[Bug 1978066] Re: [MIR] jigit
Lukas Märdian
1978066 at bugs.launchpad.net
Wed Jul 27 13:11:29 UTC 2022
So the src:jigit MIR was rejected by the security team. Therefore, I'm
marking this WONTFIX.
We're dropping the jigit (libjte2) dependencies from libisoburn and
libisofs in order to avoid that dependency and allow the others (LP:
#1977959) to migrate independently.
https://code.launchpad.net/~alexghiti/ubuntu/+source/libisoburn/+git/libisoburn/+merge/427475
https://code.launchpad.net/~alexghiti/ubuntu/+source/libisofs/+git/libisofs/+merge/427474
** Changed in: jigit (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to jigit in Ubuntu.
https://bugs.launchpad.net/bugs/1978066
Title:
[MIR] jigit
Status in jigit package in Ubuntu:
Won't Fix
Status in usb-creator package in Ubuntu:
Confirmed
Bug description:
[Availability]
The package jigit is already in Ubuntu universe.
The package jigit build for the architectures it is designed to work on.
It currently builds and works for architectures: amd64, arm64, armhf, ppc64el, riscv64, s390x
Link to package [[https://launchpad.net/ubuntu/+source/jigit|jigit]]
[Rationale]
- The package jigit is required in Ubuntu main for libisofs (in turn needed for usb-creator)
- The package jigit will not generally be useful for a large part of
our user base, but is important/helpful still because Debian is still using this file format to
publish its releases.
- The package jigit is a new runtime dependency of package usb-creator that
we already support
- It would be great and useful to community/processes to have the
package jigit in Ubuntu main, but there is no definitive deadline.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- Binary mkjigsnap in sbin => this requires security review
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
(filters, scanners, plugins, UI skins, ...)
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has not too many
and long term critical bugs open
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/jigit/+bug
=> 2 bugs open for years, one incomplete and one briefly asking for multiarch support.
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=jigit
=> Only 3 that are not important but they have been open for years (one from 2004!)
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package does not run a test at build time because no testsuite exists upstream
- The package does not run an autopkgtest because no testsuite exists upstream
- The package can be tested at autopktest time by adding a test that is actually described in libjte/test/demo.c file and that will be added before the promotion (https://launchpad.net/~alexghiti/+archive/ubuntu/riscv/+sourcepub/13673149/+listing-archive-extra)
[Quality assurance - packaging]
- debian/watch is not present and there is nothing explaining how to create the source tar: a bug report
from 2013 proposed to add a watchfile but the maintainer refused it (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697700)
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package https://launchpadlibrarian.net/464118381/buildlog_ubuntu-focal-amd64.jigit_1.22-3build1_BUILDING.txt.gz
- Please attach the full output you have got from
`lintian --pedantic` as an extra post to this bug.
$ lintian --pedantic
P: jigit source: no-dep5-copyright [debian/copyright]
P: jigit source: package-uses-old-debhelper-compat-version 10
P: jigit source: silent-on-rules-requiring-root [debian/control]
P: jigit source: trailing-whitespace debian/changelog (line 169)
P: jigit source: trailing-whitespace debian/changelog (line 226)
P: jigit source: trailing-whitespace debian/control (line 19)
P: jigit source: trailing-whitespace ... use --no-tag-display-limit to see all (or pipe to a file/program)
P: jigit source: very-long-line-length-in-source-file libjte/aclocal.m4 line 6631 is 738 characters long (>512)
P: jigit source: very-long-line-length-in-source-file libjte/configure line 10420 is 704 characters long (>512)
P: jigit source: very-long-line-length-in-source-file libjte/libtool.m4 line 6621 is 738 characters long (>512)
- Lintian overrides are not present
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf
questions higher than medium
- Packaging and build is easy, link to d/rules https://sources.debian.org/src/jigit/1.22-3/debian/rules/
[UI standards]
- Application is end-user facing but no translation is present.
- End-user applications without desktop file, not needed because most users won't use it.
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Foundations
- Team is already subscribed to the package
- This does not use static builds
- This does not use vendored code
- The package successfully built during the most recent test rebuild (https://launchpad.net/ubuntu/+archive/test-rebuild-20220317-jammy/+sourcepub/13319228/+listing-archive-extra)
[Background information]
The Package description explains the package well
Upstream Name is jigit
Link to upstream project https://www.einval.com/~steve/software/JTE/
~
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/jigit/+bug/1978066/+subscriptions
More information about the foundations-bugs
mailing list