Thanks Seth, updated the description to reflect that recent change now, too.
** Description changed: [Availability] - TODO: The package gst-thumbnailers is already in Ubuntu universe. - - Not yet, https://bugs.launchpad.net/bugs/2137704 is tracking that. + The package gst-thumbnailers is already in Ubuntu universe. The package gst-thumbnailers builds for the architectures it is designed to work on. It currently builds and works for architectures: amd64, amd64v3, arm64, armhf, ppc64el, riscv64, s390x - https://launchpad.net/~charles05/+archive/ubuntu/gst-thumbnailers + https://launchpad.net/ubuntu/+source/gst- + thumbnailers/1.0~alpha.3-0ubuntu1 [Rationale] The package gst-thumbnailers is required in Ubuntu main for GNOME desktop integration. gst-thumbnailers is the now officially recommended solution for thumbnailing, superceeding the Totem thumbnailers. See: https://gitlab.gnome.org/Teams/Releng/AppOrganization/-/issues/35 The package gst-thumbnailers will generally be useful for a large part of our user base. Package gst-thumbnailers covers the same use case as totem-video-thumbnailer, but is better because it's written in a memory-safe programming language, thereby we want to replace it. There is no other/better way to solve this that is already in main or should go universe->main instead of this. This is the first time package will be in main All binary packages built by gst-thumbnailers need to be in main to achieve consistency with GNOME. It would be great and useful to community/processes to have the package gst-thumbnailers in Ubuntu main, but there is no definitive deadline. [Security] No CVEs/security issues in this software in the past due to the project not seeing widespread adoption yet. no `suid` or `sgid` binaries no executables in `/sbin` and `/usr/sbin` Package does not install services, timers or recurring jobs Package does install services, timers or recurring jobs While GStreamer decoding functions are not isolated, and process untrusted inputs, the image encoding functions are isolated via Bubblewrap using libglycin. It's generally the responsibility of the thumbnailing frontend (e.g. GNOME Files) to run the thumbnailing engine in isolation. Packages does not open privileged ports (ports < 1024). Packages open privileged ports (ports < 1024), but they have a reason to do so (TBD) Package does not expose any external endpoints Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] The package works well right after install [Quality assurance - maintenance] The package is maintained well in Upstream and does not have too many, long-term & critical, open bugs Upstream's bug tracker: https://gitlab.gnome.org/GNOME/gst- thumbnailers/-/issues [Quality assurance - testing] The package runs a test suite on build time, if it fails - it makes the build fail, link to build log https://launchpad.net/~charles05/+archive/ubuntu/gst-thumbnailers/+build/32133876 + it makes the build fail, link to build log https://launchpadlibrarian.net/844094708/buildlog_ubuntu-resolute-amd64.gst-thumbnailers_1.0~alpha.3-0ubuntu1_BUILDING.txt.gz The package runs an autopkgtest, and is currently passing on this TBD list of architectures, link to test logs TBD See, https://salsa.debian.org/ubuntu-dev-team/gst-thumbnailers/-/tree/ubuntu/latest/debian/tests?ref_type=heads TODO: Awaiting initial upload to the archive to get an autopkgtest link. The package does have not failing autopkgtests right now [Quality assurance - packaging] debian/watch is present and works debian/control defines a correct Maintainer field Recent build log of the package: - https://launchpadlibrarian.net/842965163/buildlog_ubuntu-resolute-amd64.gst-thumbnailers_1.0~alpha.1-1ubuntu1~ppa4_BUILDING.txt.gz + https://launchpadlibrarian.net/844094708/buildlog_ubuntu-resolute-amd64.gst-thumbnailers_1.0~alpha.3-0ubuntu1_BUILDING.txt.gz Lintian overrides are present to disable nags about missing manual pages and an unknown field Vendored-Sources-Rust. This is OK because Lintian hasn't been taught about Rust vendoring, it seems. This package does not rely on obsolete or about to be demoted packages. The package will be installed by default, but does not ask debconf questions higher than medium Packaging and build is easy, link to debian/rules: https://salsa.debian.org/ubuntu-dev-team/gst-thumbnailers/-/blob/ubuntu/latest/debian/rules?ref_type=heads [UI standards] Application is not end-user facing (does not need translation) [Dependencies] Used check-mir from ubuntu-dev-tools to validate all dependencies or recommends are in main. [Standards compliance] This package correctly follows FHS and Debian Policy [Maintenance/Owner] I suggest the owning team will be ~desktop-packages The future owning team is not yet subscribed, but will subscribe to the package before promotion. The team ~ubuntu-desktop is aware of the implications by a static build and commits to test no-change-rebuilds and to fix any issues found for the lifetime of the release (including ESM) The team ~ubuntu-desktop is aware of the implications of vendored code and (as alerted by the security team) commits to provide updates and backports to the security team for any affected vendored code for the lifetime of the release (including ESM). This package uses vendored rust code tracked in Cargo.lock as shipped, in the package (at /usr/share/doc/<pkgname>/Cargo.lock - might be compressed), refreshing that code is outlined in debian/README.source This package uses vendored code, refreshing that code is outlined in debian/README.source This package uses vendored code, the debian/copyright has been updated to cover the vendored content This package is rust based and vendors all non language-runtime dependencies The package has been built within the last 3 months in PPA Build link on launchpad: https://launchpad.net/~charles05/+archive/ubuntu/gst-thumbnailers This change will not impact other teams [Background information] - RULE: - The package descriptions should explain the general purpose and context - RULE: of the package. Additional explanations/justifications should be done in - RULE: the MIR report. - RULE: - If the package was renamed recently, or has a different upstream name, - RULE: this needs to be explained in the MIR report. The Package description explains the package well Upstream Name is gst-thumbnailers Link to upstream project: https://gitlab.gnome.org/GNOME/gst- thumbnailers -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2137712 Title: [MIR] gst-thumbnailers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gst-thumbnailers/+bug/2137712/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
