Public bug reported: [Availability] - The package libfile-libmagic-perl is already in Ubuntu universe. - The package builds for the architectures it is designed to work on. - It currently builds and works for architectures: amd64, arm64, armhf, i386, ppc64el, riscv64, s390x - Link to package https://launchpad.net/ubuntu/+source/libfile-libmagic-perl
[Rationale] - The package libfile-libmagic-perl is required in Ubuntu main because it is a new runtime dependency of lintian (>= 2.128.0), which is already in main. - The package libfile-libmagic-perl will not generally be useful for a large part of our user base, but is important/helpful still because without it, lintian 2.128.0 cannot migrate from proposed to main. - There is no other/better way to solve this that is already in main: libfile-libmagic-perl provides Perl bindings to libmagic (the system file type detection library). Lintian specifically requires File::LibMagic and there is no equivalent already-in-main Perl interface to libmagic. - This is the first time the package will be in main. - The binary package libfile-libmagic-perl needs to be in main to allow lintian to migrate; there are no other binary packages built by this source. - The package libfile-libmagic-perl is required in Ubuntu main no later than the 26.04 LTS release, as lintian 2.128.0 is blocked from migrating until all its dependencies are in main. [Security] - No CVEs/security issues in this software in the past - https://security-tracker.debian.org/tracker/source-package/libfile-libmagic-perl - https://ubuntu.com/security/cve?package=libfile-libmagic-perl - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features: this is a pure Perl XS library that wraps libmagic for file type detection. It runs entirely in the calling process with no elevated privileges. - Packages does not open privileged ports (ports < 1024). - Package does not expose any external endpoints - Packages does not contain extensions to security-sensitive software (filters, scanners, plugins, UI skins, ...) [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs - Ubuntu https://bugs.launchpad.net/ubuntu/+source/libfile-libmagic-perl/+bug - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libfile-libmagic-perl - Upstream https://github.com/houseabsolute/File-LibMagic/issues (6 open issues, all stalled platform-specific or libmagic-level concerns not affecting Linux/Ubuntu, e.g. macOS test failures, AIX build, CSV MIME misidentification which is a libmagic issue rather than the Perl binding) - The package does not deal with exotic hardware we cannot support [Quality assurance - testing] - The package runs a test suite on build time, if it fails it makes the build fail, link to build log: * amd64: https://launchpadlibrarian.net/755004806/buildlog_ubuntu-plucky-amd64.libfile-libmagic-perl_1.23-2build2_BUILDING.txt.gz * arm64: https://launchpadlibrarian.net/755010112/buildlog_ubuntu-plucky-arm64.libfile-libmagic-perl_1.23-2build2_BUILDING.txt.gz * armhf: https://launchpadlibrarian.net/755009853/buildlog_ubuntu-plucky-armhf.libfile-libmagic-perl_1.23-2build2_BUILDING.txt.gz * i386: https://launchpadlibrarian.net/755004800/buildlog_ubuntu-plucky-i386.libfile-libmagic-perl_1.23-2build2_BUILDING.txt.gz * ppc64el: https://launchpadlibrarian.net/755010510/buildlog_ubuntu-plucky-ppc64el.libfile-libmagic-perl_1.23-2build2_BUILDING.txt.gz * riscv64: https://launchpadlibrarian.net/755021719/buildlog_ubuntu-plucky-riscv64.libfile-libmagic-perl_1.23-2build2_BUILDING.txt.gz * s390x: https://launchpadlibrarian.net/755010727/buildlog_ubuntu-plucky-s390x.libfile-libmagic-perl_1.23-2build2_BUILDING.txt.gz - The package runs an autopkgtest (via autopkgtest-pkg-perl), and is currently passing on amd64, arm64, armhf, ppc64el, s390x, link to test logs: * amd64: https://autopkgtest.ubuntu.com/results/autopkgtest-resolute/resolute/amd64/libf/libfile-libmagic-perl/20260206_195332_68fbd@/log.gz * arm64: https://autopkgtest.ubuntu.com/results/autopkgtest-resolute/resolute/arm64/libf/libfile-libmagic-perl/20260205_031145_e6700@/log.gz * armhf: https://autopkgtest.ubuntu.com/results/autopkgtest-resolute/resolute/armhf/libf/libfile-libmagic-perl/20260205_050344_df8f8@/log.gz * ppc64el: https://autopkgtest.ubuntu.com/results/autopkgtest-resolute/resolute/ppc64el/libf/libfile-libmagic-perl/20260205_055436_23d06@/log.gz * s390x: https://autopkgtest.ubuntu.com/results/autopkgtest-resolute/resolute/s390x/libf/libfile-libmagic-perl/20260208_191417_37c12@/log.gz - The package does have failing autopkgtests tests right now, but since they always failed they are handled as "ignored failure", this is ok because the test depends on pkg-perl-autopkgtest package that is not built for i386 since focal. [Quality assurance - packaging] - A mechanism to detect and fetch new upstream versions is present and works - debian/control defines a correct Maintainer field - Lintian overrides are not present ``` lintian --pedantic P: libfile-libmagic-perl source: redundant-rules-requires-root-no-field [debian/control:20] ``` - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will not be installed by default - Packaging and build is easy, link to debian/rules https://git.launchpad.net/ubuntu/+source/libfile-libmagic-perl/tree/debian/rules [UI standards] - Application is not end-user facing (does not need translation) [Dependencies] - Used check-mir from ubuntu-dev-tools to validate all dependencies or recommends are in main. [Standards compliance] - This package correctly follows FHS and Debian Policy [Maintenance/Owner] - The owning team will be ~debcrafters-packages and I have their acknowledgment for that commitment - The future owning team is already subscribed to the package - This does not use static builds - This does not use vendored code - This package is not rust based - The package has been built within the last 3 months in PPA and ~4.5 months in the archive - Build link on launchpad: * Archive: https://launchpad.net/ubuntu/+source/libfile-libmagic-perl/1.23-2build2 * PPA: https://launchpad.net/~nadzeya/+archive/ubuntu/libfile-libmagic-perl-mir/+packages - This change will not impact other teams [Background information] The package description explains the package well Upstream Name: File-LibMagic Link to upstream project: https://github.com/houseabsolute/File-LibMagic ** Affects: libfile-libmagic-perl (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2142465 Title: [MIR] libfile-libmagic-perl (lintian dependency) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libfile-libmagic-perl/+bug/2142465/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
