntu Desktop bugs needs to be subscribed
https:/
https:/
https:/
There is an autopkgtest passing on all architectures to test C compiling of a minimal libhandy app.
The upstream test suite is run during the build using dh_auto_test.
https:/
https:/
Dependencies
============
All dependencies for the library are in main.
We do not want the -dev package promoted to main because it depends on glade which the Ubuntu Desktop Team doesn't want to support in main at this time.
glade used to be in main until we allowed universe Build-Depends shortly before Ubuntu 16.04 LTS's release.
glade is old enough that it never had a MIR in Launchpad.
libhandy does provide a build option for the Glade catalog feature. It feels like it would be really useful to developers to have libhandy support in the Glade app (or in GNOME Builder which now offers Glade editing.) Glade is a GUI tool for building user interfaces for GTK apps (instead of needing to code them manually with XML or your favorite programming language).
Standards compliance
=======
4.1.3, debhelper compat 12, simple dh7 style rules
Maintenance
===========
Maintained in Debian by one of the Purism libhadny developers
https:/
https:/
Other Info
==========
At a recent GTK hackfest, moving some of libhandy's functionality into GTK4 was discussed. It's trickier to do that with GTK3 since GTK3 is supposed to be in stable mode since 2016.
https:/
The library is under heavy development:
https:/
Related branches
- Ubuntu Core Development Team: Pending requested
-
Diff: 2154 lines (+1814/-0) (has conflicts)48 files modifiedSTRUCTURE (+31/-0)
boot (+3/-0)
build-essential (+3/-0)
cloud-image (+11/-0)
desktop (+65/-0)
desktop-default-languages (+17/-0)
desktop-minimal (+172/-0)
desktop-minimal-default-languages (+17/-0)
desktop.minimal-remove (+190/-0)
development (+85/-0)
doc/langpacks.txt (+17/-0)
installer (+3/-0)
lamp-server (+13/-0)
languages/STRUCTURE (+16/-0)
languages/desktop-de (+24/-0)
languages/desktop-en (+27/-0)
languages/desktop-es (+16/-0)
languages/desktop-fr (+19/-0)
languages/desktop-it (+19/-0)
languages/desktop-minimal-de (+11/-0)
languages/desktop-minimal-en (+7/-0)
languages/desktop-minimal-es (+11/-0)
languages/desktop-minimal-fr (+11/-0)
languages/desktop-minimal-it (+11/-0)
languages/desktop-minimal-pt (+11/-0)
languages/desktop-minimal-ru (+11/-0)
languages/desktop-minimal-zh (+23/-0)
languages/desktop-pt (+24/-0)
languages/desktop-ru (+16/-0)
languages/desktop-zh (+9/-0)
live (+35/-0)
mail-server (+17/-0)
minimal (+3/-0)
openssh-server (+10/-0)
print-server (+15/-0)
required (+3/-0)
samba-server (+17/-0)
server (+65/-0)
server-ship (+278/-0)
server-ship-live (+43/-0)
ship (+68/-0)
ship-live (+35/-0)
standard (+3/-0)
supported (+217/-0)
supported-desktop-extra (+43/-0)
supported-kiosk (+6/-0)
system-image (+46/-0)
wsl (+17/-0)
description: | updated |
description: | updated |
Doing the usual MIR checks I found most of them to be good:
- Duplication: it is actually deduplicating the embedded copies
- no lintian complains about packaging
- no functional bugs in Debian / Ubuntu yet (not used that much thou)
- Upstream is at and LGTM
- no embedded other libs
- no static linking
- d/rules and d/control are very clean
- meson build seems straight forward
- hardning=+all is in place
- runs (a few) build time self-tests
- you volunteered Ubuntu-Desktop as package subscriber
- no FTBFS currently nor in the recent history
- symbols are tracked for dh_makeshlibs
- packaging hs the most current release and updates ~monthly at least for now
- LD_LIBRARY_PATH only used in build
- no sudo (or similar) usage
Not perfect, but ok: ation prepared (po/*) but only english so far
- autopkgtest only tests pkg-config and build against libhandy-dev
- yes it has no CVEs (yet), but it is too new to really know; a security evaluation is needed (probably ok thou since the siilar code is atm bundled in other packages in main)
- it has internationaliz
- usually a watch file would be nice but since upstream ~= Debian and doesn't release tarballs (but git tags) this doesn't really apply
- at least the -dev package depends on further universe packages e.g. libgladeui-2-6 do you intend (and ensure) to only pull libhandy-0.0 but no others to main?
Questions:
- the version number 0.0.7 is very unconvincing, does that mean it is still chaning API/ABI frequently - do you know if there is any major release planned that we should wait for?
- Debian bug 909075 holds it back from Debian and testing/integration there, should we wait until that is resolved (probably post buster) to move to it as well?
- (minor) build issue that could be resolved - do you want to contrib to Debian to even clean those?
- "dpkg-gencontrol: warning: Depends field of package gir1.2-handy-0.0: substitution variable ${shlibs:Depends} used, but is not defined"
- the docs might be incomplete "warning: no link for ..."
It will be nice to get the answers to the questions above resolved before completion, but IMHO we can already assign this to security for their review to appear on their queue.
[1]: https:/ /source. puri.sm/ Librem5/ libhandy /bugs.debian. org/cgi- bin/bugreport. cgi?bug= 909075
[2]: https:/