[Bug 2142251] [NEW] [MIR] python-configargparse

Launchpad Bug Tracker 2142251 at bugs.launchpad.net
Fri Mar 27 09:31:51 UTC 2026 

You have been subscribed to a public bug by Guillaume Boutry (gboutry):

[Availability]
The package python-configargparse is already in Ubuntu universe.
The package python-configargparse builds for the architectures it is designed to work on.
It currently builds and works for architectures: amd64, arm64, armhf, i386, ppc64el, s390x
Link to package https://launchpad.net/ubuntu/+source/python-configargparse

[Rationale]
- The package python-configargparse is required in Ubuntu main as a runtime requirement of python-awscurl, which is a new requirement of OpenStack Ceilometer.
- The package python-configargparse will not generally be useful for a large part of
  our user base, but is important/helpful still because it is necessary to update OpenStack Ceilometer in Ubuntu Resolute.
- The package pythonconfigargparse is a new runtime dependency of package python-awscurl that we already support.
- There is no other/better way to solve this that is already in main or
  should go universe->main instead of this.
- This is the first time package will be in main
- The binary package python-configargparse needs to be in main to achieve the requirement that all runtime dependencies be in main. The newest version of OpenStack Ceilometer requires python-awscurl which requires python-configargparse.

- The package python-configargparse is required in Ubuntu main no later
than Resolute Release due to it being a requirement of OpenStack
Ceilometer.

[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Security has been kept in mind and common isolation/risk-mitigation
  patterns are in place utilizing the following features:
  This is a pure Python library with no compiled code, no network access, no privileged operations. Notably, YAML config parsing explicitly uses yaml.SafeLoader, and config value evaluation uses ast.literal_eval() rather than eval().
- Packages does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Packages does not contain extensions to security-sensitive software
  (filters, scanners, plugins, UI skins, ...)

[Quality assurance - function/usage]
- The package works well right after install

[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does
  not have too many, long-term & critical, open bugs
  - Ubuntu https://bugs.launchpad.net/ubuntu/+source/python-configargparse/+bug
  - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=python-configargparse
  - Upstream's bug tracker, e.g., GitHub Issues: https://github.com/bw2/ConfigArgParse/issues
- The package does not deal with exotic hardware we cannot support

[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
  it makes the build fail, link to build log: https://launchpad.net/ubuntu/+source/python-configargparse/1.7-2/+build/29263494

- The package does not run an autopkgtest. The justification is that
this is an extremely simple python package that subclasses stdlib
argparse to read options from config files and environment variables.
The build-time pytest suite (50 tests) exercises the full API and there
is no installation-specific behaviour for this package. The Debian
package does not contain autopkgtests and introducing a delta to the
Ubuntu package for installation tests does not feel worth it.

[Quality assurance - packaging]
- A mechanism to detect and fetch new upstream versions is present and works
- debian/control defines a correct Maintainer field

- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package: https://launchpad.net/ubuntu/+source/python-configargparse/1.7-2/+build/29263494
- Please attach the full output you have got from
  `lintian --pedantic` as an extra post to this bug:

P: python-configargparse source: source-contains-prebuilt-python-object
[tests/__init__.pyc]

- Lintian overrides are not present
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will not be installed by default
- Packaging and build is easy, link to debian/rules TBD

[UI standards]
- Application is not end-user facing (does not need translation)

[Dependencies]
- Used check-mir from ubuntu-dev-tools to validate
  all dependencies or recommends are in main.

[Standards compliance]
- This package correctly follows FHS and Debian Policy

[Maintenance/Owner]
- The owning team will be ubuntu-cloud-archive and I have their acknowledgment for that commitment -> they are subscribed to the package.

- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built within the last 3 months in PPA: https://launchpad.net/~mylesjp/+archive/ubuntu/gazpacho-test/+build/32300518
- Build link on launchpad: https://launchpad.net/ubuntu/+source/python-configargparse/1.7-2/+build/29263494 (Plucky build from November 13, 2024)
This change will not impact other teams

[Background information]
The Package description explains the package well
Upstream Name is ConfigArgParse
Link to upstream project: https://github.com/bw2/ConfigArgParse

** Affects: python-configargparse (Ubuntu)
     Importance: Undecided
         Status: In Progress


** Tags: resolute
-- 
[MIR] python-configargparse
https://bugs.launchpad.net/bugs/2142251
You received this bug notification because you are a member of Ubuntu OpenStack, which is subscribed to the bug report.

More information about the Ubuntu-openstack-bugs mailing list