[Bug 2134583] [NEW] [MIR] gnome-shell-ubuntu-extensions

[Treviño]

Public bug reported:

[Availability]
The package gnome-shell-ubuntu-extensions is already in Ubuntu universe.
The package gnome-shell-ubuntu-extensions build for the architectures it is 
designed to work on.
It currently builds and works for architectures: all
Link to package 
https://launchpad.net/ubuntu/+source/gnome-shell-ubuntu-extensions

Also all the source contents of the gnome-shell-ubuntu-extensions package are
already part of ubuntu as separated source packages at the moment:
 - gnome-shell-extension-appindicator
 - gnome-shell-extension-desktop-icons-ng
 - gnome-shell-extension-ubuntu-tiling-assistant
 - gnome-shell-extension-ubuntu-dock

[Rationale]
 - The package gnome-shell-ubuntu-extensions is required in Ubuntu main to be
   a dependency of ubuntu-desktop-minimal as it provides the extensions that are
   required to get the ubuntu desktop experience in GNOME Shell.
 - The package is meant to replace the single extensions packages that are
   already in main:
    - gnome-shell-extension-appindicator (MIR-Bug LP: #1712344)
    - gnome-shell-extension-desktop-icons-ng (MIR-Bug LP: #1916511)
    - gnome-shell-extension-tiling-assistant (MIR-Bug LP: #2007710)
    - gnome-shell-extension-ubuntu-dock (MIR-Bug LP: #1711310)
 - By having a single package for them we can control better the updates of
   GNOME Shell and to the extensions, by making it easier if an extension may
   break GNOME shell or any other extension of the set.
 - The package is already a test-dependency of GNOME shell autopkgtests
 - We want (ideally as part of GNOME 50 cycle) to be able to add integration
   tests to all the extensions, and they need to be part of the same source
   package if we want (and we do) use the upstream testing tooling.
 - SRU new upstream fixes will be easier for everybody:
   * We can just bump a local dependency and get the upstream fixes
   * Testing a single package will allow to check how all the extensions work
     together given the proposed changes
   * Reviewers do not have to go through patches reviews (and to diffs on
     patches), but rather to check the actual changes we're proposing
  - Debian dependency system allows already something similar but requires us
    to maintain many duplicated versions checks.

All binary packages built by gnome-shell-ubuntu-extensions need to be in main to
ensure that ubuntu-desktop-minimal can depend on them (it's only one at the
moment).

- The package gnome-shell-ubuntu-extensions is required in Ubuntu main no later
  than Resolute Feature Freeze (or likely before).

[Security]
- No CVEs/security issues in this software in the past

  https://ubuntu.com/security/cve?package=gnome-shell-ubuntu-extensions
  https://ubuntu.com/security/cve?package=gnome-shell-extension-appindicator
  https://ubuntu.com/security/cve?package=gnome-shell-extension-desktop-icons-ng
  https://ubuntu.com/security/cve?package=gnome-shell-extension-tiling-assistant
  https://ubuntu.com/security/cve?package=gnome-shell-extension-ubuntu-dock

 - no `suid` or `sgid` binaries
 - Packages does not open privileged ports (ports < 1024)
 - Package does expose an external endpoint, but only local ones via DBus APIs
   to show indicators or customize the dock icons.
 - Packages does not contain extensions to security-sensitive software
 - no executables in `/sbin` and `/usr/sbin`
   However we do execute some JS code through gjs, in particular
   * /usr/share/gnome-shell/extensions/d...@rastersoft.com/app/ding.js
     (limited via apparmor profile)
   * 
/usr/share/gnome-shell/extensions/d...@rastersoft.com/app/createThumbnail.js
   * /usr/share/gnome-shell/extensions/ubuntu-d...@ubuntu.com/locationsWorker.js

In general all the code here is still security/privacy relevant since it gets
loaded by GNOME Shell in the user process of the compositor, and it can access
to the user data and could potentially read user credentials.

