A rabbit hole I went down yesterday was this article on The New Stack and it went deep into places I don’t ever want to frequent1. In the article, it talked about the sustainability in open source, particularly when large corporations that turn over huge profits view contributions as “here’s a bug, fix it”. I don’t want to believe it, but it does seem like open source is only a viable business solution when somebody gets screwed somewhere down the line.
I remember when I started getting “security researchers” reporting bugs in my plugins, and it got exhausting when individuals came with their cap in hand to my free plugins, putting the bug behind a bitcoin paywall. Oddly since my plugins have joined the Patchstack Vulnerability Disclosure Programme these updates have pretty much stopped.
It got frustrating and stressful for me to push security updates when I was getting a couple every month, and I don’t have Google’s finest security researchers and AI breathing down my neck because my code probably isn’t being used internally in Google, or in Amazon, or Meta. I can understand why people who maintain these libraries are quitting when these are corporate entities are overwhelming volunteers, often with no compensation.
Pay your fucking open source maintainers.
- Twitter, mainly β©οΈ
2 thoughts on “FFmpeg to Google: Fund Us or Stop Sending Bugs on The New Stack”
Likes