** Description changed: [Availability] The package ruby-rackup is already in Ubuntu universe, in the -proposed pocket. The package ruby-rackup build for the architectures it is designed to work on. It currently builds and works for architectures: amd64 (all) Link to package https://launchpad.net/ubuntu/+source/ruby-rackup [Rationale] ruby-rackup is a CLI interface for rack-compatible applications, and provides some programming interface as well. It used to be the default CLI tool for ruby-rack and part of its source, but was separated to another gem in rack v3.*. As a result of that separation, it became a Recommends of ruby-rack, which is in main, and thus needs to be in main too. There would be the alternative to just downgrade it to a Suggests instead of a Recommends, but that would only solve the problem for ruby- rack itself. As it was the default before, packages adapted to the new rack version by depending on ruby-rakcup. pcs is one of those packages, and the new version of pcs (yet to be merged) will need rackup as a depencency in main. The ruby-rackup source builds a single homonymous binary. The package ruby-rackup is required in Ubuntu main as soon as possible, because the component-mismatch blocks the migration of ruby-rack (which is already kind of late unfortunately) [Security] ruby-rackup is a rather new package. it seems to have had no security issues in the past: - https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ruby-rackup shows nothing - searching for 'site:www.openwall.com/lists/oss-security ruby-rackup' returns no results - https://ubuntu.com/security/cves?package=ruby-rackup shows nothing (when it loads) - https://security-tracker.debian.org/tracker/source-package/ruby-rackup shows nothing there is a single binary in the package, "rackup", which is starting the rack server. - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024). - Package does not expose any external endpoints - Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] The package needs post install configuration or reading of documentation. This is not related to quality or security: rackup needs a config.ru file telling it exactly what to run, and that depends on the user's environment and rack application characteristics, thus no default. [Quality assurance - maintenance] The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs: - Ubuntu https://bugs.launchpad.net/ubuntu/+source/ruby-rackup/+bug - there is only the bug about ruby-rack migrating. - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=ruby-rackup - Upstream https://github.com/rack/rackup/issues - nothing critical ATM The package does not deal with exotic hardware we cannot support [Quality assurance - testing] The package includes a non-trivial test suite. The package runs a test suite on build time, if it fails, it makes the build fail, as seen in https://launchpadlibrarian.net/801568193/buildlog_ubuntu-questing-amd64.ruby-rackup_2.1.0-4_BUILDING.txt.gz - The package runs an autopkgtest, and is currently passing on <TBD> architectures, link to test logs TBD - TODO-A: - The package does have not failing autopkgtests right now - TODO-B: - The package does have failing autopkgtests tests right now, but since - TODO-B: they always failed they are handled as "ignored failure", this is - TODO-B: ok because TBD - This will be filled as soon as the autopkgtest infra recovers from a bad time. - + The package runs autopkgtests, as seen in debian/control; it should be the same test suite executed at build time. + Information about results TBD. + This will be filled as soon as the autopkgtest infra recovers from the current bad times. [Quality assurance - packaging] debian/watch is present and works debian/control defines a correct Maintainer field This package does not yield massive lintian Warnings, Errors Link to a recent build log of the package: https://launchpadlibrarian.net/801568193/buildlog_ubuntu-questing-amd64.ruby-rackup_2.1.0-4_BUILDING.txt.gz The full output from `lintian --pedantic` against the source is short: - $ lintian --pedantic - W: ruby-rackup source: newer-standards-version 4.7.0 (current is 4.6.2) + $ lintian --pedantic + W: ruby-rackup source: newer-standards-version 4.7.0 (current is 4.6.2) Lintian overrides are not present This package does not rely on obsolete or about to be demoted packages. The package will not be installed by default Packaging and build is easy, as seen in debian/rules: https://git.launchpad.net/ubuntu/+source/ruby-rackup/tree/debian/rules [UI standards] The part of the application that is end-user facing (the rackup binady) has no text strings; the library is only interacting with ruby-rack, so translations are not a concern. The end-user application have no desktop file, as it's a command line interface only. [Dependencies] No further depends or recommends dependencies that are not yet in main [Standards compliance] This package correctly follows FHS and Debian Policy [Maintenance/Owner] I Suggest the owning team to be ubuntu-server - The future owning team is not yet subscribed, but will subscribe to the package before promotion. The request is open: + The future owning team is not yet subscribed, but will subscribe to the package before promotion. The request is open: https://code.launchpad.net/~rr/+git/team-subscriptions/+merge/487859 This package does not use static builds This package does not use vendored code This package is not rust based - The package has been built within the last 3 months in PPA: https://launchpad.net/~rr/+archive/ubuntu/mir-ruby-rackup [Background information] The Package description explains the package well Upstream Name is rackup Link to upstream project: https://github.com/rack/rackup
** Description changed: [Availability] The package ruby-rackup is already in Ubuntu universe, in the -proposed pocket. The package ruby-rackup build for the architectures it is designed to work on. It currently builds and works for architectures: amd64 (all) Link to package https://launchpad.net/ubuntu/+source/ruby-rackup [Rationale] ruby-rackup is a CLI interface for rack-compatible applications, and provides some programming interface as well. It used to be the default CLI tool for ruby-rack and part of its source, but was separated to another gem in rack v3.