[FFmpeg-devel] Sovereign Tech Fund

Michael Niedermayer michael at niedermayer.cc
Fri Feb 2 00:55:14 EET 2024 

On Thu, Feb 01, 2024 at 06:59:14PM +0100, Anton Khirnov wrote:
> Quoting Michael Niedermayer (2024-02-01 00:07:02)
> > 
> > about antons comment
> > "Objections: (Anton) Coverity (and other static analysis tools) are notoriously prone to false positives. I am concerned that this might lead to a large number of patches that "fix" such false positives, but make the code worse."
> > 
> > It was me years ago who brought the number of coverity issues down to
> > a small number. It has exploded since.
> > 
> > anton, where does this misstrust come from ?
> > When i did all that fixing of covertiy issues long ago i closed many
> > i think about 1/3 where real issues IIRC 2/3 where false positves or
> > "intended" i closed the false positives and marked them accordingly as false or
> > intended or whatever was correct.
> > 
> > Why should i suddenly do something different ?
> > I did it for 100% free back then
> > and here it wouldnt even make sense, closing false positives also
> > counts as resolved. Its less work even to get 70USD ;)
> 
> What's with this hurt-feelings tone? You ASKED people to comment on the

that tone happens after days of participating in some fine ff threads.
You know, at day 3 you sound odd, at day 5 you wonder when you will wake up
until you realize you are awake all along, on day 7 you run naked through the streets


> proposals, so I asked a question. You can just answer it, no need to get
> all emotional about it. I don't stalk you or your commits, why do you
> expect me to know that you worked on such issues "long ago"? I don't
> even know one can close coverity issues manually.
> 
> What I do know is that I've seen similar initiatives run into this
> pathology in the past, hence my question.

If the person classifying is different from the person fixing issues
that may reduce the incentive. Alterantively if all give the same reward
that works too but theres a massive assymmetry as some issues pay way too
much where others pay tpp little. it seems several people did not like that
I dont think theres a perfect way

thx

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Avoid a single point of failure, be that a person or equipment.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20240201/e92ec012/attachment.sig>

More information about the ffmpeg-devel mailing list