Lintian only has 3*pedantic (debian-watch-does-not-check-gpg-signature, insecure-copyright-format-uri, package-uses-old-debhelper-compat- version) and 1*normal newer-standards-version
There isn't that much history on this package, but since it was part of nova before the history on maintenance is fine and would not stop this MIR. I saw no new Dependencies over what nova had before. Those seem fine to me. We are just now discussing how is security review done in those cases that were in main before (as it was part of nova before the split). @jdstrand - please update here if that will need a security re-review in this case Furthermore we just discussed that for now this will be code duplication. At least it is namespaced, but nova has all the same (slightly outdated) bits in a nova-* namespace https://launchpadlibrarian.net/400622842/buildlog_ubuntu-disco-amd64.nova_2%3A19.0.0~b1~git2018120609.c9dca64fa6-0ubuntu1_BUILDING.txt.gz vs https://launchpadlibrarian.net/400344356/buildlog_ubuntu-disco-amd64.placement_0.0.1~git2018112616.3ccbacfc-0ubuntu1_BUILDING.txt.gz Check e.g. for /usr/bin/placement-api vs /usr/bin/nova-placement-api @Coreyb, as discussed please update here once the strategy on de-duplicating that is clear. Not only for the security Team and you only maintaining one, but also to avoid odd behavior with user switching between one and the other. ** Changed in: placement (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1805691 Title: [MIR] placement To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/placement/+bug/1805691/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
