Public bug reported: [Availability] The package is already universe for quite a while and build/works fine so far. It is for example already used for https://lists.canonical.com/mailman3/postorius/lists/ OTOH it is a library that can/could be used for much more than just the mailman3 stack.
It builds on amd64 only (arch:all) This package builds python2 and python3 binaries, but the transition to mailman3 will only pull in the python3 binaries. [Rationale] This is part of the MIR activity for all dependencies of mailman3 The "main" MIR of it is at bug 1775427: Mailman (2) has only python2 support, but we strive for python3, therefore Mailman3 which has python3 support should be promoted to main. The code in the src package seems not directly derived from mailman2 so it won't easen the review due to that. [Security] No known CVEs found. Django in general has quite some hits, but this component seems not to be part of it. => https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=django This package in particular is harder to check as the name is "extensions" but it could as well be named "a lot more django relates stuff". I checked the source tree and the CVE entries above against what I found in there, so far no known CVE. To trim the list we are on 2.1.4 and only 7 issues apply to 2.x at all and only 2 apply to 2.1.4. Those two are not part of this package. [Quality assurance] As part of the mailman3 stacks as of now (Disco) this installs fine and works fine. On itself it is useful to (many) other dependencies and does not need a post install configuration on its own. The package does not ask debconf questions. One unimportant bug in Ubuntu and no Debian bugs for this component. Upstream is very active with 44 open and 581 closed issues. Skimming over the list nothing seems very severe, so not blocking the main inclusion. We are slightly out of date and I think we should bump the version somewhen in 19.10 if applicable - but Debian seems to be fast on this one so a auto-sync most likely will do so. The package seems to get semi-regular updates by upstream and Debian. No exotic HW involved. The package utilizes build time self tests. d/watch is set up and ok. No Lintian warning except newer Standards/Compat versions and no HTTPS links uses or GPG checks - nothing severe. The package does not rely on demoted or obsolete packages. py2 packages in this src, but as mentioned we won't pull them into main. No new gt2k dependencies [UI standards] This is a low level library without (a lot) of user visible strings - no translations (needed). No End-user applications that needs a standard conformant desktop file. [Dependencies] Some dependencies are not in main, but we drive MIR for all related packages that are not in main at the same time. Please check the list of bugs from the main Mailman3 MIR in bug 1775427 to get an overview. [Standards compliance] The package meets the FHS and Debian Policy standards. The packaging itself is very straight forward and uses dh_* as much as possible - the d/rules fits on one screen. [Maintenance] The Server team will subscribe for the package for maintenance, but in general it seems low on updates and currently is a sync from Debian. [Background] The package description explains the general purpose and context of the package well. ** Affects: python-django-extensions (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820215 Title: [MIR] python-django-extensions as dependency of mailman3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python-django-extensions/+bug/1820215/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
