Main Inclusion Report for Jack-Audio-Connection-Kit (JACK)

Requirements

1. Availability: http://archive.ubuntu.com/ubuntu/pool/universe/j/jack-audio-connection-kit; Available for all supported architectures.

2. Rationale:

   • Build dependency of the 'jack' alsa plugin (now disabled in libasound2-plugins, see launchpad bugs 197957 and 84900)

   • ...

3. Security:

   • No CVE entries known.

   • No Secunia history known

   • Only binaries in jackd, none of which are suid/sgid. Note: realtime capabilities are nowadays granted to users/groups though /etc/security/limits.conf

   • jackd is of course a daemon, but is not automatically started on startup
   • jackd does not listen for network connections itself - it requires the installation of a separately available 'netjack' driver for this.
   • No source code review is performed that we know of.

4. Quality assurance:

   • In what situation does the package not work out of the box without configuration?
     • Jack needs some audio output device to connect to in order to start. This might fail if such a device is not available, or if another process is keeping a device occupied that does not support multiple concurrent connections.

     • Some configuration may be required for optimal performance (i.e. low latency) depending on the audio card used. Configuration instruction are available at help.ubuntu.com.

   • Does the package ask any debconf questions highter than priority 'medium'?
     • Jack does not ask any debconf questions.

   • Debian bugs: only wishlist items are open right now

   • Maintenance in Debian: Is calm

   • Upstream: Is vigorous

   • Upstream bug tracker: nothing particularly relevant or critical there either it seems

   • Hardware: This package deals well with most commonly available consumer and semi- and professional audio cards.
   • Is there a test stuie in the upstream source or packaging?
   • Is it enabled to run in the build?

5. UI standards:

   • User-visible strings are internationalized using standard gettext system ?
   • Package with translatable strings builds a PO template during package build ?
   • End-user applications ship a desktop file ?

6. Standards compliance:

   • FHS, Debian Policy compliance ?

   • Debian library packaging guide standards compliance ?

   • Packaging system (debhelper/cdbs/dbs) ? Patch system ? Any packaging oddities ?

7. Dependencies:

   • ...
   • Are these all in main ?

8. Maintenance:

   • How much maintenance is this package likely to need ? (Simple packages may largely take care of themselves; complex packages will need dedicated developers paying attention to them.) Little maintenance should be required

   • Who is responsible for monitoring the quality of this package and fixing its bugs ? Are they Ubuntu or Debian developers ? Upstream (FFADO) developers along with Ubuntu and Debian developers

   • Who is the package bug contact in Ubuntu? (Needs one if its a nontrivial package which does not fully maintain itself through Debian) Ubuntu Studio developers

9. Background information:

   • The general purpose and context of the package should be clear from the package's debian/control file. If it isn't then please explain.
   • What do upstream call this software ? Has it had different names in the past ?

10. Internationalization:

    • Are graphical applications translatable? Do they support gettext?

Reviewers

MIR bug: https://bugs.launchpad.net/BUGNUMBER

Author: Scott Lavender * Contributor: Arnout 'raboof' Engelen