*. As a result of that separation, it became a Recommends of ruby-rack, which is in main, and thus needs to be in main too. There would be the alternative to just downgrade it to a Suggests instead of a Recommends, but that would only solve the problem for ruby- rack itself. As it was the default before, packages adapted to the new rack version by depending on ruby-rakcup. pcs is one of those packages, and the new version of pcs (yet to be merged) will need rackup as a depencency in main. The ruby-rackup source builds a single homonymous binary. The package ruby-rackup is required in Ubuntu main as soon as possible, because the component-mismatch blocks the migration of ruby-rack (which is already kind of late unfortunately) [Security] ruby-rackup is a rather new package. it seems to have had no security issues in the past: - https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ruby-rackup shows nothing - searching for 'site:www.openwall.com/lists/oss-security ruby-rackup' returns no results - https://ubuntu.com/security/cves?package=ruby-rackup shows nothing (when it loads) - https://security-tracker.debian.org/tracker/source-package/ruby-rackup shows nothing there is a single binary in the package, "rackup", which is starting the rack server. - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024). - Package does not expose any external endpoints - Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] The package needs post install configuration or reading of documentation. This is not related to quality or security: rackup needs a config.ru file telling it exactly what to run, and that depends on the user's environment and rack application characteristics, thus no default. [Quality assurance - maintenance] The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs: - Ubuntu https://bugs.launchpad.net/ubuntu/+source/ruby-rackup/+bug - there is only the bug about ruby-rack migrating. - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=ruby-rackup - Upstream https://github.com/rack/rackup/issues - nothing critical ATM The package does not deal with exotic hardware we cannot support [Quality assurance - testing] The package includes a non-trivial test suite. The package runs a test suite on build time, if it fails, it makes the build fail, as seen in https://launchpadlibrarian.net/801568193/buildlog_ubuntu-questing-amd64.ruby-rackup_2.1.0-4_BUILDING.txt.gz - The package runs autopkgtests, as seen in debian/control; it should be the same test suite executed at build time. - Information about results TBD. - This will be filled as soon as the autopkgtest infra recovers from the current bad times. + The package runs an autopkgtest, and is currently passing on <TBD> architectures, link to test logs TBD + TODO-A: - The package does have not failing autopkgtests right now + TODO-B: - The package does have failing autopkgtests tests right now, but since + TODO-B: they always failed they are handled as "ignored failure", this is + TODO-B: ok because TBD + This will be filled as soon as the autopkgtest infra recovers from a bad time. [Quality assurance - packaging] debian/watch is present and works debian/control defines a correct Maintainer field This package does not yield massive lintian Warnings, Errors Link to a recent build log of the package: https://launchpadlibrarian.net/801568193/buildlog_ubuntu-questing-amd64.ruby-rackup_2.1.0-4_BUILDING.txt.gz The full output from `lintian --pedantic` against the source is short: $ lintian --pedantic W: ruby-rackup source: newer-standards-version 4.7.0 (current is 4.6.2) + The full output of the same run against the ruby-rackup binary is also short: + $ lintian --pedantic ruby-rackup_2.1.0-4_all.deb + W: ruby-rackup: no-manual-page [usr/bin/rackup] Lintian overrides are not present This package does not rely on obsolete or about to be demoted packages. The package will not be installed by default Packaging and build is easy, as seen in debian/rules: https://git.launchpad.net/ubuntu/+source/ruby-rackup/tree/debian/rules [UI standards] The part of the application that is end-user facing (the rackup binady) has no text strings; the library is only interacting with ruby-rack, so translations are not a concern. The end-user application have no desktop file, as it's a command line interface only. [Dependencies] No further depends or recommends dependencies that are not yet in main [Standards compliance] This package correctly follows FHS and Debian Policy [Maintenance/Owner] I Suggest the owning team to be ubuntu-server The future owning team is not yet subscribed, but will subscribe to the package before promotion. The request is open: https://code.launchpad.net/~rr/+git/team-subscriptions/+merge/487859 This package does not use static builds This package does not use vendored code This package is not rust based The package has been built within the last 3 months in PPA: https://launchpad.net/~rr/+archive/ubuntu/mir-ruby-rackup [Background information] The Package description explains the package well Upstream Name is rackup Link to upstream project: https://github.com/rack/rackup ** Changed in: ruby-rackup (Ubuntu) Assignee: Renan Rodrigo (rr) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2115399 Title: [MIR] ruby-rackup To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ruby-rackup/+bug/2115399/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
