[Availability] - The package TBDSRC is already in Ubuntu universe. - The package TBDSRC build for the architectures it is designed to work on. - It currently builds and works for architectures: (x86 + arm atm, others would work the same once there is a need to define dependencies there) - Link to package https://launchpad.net/ubuntu/+source/isa-support
[Rationale] - The package isa-support will not generally be useful for a large part of our user base, but is helpful still because it allows to express cpu instruction set dependencies is over the base architecture level set. Without isa-support people can install the package and will once using it run into SIG_ILL once instructions are executed that are not supported. Not a nice user experience. Per policy we try to avoid that, but some upstream projecits might insist on particular instructions and for those this package is handy. As it replaces a sudden unexpected SIG_ILL with a proper error at pre-inst without every package requiring to code and fix the same logic. For more see the readme file in the package. - There is no other/better way to solve this that is already in main or should go universe->main instead of this. - The package TBDSRC is required in Ubuntu main no later than ~Sept 1st due to the oracular freeze on Sept 16th. If possible it would be great to stay even before feature freeze on Aug 15th. [Security] - No CVEs/security issues in this software in the past I must also mention that, due to what this conceptually is, there is almost no attack surface. No dameon, no data processed, no ... - hence I'd expect this might not need a deeper security review. - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - No active code after the install phase, hence no isolation/risk-mitigation for binaries or services is applied (but that should IHO be ok) - Packages does not open privileged ports (ports < 1024). - Package does not expose any external endpoints - Packages does not contain extensions to security-sensitive software (filters, scanners, plugins, UI skins, ...) - No cryptographic algorithms in use (neither old nor new) [Quality assurance - function/usage] - The package works well right after install (actually "at" install) [Quality assurance - maintenance] - The package is maintained well in Debian and does not have long-term & critical, open bugs - Ubuntu https://bugs.launchpad.net/ubuntu/+source/isa-support/+bug - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=isa-support - Upstream's bug tracker = Debian's tracker - The package does not deal with exotic hardware we cannot support. Features added are always also tested and expressed via qemu emulating the same enabling the ability to test it anywhere. [Quality assurance - testing] - The package does not run a test suite on build time, but it has an autopkgtest for each feature it supports, and is currently passing on this all architectures, link to test logs: - https://autopkgtest.ubuntu.com/packages/i/isa-support - https://autopkgtest.ubuntu.com/packages/i/isa-support/oracular/amd64 - https://autopkgtest.ubuntu.com/packages/i/isa-support/oracular/armhf Each only executing those that are meant to be for that platform, hence e.g. our armhf skips them all. - The package does have not failing autopkgtests right now (except when it recently detected issues in glibc/2.39-3.1ubuntu2 on i386 AFAICS) [Quality assurance - packaging] - debian/watch is not present because it is a native package - debian/control defines a correct Maintainer field - This package does not yield massive lintian Warnings, Errors https://udd.debian.org/lintian/?packages=isa-support - Lintian overrides are present, but ok because all is has is an optional dependency which makes the output nicer, but should not be depended on intentionally - flagging missing-debconf-dependency-for-preinst. - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will not be installed by default (in fact it has no purpose on its own, but only via being depended on by other software) - Packaging and build is easy, link to debian/rules https://git.launchpad.net/ubuntu/+source/isa-support/tree/debian/rules The only step to understand one needs is that it is all templatized (to avoid mistakes by redundancy) so all that makes a new isa check in isa-list and the rest is generated from there. [UI standards] - Application is end-user facing, Translation is present, via standard intltool/gettext or similar build and runtime internationalization system see debian/po/* - End-user applications without desktop file, not needed because it is only a pre-inst and not a program to be used later [Dependencies] - No further depends or recommends dependencies that are not yet in main [Standards compliance] - This package correctly follows FHS and Debian Policy [Maintenance/Owner] - The owning team will be ubuntu-server and I have their acknowledgement for that commitment - The future owning team is already subscribed to the package - This does not use static builds - This does not use vendored code - This package is not rust based - The package has been built within the last 3 months in the archive - Build link on launchpad: https://launchpad.net/ubuntu/+source/isa-support/24 [Background information] - The Package description explains the package well - Upstream Name is n/a (native Debian package) - Link to upstream project n/a (native Debian package) ** Changed in: isa-support (Ubuntu) Assignee: Christian Ehrhardt (paelzer) => (unassigned) ** Changed in: isa-support (Ubuntu) Status: Incomplete => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073895 Title: [MIR] isa-support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/isa-support/+bug/2073895/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
