Microsoft employee:
Hi, This is a high priority ticket and the FFmpeg version is currently used in a highly visible product in Microsoft. We have customers experience issues with Caption during Teams Live Event. Please help
Maintainer’s comment on twitter:
After politely requesting a support contract from Microsoft for long term maintenance, they offered a one-time payment of a few thousand dollars instead.
This is unacceptable.
And further:
The lesson from the xz fiasco is that investments in maintenance and sustainability are unsexy and probably won’t get a middle manager their promotion but pay off a thousandfold over many years.
But try selling that to a bean counter
Ffmpreg?
Haifong inprurr
Kek
Alternative answer: "We understand your issue and will fix it as time and priorities allow. Please note that customers paying for support always get higher priority. Given MS contributions to the project, this ticket was ranked 42nd in our priority list.
Have a pleasant day! FFMPEG support team"
lmao didn’t know Elon Musk is an ffmpeg maintainer
I wonder if it’s the real Elon Musk?
It’s just someone with the same name
Wtf is a real elon musk? He is not elon musk of tesla. But is not uncommon for multiple people to have the same name.
Poor man it must be annoying to have to introduce yourself as “elon musk, no not that elon musk” all the time?
It’s so ridiculous that this isn’t even brought up:
The Command you provided worked fine. Thank you so much for the help! Really appreciated! We are going to proceed to make a release today and test with customers. Will post the updates here.
Gotta love being a forced beta tester… I mean customer.
isn’t that what a canary release essentially is?
Man, must be rough to be an MS engineer and do work in public. Ignoring the financial aspect, can’t say I’ve never had a similar ticket and resolution.
That does kind of admit what we all suspected about Microsoft’s QA since they fired the whole testing team in 2014.
Meanwhile Google has always just forced you to go to Google Groups to log bugs in production software.
If the live version is already broken, there isn’t much to lose deploying the fix as soon as possible. Not sure what else they could have done here.
There are likely other changes made since they released that version to their customers, so the risk is other things in addition to the current thing get broken.
There is zero chance that they’ll just build from the latest main branch and release that tomorrow. Or that whatever build they make goes directly to general distribution.
They’ll make a build from the last release plus this patch and send it to a few customers who have complained. Then they’ll think about making a release with this and perhaps other bug fixes.
If the Microsoft person making this request can’t update a command line switch, I seriously doubt they will try to build from source with a patch.
Yup. Shits fucked. Do what you can. Lol
I am confused. I realize this is just a flag change not even a dev problem but PEBKAC, still - in the event of an actual bug, why wouldn’t Microsoft have a dev contribute to the project and fix it instead of just opening a ticket?
deleted by creator
You assume MS is competent?
Filling an issue quickly is good etiquette. Then you can discuss in the ticket the best way to solve/work around.
The devs don’t take an issue with the ticket being filed. They’re irritated by one particular reply which sounds like “My million dollar product depends on this bug fix. Please do that for me”. MS isn’t offering a solution. They’re asking for one.
To be fair MS offers an amount for the fix. Most companies just bully the devs instead. However, I don’t think it’s quite fair (though legal) to offer one time payments for a core library that they use.
lmao the “high priority bug” is just a user error
This is gold.
I don’t get why they don’t propose a fix themselves.
99% morons, that’s why…
Probably cause the software engineers writing a high level chat app in TypeScript don’t have the skills or knowledge to fix a bug in a C++ video decoder.
Lack of faith in their own talent?
Why spend money when you can bully people?
I see what you’re saying, but no one is being bullied here.
Not really but Microsoft being pushy without wanting to pay for a support contract is kind of on par for that shit company.
Microsoft also makes like half of the languages and dev tooling that every piece of software depends on. Microsoft is certainly problematic but I would not consider their support or attitude towards open source projects in general to be.
half
You’re kidding, right? Especially on open source?
Embrace, extend, extinguish. THAT is Microsoft, so if tomorrow that company burns to the ground, the world will be a little better.
Lmfao, it’s honestly hard to tell whether people on Lemmy are genuine old heads still stuck in the past or just young ones blindly repeating what they’ve heard that sounds edgy.
There hasn’t been an example of Microsoft EEEing something in 20 years. You could literally be in college right now and the past time Microsoft even tried to sabotage an open source project would be before you were born.
To casual tech enthusiasts who want to fit in with die hard open source enthusiasts it’s cool to hate Microsoft, for professional software developers who have seen what say, JavaScript was like before and after Microsoft started working on it, we have a bit of a more nuanced view of them.
“A failure to plan on your part does not constitute an emergency on my part.” -Someone hopefully working on ffmpeg.
Does that go for the xz vulnerability too? Wasn’t it a Microsoft dev who discovered that?
the xz vulnerability was done through a superflous dependency to systemd, xz was only the library that was abused to use systemd’s superflous dependency hell. sshd does not use xz, but systemd does depend on it. sshd does not need systemd, but it was attacked through its library dependency.
we should remove any pointless dependencies that can be found on a system to prevent such attacks in future by reducing dependency based attack vectors to a minimum.
also we should increase the overall level of privilege separation where systemd is a good bad example, just look at the init binary and its capability zoo.
The company who hired “the” systemd developer should IMHO start to really fix these issues !
so please hold your “$they have fixed it” back until the the root cause that made the xz dependency level attack possible in the first place has been really fixed =)
Of course pointing it out was good, but now the root cause should be fixed, not just a random symptom that happened to be the first visible atrack that used this attack vector introduced by systemd.
