From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 0825049079 for ; Wed, 31 Jan 2024 23:07:12 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 2849568D130; Thu, 1 Feb 2024 01:07:10 +0200 (EET) Received: from relay3-d.mail.gandi.net (relay3-d.mail.gandi.net [217.70.183.195]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 0E44268AB9C for ; Thu, 1 Feb 2024 01:07:04 +0200 (EET) Received: by mail.gandi.net (Postfix) with ESMTPSA id 5BF6060003 for ; Wed, 31 Jan 2024 23:07:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1706742423; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=ksC4iXKJ7Ncb1pH1+LjIg4pRjS+qKMRsRLFusy2QtV0=; b=FFZ047UJyW40mYmzFwmIsoAuQgLyDm8qQZbEMMc8kLu1MZxvO+MkcqNjVtJw2MQOODnoDR ZWABx1FMv7DxDi+A3zpVswYkxA+ZR8FbJGGopFdMmnZ9SLiwPP+9a9YXgmYp/2ZdMhfsfv 6rcnJIOuH7Nso81OqT/qBFF30+YNTbp/gCvbIYlkdCe2OvhDYr9qxutBnD4mKNduDPWCO1 1a8uzn1wqfdpFei6ArzsaR35pgGDSQh4TqWyG6LxKp84ZDCjA0NVoU/rJRzO2M1VXbQKYT 1XpEFUGRb7irPZCaGfRofWo3DkGpY+lfQxO2U9APVRlRN+6jXMAEZPk5wIY09g== Date: Thu, 1 Feb 2024 00:07:02 +0100 From: Michael Niedermayer To: FFmpeg development discussions and patches Message-ID: <20240131230702.GZ6420@pb2> References: <20240128032549.GN6420@pb2> <20240130014821.GJ6420@pb2> <36880d31-320c-419f-ae4d-42a5eade0ebe@gmail.com> MIME-Version: 1.0 In-Reply-To: X-GND-Sasl: michael@niedermayer.cc Subject: Re: [FFmpeg-devel] Sovereign Tech Fund X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: multipart/mixed; boundary="===============1345085315666814995==" Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: --===============1345085315666814995== Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="LdxFfuGGSzjvBWj4" Content-Disposition: inline --LdxFfuGGSzjvBWj4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jan 31, 2024 at 09:55:00PM +0000, Kieran Kunhya wrote: > On Wed, 31 Jan 2024 at 21:45, Derek Buitenhuis > wrote: >=20 > > On 1/30/2024 1:48 AM, Michael Niedermayer wrote: > > > https://trac.ffmpeg.org/wiki/SponsoringPrograms/STF/2024 > > > > Not to derail this fine thread, but what forks does the Merge Forks > > project refer to? > > > > - Derek > > >=20 > I also added a note that 70 USD for coverity is way too much. I picked a > random issue 1503073 and within a minute saw that it was a false positive. > I don't deserve 70USD for that. you forgot to add yourself with a lower price its weak to claim something expensive (which is true) but not willing to do the work at a lower price about antons comment "Objections: (Anton) Coverity (and other static analysis tools) are notorio= usly prone to false positives. I am concerned that this might lead to a lar= ge number of patches that "fix" such false positives, but make the code wor= se." It was me years ago who brought the number of coverity issues down to a small number. It has exploded since. anton, where does this misstrust come from ? When i did all that fixing of covertiy issues long ago i closed many i think about 1/3 where real issues IIRC 2/3 where false positves or "intended" i closed the false positives and marked them accordingly as fals= e or intended or whatever was correct. Why should i suddenly do something different ? I did it for 100% free back then and here it wouldnt even make sense, closing false positives also counts as resolved. Its less work even to get 70USD ;) and about the 70 USD. Its a point at which i hoped someone else would add himself, apparently its enough someone complains but noone wants to do it still. hmm and about 1min, the average time it takes to analyze issues is definitly going to be above this unless the issues look very different than previosuly though also you will surely find a dozen similar ones where you can close each in 5sec. on average 30min per issues with all analysis, double checking documentation 1/3 of the time writing a patch, testing and submitting is more real. So you could make 140USD per hour IMHO at 70USD per issue I think thats realistic unless the issues are different now than years ago (the 30min estimate includes a saftey factor which one has to include for this kind of work) thx [...] --=20 Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Modern terrorism, a quick summary: Need oil, start war with country that has oil, kill hundread thousand in war. Let country fall into chaos, be surprised about raise of fundamantalists. Drop more bombs, kill more people, be surprised about them taking revenge and drop even more bombs and strip your own citizens of their rights and freedoms. to be continued --LdxFfuGGSzjvBWj4 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iF0EABEIAB0WIQSf8hKLFH72cwut8TNhHseHBAsPqwUCZbrSkwAKCRBhHseHBAsP q/6mAKCOrOyFLI27yXgffJSU1D0cCWimjwCfV4LVOf7AmMIVA+wSt7xRFTWsSFw= =5P3u -----END PGP SIGNATURE----- --LdxFfuGGSzjvBWj4-- --===============1345085315666814995== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". --===============1345085315666814995==--