However such code has been already re-reviewed both during the ubuntu MIR
processes and continuously by the upstream extensions review process:
 https://gjs.guide/extensions/review-guidelines/review-guidelines.html

[Quality assurance - function/usage]
- The package works well right after install

[Quality assurance - maintenance]
- The package is maintained well in Ubuntu and Upstream and does
  not have too many, long-term & critical, open bugs
  - Ubuntu 
https://bugs.launchpad.net/ubuntu/+source/gnome-shell-ubuntu-extensions/+bug
  - Ubuntu 
https://bugs.launchpad.net/ubuntu/+source/gnome-shell-extension-appindicator/+bug
  - Upstream 
https://github.com/ubuntu/gnome-shell-extension-appindicator/issues/
  - Ubuntu 
https://bugs.launchpad.net/ubuntu/+source/gnome-shell-extension-desktop-icons-ng/+bug
  - Upstream https://gitlab.com/smedius/desktop-icons-ng/-/issues
  - Ubuntu 
https://bugs.launchpad.net/ubuntu/+source/gnome-shell-extension-tiling-assistant/+bug
  - Upstream https://github.com/Leleat/Tiling-Assistant/issues
  - Ubuntu 
https://bugs.launchpad.net/ubuntu/+source/gnome-shell-extension-ubuntu-dock/+bug
  - Upstream https://github.com/micheleg/dash-to-dock/issues

- The package does not deal with exotic hardware we cannot support

[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
  it makes the build fail, link to build log
  
https://launchpadlibrarian.net/836597897/buildlog_ubuntu-resolute-amd64.gnome-shell-ubuntu-extensions_49.26.04.0ubuntu_BUILDING.txt.gz

- The package runs an autopkgtest, and is currently passing on all
  architectures except s390x (but it's not a regression)
  https://autopkgtest.ubuntu.com/packages/gnome-shell-ubuntu-extensions
  It's also used to run the gnome-shell autopkgtests:
  https://autopkgtest.ubuntu.com/packages/gnome-shell

The autopkgtest does some basic checks, but gnome-shell package is using this
package to run the autopkgtest as dependency.
So if loading any of these extensions fail at runtime gnome-shell autopkgtest
will fail.

- The package does have not failing autopkgtests right now

[Quality assurance - packaging]
- debian/watch is not present because it is a native package
- debian/control defines a correct Maintainer field
- This package does not yield any lintian Warnings, Errors

We run lintian --pedantic as part of our CI (see lintian results table):
 - 
https://github.com/ubuntu/gnome-shell-ubuntu-extensions/actions/runs/20104413580

- Lintian overrides are present, but they are ok to cover a non-executable
  script that we launch from an extension using the verified gjs binary path
  rather than relying on system.

- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- We are removing also any GTK3 dependency

- The package will be installed by default, but does not ask debconf

- Packaging and build is easy:
  
https://github.com/ubuntu/gnome-shell-ubuntu-extensions/blob/49.26.04.0ubuntu/debian/rules
We only override some default rules in order to adapt to the package needs.

[UI standards]
- Application is end-user facing, Translation is present, via standard
  intltool/gettext and fetched at build time via meson.
  Each extension uses different translation domains.

- End-user applications without desktop file, not needed because the extensions
  are loaded by gnome shell and they are not expected to be launched by the user
  directly

[Dependencies]
- Used check-mir from ubuntu-dev-tools to validate
  all dependencies or recommends are in main.

[Standards compliance]
- This package correctly follows FHS and Debian Policy

[Maintenance/Owner]
- The owning team will be ~ubuntu-desktop and I have their acknowledgment for
  that commitment
- The future owning team is not yet subscribed, but will subscribe to
  the package before promotion

- The team ~ubuntu-desktop is aware of the implications of vendored code and (as
  alerted by the security team) commits to provide updates and backports
  to the security team for any affected vendored code for the lifetime
  of the release (including ESM).

- This package uses vendored code and tracked using meson wrap files that must
  point to specific versions, refreshing that code is outlined in
  debian/README.source and checked by CI and during source builds.

- This package is not rust based

- The package has been built within the last 3 months in the archive
- Build link on launchpad:
  
https://launchpadlibrarian.net/836597897/buildlog_ubuntu-resolute-amd64.gnome-shell-ubuntu-extensions_49.26.04.0ubuntu_BUILDING.txt.gz

- This change will not impact other teams

[Background information]
The Package description explains the package well

** Affects: gnome-shell-ubuntu-extensions (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2134583

Title:
  [MIR] gnome-shell-ubuntu-extensions

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell-ubuntu-extensions/+bug/2134583/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs