Comment 15 for bug 1746772

I reviewed pymacaroons 0.9.2-0ubuntu1 as checked in to Xenial.

pymacaroons is a python implementation of the Macaroon concept - like
cookies but with caveats, allowing delegation and attenuation of
authority - so kind of like capabilites (the real ones, not POSIX /
Linux ones).

- No CVE history in our database
- Depends:
  - debhelper, dh-python, python[3], python[3]-all, python[3]-libnacl,
    python[3]-setuptools, python[3]-six
  - Nothing out of the ordinary for a python package, in particular uses
    python[3]-libnacl for the crypto
- Does not itself do networking
- Does not daemonize
- No pre/post inst/rm
- No init scripts
- No dbus services
- No setuid files
- No binaries in the PATH
- No sudo fragments
- No udev rules
- No test suite - upstream has one but this does not seem to exist in
  the orig tarball and no autopkgtest either :(
- No cron jobs
- Clean build logs

- No subprocesses spawned
- No file IO
- No logging
- No environment variable use
- No privileged functions
- No networking
- No privileged portions of code
- No temp files
- No WebKit
- No PolKit

No particular issues identified other than the missing test suite :/ -
security team ACK for promoting to main for Xenial/Trusty.