UbuntuMainInclusionRequirements

Revision 2 as of 2005-07-19 09:50:28

Clear message

Promoting a package into main

Scope

This document describes the steps and requirements for a package to be considered for inclusion into the supported set of Ubuntu packages (into main), which entails that this package receives the full scope of security and QA support.

Steps

To promote a package into main, the following steps need to be taken:

  1. The package must meet the requirements described in the following section.
  2. A concise, but complete report should be created which documents the status of the requirements. The report should follow the format of the "Requirements" section. Ideally the report is put to the wiki at http://www.ubuntulinux.org/wiki/MainInclusionReportPackageName.

  3. The request and the link to the report are sent to ubuntu-devel@lists.ubuntu.com.

  4. A main developer reviews the report and accepts or denies the request. This is indicated by adding a line "Name: accepted" or "Name: rejected" to the "Reviewers" part of the report.
  5. If it is accepted, the package is added to the appropriate seed.

Requirements

The package must fulfill the following requirements:

  1. Availability: The package must already be in the Ubuntu universe, and must build for the architectures it is designed to work on.

  2. Rationale: There must be a certain level of demand for the package, for example:

    • The package is useful for a large part of our user base.
    • The package is a new build dependency or dependency of a package that we already support.
    • The package replaces another package we currently support and promises higher quality and/or better features, so that we can drop the old package from the supported set.
  3. Security: The security history and the current state of security issues in the package must allow us to support the package for at least 18 months without exposing its users to an inappropriate level of security risks. This requires checking of several things that are explained in detail in the subsection Security checks.

  4. Quality assurance:

    • After installing the package it must be possible to make it working with a reasonable effort of configuration and documentation reading.
    • There are no long-term outstanding bugs which affect the usability of the program to a major degree. To support a package, we must be reasonably convinced that upstream supports and cares for the package.
    • The status of important bugs in [http://bugs.debian.org Debian's], [https://launchpad.ubuntu.com/malone/distros/ubuntu Ubuntu's], and possibly upstream's bug tracking systems must be evaluated.

    • The package should not deal with exotic hardware which we cannot support.
  5. Standards compliance: The package should meet the [http://www.pathname.com/fhs/ FHS], [http://www.de.debian.org/doc/debian-policy/ Debian Policy], and (if applicable) the [http://www.netfort.gr.jp/~dancer/column/libpkg-guide/libpkg-guide.html Debian library packaging guide] standards. Major violations should be documented and justified. Also, the source packaging should be reasonably easy to understand and maintain.

  6. Dependencies: Any build or binary dependencies which are not yet in main.

Security checks