←back to thread

FFmpeg to Google: Fund us or stop sending bugs

(thenewstack.io)
1125 points CrankyBear | 3 comments | 11 Nov 25 18:32 UTC | HN request time: 0s | source
Show context
phkahler ◴[11 Nov 25 19:41 UTC] No.45891830[source]
From TFA this was telling:

Thus, as Mark Atwood, an open source policy expert, pointed out on Twitter, he had to keep telling Amazon to not do things that would mess up FFmpeg because, he had to keep explaining to his bosses that “They are not a vendor, there is no NDA, we have no leverage, your VP has refused to help fund them, and they could kill three major product lines tomorrow with an email. So, stop, and listen to me … ”

I agree with the headline here. If Google can pay someone to find bugs, they can pay someone to fix them. How many time have managers said "Don't come to me with problems, come with solutions"

replies(8): >>45891966 #>>45891973 #>>45893060 #>>45893320 #>>45896629 #>>45898338 #>>45902990 #>>45906281 #
skhameneh ◴[11 Nov 25 21:46 UTC] No.45893320[source]
I've been a proponent of upstreaming fixes for open source software.

Why? - It makes continued downstream consumption easier, you don't have to rely on fragile secret patches. - It gives back to projects that helped you to begin with, it's a simple form of paying it forward. - It all around seems like the "ethical" and "correct" thing to do.

Unfortunately, in my experience, there's often a lot of barriers within companies to upstream. Reasons can be everything from compliance, processes, you name it... It's unfortunate.

I have a very distinct recollection of talks about hardware aspirations and upstreaming software fixes at a large company. The cultural response was jarring.

replies(10): >>45894455 #>>45894472 #>>45894483 #>>45894572 #>>45895043 #>>45896339 #>>45896674 #>>45897121 #>>45901635 #>>45902318 #
cornonthecobra ◴[12 Nov 25 00:49 UTC] No.45895043[source]
I've literally had my employer's attorneys tell me I can't upstream patches because it would put my employer's name on the project, and they don't want the liability.

No, it didn't help giving them copies of licenses that have the usual liability clauses.

It seems a lot of corporate lawyers fundamentally misunderstand open source.

replies(5): >>45895275 #>>45895290 #>>45896892 #>>45898347 #>>45899056 #
1. josephg ◴[12 Nov 25 10:05 UTC] No.45898347[source]
I don't know if it would work, but sometimes I consider a "moochers" rule wrt opensource code.

Like, here's the deal: The work is proper, legit opensource. You can use it for free, with no obligations.

But if your company makes a profit from it, you're expected to either donate money to the project or contribute code back in kind. (Eg security patches, bug fixes, or contribute your own opensource projects to the ecosystem, etc).

If you don't, all issues you raise and PRs get tagged with a special "moocher" status. They're automatically - by default - ignored or put in a low priority bin. If your employees attend any events, or join a community discord or anything like that, you get a "moocher" badge, so everyone can see that you're a parasite or you work for parasites. Thats ok; opensource licenses explicitly allow parasites. I'm sure you're a nice person. But we don't really welcome parasites in our social spaces, or allow parasites to take up extra time from the developers.

replies(1): >>45899064 #
2. cornonthecobra ◴[12 Nov 25 11:56 UTC] No.45899064[source]
I've spent the last 32 years pushing every employer I've had to contribute back to open source. Because of the sector I work in, more often than not I'm constrained by incredibly tight NDAs.

I can usually stop short of providing code and file a bug that explains the replication case and how to fix it. I've taken patches and upstreamed them pseudonymously on my own time when the employer believed the GPL meant they couldn't own the modifications.

If after all that you still want to label me a moocher at cons, that's your choice.

replies(1): >>45899220 #
3. seb1204 ◴[12 Nov 25 12:14 UTC] No.45899220[source]
You can wear your secret cape with pride, don't worry about the moocher badge.