In this case, it’s actually Microsofts fault. There is no bug in ffmpeg, Microsoft just didn’t properly use it
“A failure to plan on your part does not constitute an emergency on my part.”
Wow now that is a quote I’m going to steal. Wondering if “A failure to understand on your part does not constitute an emergency on my part.” has the same punch or is as relevant… anyway, thanks for sharing!
Good, tell leech corporations and specially Microsoft to fuck right off. Pay for it or do it yourselves.
Can’t reproduce bug. Closing ticket.
As if microsoft ever tries to repro anything… Just refer them to some of the most clunkiest and convoluted sites ever, where it should say to just reboot three times and hope for the best.
New decoder… who dis?
It’s what Microsoft would do in the same situation. It’s only fair
I understand you are having a problem with ffmpeg.
Firstly, I will need you to open a command prompt and run SFC /scannow.
And then reboot your PC.
And then run SFC /scannow again.
And reboot again.
Until you give up and reinstall Windows.
I tried all that but accidentally installed Linux at the last step, but it seems to have fixed the issue so I’m suggesting it as a functioning workaround to all of my colleagues
-Microsoft MVP
You forgot when the boot loader forgets where it placed your boot partition and you get to do a few rounds of bcdedit /h /s /gofuckyourself
have you tried restarting explorer yet?
Also, did you install all updates? Did you already accept Edge as your new web browser?
have you tried pressing shift + alt + T + f24 yet? It resets the shitfart dongle adapter.
I figured they would just run
sfc /scannowand then sit staring at their screen bewildered when it inevitably does nothing.
I wonder if these trillion dollar companies offer support contracts for astroturfing on social media on their behalf. I can’t think of any other way so many people are supporting their sociopathic attitude.
Cognitive dissonance.
For a lot of people, either they accept “this trillion dollar corporation that controls all my computers, and the programming languages I use, and my code editor, is evil”. Or they accept “this trillion dollar company does lots of good things for me and is good”.
One is easier to accept than the other.
there are companies out there that do this kind of thing.
FFMPEG is a core technology. You literally cannot do anything with video without touching FFMPEG at multiple places in the stack.
The fact that we have billions of dollars of revenue flowing through that software every day, but we rely on VOLUNTEERS to maintain it shows exactly how hollow the whole SV entrepreneur culture really is.
Bunch of fucking posers wouldn’t know performance code if it kicked them in the face.
QuickTime has entered the chat
The fact that we have billions of dollars of revenue flowing through that software every day, but we rely on VOLUNTEERS to maintain it shows exactly how hollow the whole SV entrepreneur culture really is.
Exactly: I’m not mad about important things being run by volunteers – arguably, that’s a good thing because it means project decisions are made uncorrupted by profit motive – but I am mad about the profit being reaped elsewhere on the backs of their free labor.
arguably, that’s a good thing because it means project decisions are made uncorrupted by profit motive
Argue-er here, chiming in. This statement could be interpreted as considering only half of the central relationship of capitalism. (Capitalism isn’t just about deriving profit from the control of surplus, it’s about the relationship between surplus and scarcity. Surplus doesn’t mean shit if no one wants what you have.)
The decisions that volunteers make may not be motivated by the desire/ability to make profit, but they can be (and often are) motivated by the opposite; they have to account for the fact that their volunteer work is labor that isn’t contributing to their survival – aka, their day job. The demands placed on them by their other responsibilities will have to take precedence over the volunteer project.
In practice, this means they have to take shortcuts and/or do less than they would like to, because they don’t have time to devote to it. It’s not exactly the same end product as if it was profit-seeking, since that can tempt maintainers into using dark patterns etc, but they’re similar.
Ideally, they would have all the money they needed, didn’t have to have regular jobs, but also had families/friends/hobbies that would keep them from over-engineering ffmpeg.
To say this in a simpler/shorter way (TD;DR), their decisions can be motivated by the fact that they aren’t making money from it, don’t have enough time or resources to do everything they might want.
(Why is this so long?? I’m bored in the train, gotta kill the time somehow…why not say in 1000 words what I could have said in 100)
Interesting point! I’m not sure that that motivates the quality or type of decisions so much as the mere quantity, though. (In other words, I agree the pace of development suffers, but I’m not sure the quality of the end result does.)
@grue @vzq this is such an interesting space. The general public has no idea how much of their software relies on open source code and voluntary community contributions. There have been so many attempts to figure out a way to compensate these maintainers, but it doesn’t seem like anything has really become the defacto solution. Open Collective and Tidelift are the closest things I can think of.
OBS seems to be funded by the likes of Meta, Google, Amazon, AMD, Nvidia, etc. despite being unaffiliated.
Bunch of fucking posers wouldn’t know performance code if it kicked them in the face.
You mean JavaScript right?
These days it’s all about Python, with AI being the hype and all. JS can at least try to compete.
They’re not going to invest in it if they don’t own it, and frankly I’m happy they don’t.
Those same companies tell you that their products that you paid for don’t belong to you. You are just buying a license to use them. Sadly, this asinine concept is spreading even to hardware markets.
I think it’s fair to ask them to take their own bitter pill. They should also invest without owning.
Old issue, so why post it now make it sound like MS demands something?
Opened 11 months ago Last modified 11 months ago
It’s a regression, so ffmpeg should fix a regression.
What regression? It was a PEBKAC
Old issue, so why post it now make it sound like MS demands something?
I think it’s because of that recent security issue, and then the subject of corporations tithing into open source code efforts instead of just using it for freeish, that grew around the discussion of that security vulnerability.
deleted by creator
