[FFmpeg-devel] Sovereign Tech Fund

Michael Niedermayer michael at niedermayer.cc
Thu Feb 1 01:07:02 EET 2024 

On Wed, Jan 31, 2024 at 09:55:00PM +0000, Kieran Kunhya wrote:
> On Wed, 31 Jan 2024 at 21:45, Derek Buitenhuis <derek.buitenhuis at gmail.com>
> wrote:
> 
> > On 1/30/2024 1:48 AM, Michael Niedermayer wrote:
> > > https://trac.ffmpeg.org/wiki/SponsoringPrograms/STF/2024
> >
> > Not to derail this fine thread, but what forks does the Merge Forks
> > project refer to?
> >
> > - Derek
> >
> 
> I also added a note that 70 USD for coverity is way too much. I picked a
> random issue 1503073 and within a minute saw that it was a false positive.
> I don't deserve 70USD for that.

you forgot to add yourself with a lower price

its weak to claim something expensive (which is true) but not willing
to do the work at a lower price

about antons comment
"Objections: (Anton) Coverity (and other static analysis tools) are notoriously prone to false positives. I am concerned that this might lead to a large number of patches that "fix" such false positives, but make the code worse."

It was me years ago who brought the number of coverity issues down to
a small number. It has exploded since.

anton, where does this misstrust come from ?
When i did all that fixing of covertiy issues long ago i closed many
i think about 1/3 where real issues IIRC 2/3 where false positves or
"intended" i closed the false positives and marked them accordingly as false or
intended or whatever was correct.

Why should i suddenly do something different ?
I did it for 100% free back then
and here it wouldnt even make sense, closing false positives also
counts as resolved. Its less work even to get 70USD ;)

and about the 70 USD. Its a point at which i hoped someone else would
add himself, apparently its enough someone complains but noone wants to
do it still. hmm

and about 1min, the average time it takes to analyze issues is definitly
going to be above this unless the issues look very different than previosuly
though also you will surely find a dozen similar ones where you can close
each in 5sec. on average 30min per issues with all analysis, double checking
documentation 1/3 of the time writing a patch, testing and submitting is
more real. So you could make 140USD per hour IMHO at 70USD per issue
I think thats realistic unless the issues are different now than
years ago (the 30min estimate includes a saftey factor which one has to
include for this kind of work)

thx

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Modern terrorism, a quick summary: Need oil, start war with country that
has oil, kill hundread thousand in war. Let country fall into chaos,
be surprised about raise of fundamantalists. Drop more bombs, kill more
people, be surprised about them taking revenge and drop even more bombs
and strip your own citizens of their rights and freedoms. to be continued
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20240201/69d60c5e/attachment.sig>

More information about the ffmpeg-devel mailing list