On Tue, 14 Oct 2025, 23:53 Michael Niedermayer via ffmpeg-devel, < [email protected]> wrote:
> Hi Timo > > On Wed, Oct 15, 2025 at 12:28:20AM +0200, Timo Rothenpieler via > ffmpeg-devel wrote: > > On 14.10.2025 04:40, Michael Niedermayer via ffmpeg-devel wrote: > > > Hi Everyone > > > > > > As we are now looking for sponsors, we also should look for tasks to > fund. > > > I suggest, we first do some brainstorming and make a list, and then > figure out which > > > tasks we want to sponsor (or maybe someone wants to do one as a > volunteer) > > > > > > Heres some random ideas from me /mostly things for which i am not able > to find the time ATM > > > (that is, iam happy if someone else does these) > > > please add your ideas. > > > > > > * cherry pick the remaining codecs and demuxers from almpeg > > > * cleanup new tickets on trac (aka close (invalid/needs more > info/fixed) or open > > > * do something about the difference between mitre and our CVE list > (that is go over the output from tools/compare-cvelists.sh) > > > * do we have any bugs or feature requests that have alot of votes on > them ? > > > > > > thx > > > > > > PS: once we have enough yearly income we can look at hiring / funding > people fulltime. > > > > Since we have just been approved for the EUs YesWeHack program, someone > will > > need to work through the incoming bugs and triage/fix/look at them. > > > > That could definitely be something someone could use some sponsoring for. > > great, i agree. > > Can we make this a bit more specific (so that in case we choose this) we > have > something clear we can pass to SPI. > > Should this be payment per bug fixed? > or payment per hour ? > > 1. I expect we need to first have a specific developer who wants to do this > 2. then have SPI draft a contract for the specific jurisdiction where the > developer works > 3. SPI and the developer sign that > 4. only then can the work start > > Iam saying above because if the YesWeHack thing begins at a specific time, > all above needs > to be done first, also including us finding a consensus that we do want to > fund this. > > (SPI has contracts for some jurisdictions already so, uncommon > jurisdictions likely > will need more time) > FFmpeg should move to an LTS and development version like Ubuntu. Then companies can pay for older versions to have backports of security fixes (like Ubuntu). Kieran > _______________________________________________ ffmpeg-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
