Microsoft employee:
Hi, This is a high priority ticket and the FFmpeg version is currently used in a highly visible product in Microsoft. We have customers experience issues with Caption during Teams Live Event. Please help
Maintainer’s comment on twitter:
After politely requesting a support contract from Microsoft for long term maintenance, they offered a one-time payment of a few thousand dollars instead.
This is unacceptable.
And further:
The lesson from the xz fiasco is that investments in maintenance and sustainability are unsexy and probably won’t get a middle manager their promotion but pay off a thousandfold over many years.
But try selling that to a bean counter
FFMPEG is a core technology. You literally cannot do anything with video without touching FFMPEG at multiple places in the stack.
The fact that we have billions of dollars of revenue flowing through that software every day, but we rely on VOLUNTEERS to maintain it shows exactly how hollow the whole SV entrepreneur culture really is.
Bunch of fucking posers wouldn’t know performance code if it kicked them in the face.
The fact that we have billions of dollars of revenue flowing through that software every day, but we rely on VOLUNTEERS to maintain it shows exactly how hollow the whole SV entrepreneur culture really is.
Exactly: I’m not mad about important things being run by volunteers – arguably, that’s a good thing because it means project decisions are made uncorrupted by profit motive – but I am mad about the profit being reaped elsewhere on the backs of their free labor.
@grue @vzq this is such an interesting space. The general public has no idea how much of their software relies on open source code and voluntary community contributions. There have been so many attempts to figure out a way to compensate these maintainers, but it doesn’t seem like anything has really become the defacto solution. Open Collective and Tidelift are the closest things I can think of.
deleted by creator
arguably, that’s a good thing because it means project decisions are made uncorrupted by profit motive
Argue-er here, chiming in. This statement could be interpreted as considering only half of the central relationship of capitalism. (Capitalism isn’t just about deriving profit from the control of surplus, it’s about the relationship between surplus and scarcity. Surplus doesn’t mean shit if no one wants what you have.)
The decisions that volunteers make may not be motivated by the desire/ability to make profit, but they can be (and often are) motivated by the opposite; they have to account for the fact that their volunteer work is labor that isn’t contributing to their survival – aka, their day job. The demands placed on them by their other responsibilities will have to take precedence over the volunteer project.
In practice, this means they have to take shortcuts and/or do less than they would like to, because they don’t have time to devote to it. It’s not exactly the same end product as if it was profit-seeking, since that can tempt maintainers into using dark patterns etc, but they’re similar.
Ideally, they would have all the money they needed, didn’t have to have regular jobs, but also had families/friends/hobbies that would keep them from over-engineering ffmpeg.
To say this in a simpler/shorter way (TD;DR), their decisions can be motivated by the fact that they aren’t making money from it, don’t have enough time or resources to do everything they might want.
(Why is this so long?? I’m bored in the train, gotta kill the time somehow…why not say in 1000 words what I could have said in 100)
Interesting point! I’m not sure that that motivates the quality or type of decisions so much as the mere quantity, though. (In other words, I agree the pace of development suffers, but I’m not sure the quality of the end result does.)
They’re not going to invest in it if they don’t own it, and frankly I’m happy they don’t.
Those same companies tell you that their products that you paid for don’t belong to you. You are just buying a license to use them. Sadly, this asinine concept is spreading even to hardware markets.
I think it’s fair to ask them to take their own bitter pill. They should also invest without owning.
Bunch of fucking posers wouldn’t know performance code if it kicked them in the face.
You mean JavaScript right?
These days it’s all about Python, with AI being the hype and all. JS can at least try to compete.
QuickTime has entered the chat
the FFmpeg version is currently used in a highly visible product in Microsoft. We have customers experience issues with Caption during Teams Live Event.
This seems like a “you” problem, Microsoft, and since you employ thousands of programmers with the experience to solve your problem and commit the change back to the FOSS project, I think this is also very easily a “you” solution as well.
This is pretty funny, kinda suggests they have no faith in the engineers they work with… ffmpeg is an awesome piece of work, but if it’s a bug they can repeat to some level, then like you said, it 100% a them problem!
E: oh, was thinking it was a pm raised it, but seems it was possibly one of their developers, brutal…
Use -data_field first as decoder option in CLI. Default value was changed from first to auto in latest FFmpeg version.
It seems like ffmpeg made a breaking change to their API, and I expect a lot of users to have problems.
On one hand that’s fair, but on the other hand Microsoft is the biggest name in software development and ffmpeg is a volunteer gig, this is probably a problem the megacorp can handle.
But then it’d cost them money.
It is frustrating that people no longer stop and think about the money anymore :(
They offered a one time gift in the thousands of dollars. They were planning to do that anyway.
It’s so ridiculous that this isn’t even brought up:
The Command you provided worked fine. Thank you so much for the help! Really appreciated! We are going to proceed to make a release today and test with customers. Will post the updates here.
Gotta love being a forced beta tester… I mean customer.
That does kind of admit what we all suspected about Microsoft’s QA since they fired the whole testing team in 2014.
Meanwhile Google has always just forced you to go to Google Groups to log bugs in production software.
If the live version is already broken, there isn’t much to lose deploying the fix as soon as possible. Not sure what else they could have done here.
Yup. Shits fucked. Do what you can. Lol
There are likely other changes made since they released that version to their customers, so the risk is other things in addition to the current thing get broken.
There is zero chance that they’ll just build from the latest main branch and release that tomorrow. Or that whatever build they make goes directly to general distribution.
They’ll make a build from the last release plus this patch and send it to a few customers who have complained. Then they’ll think about making a release with this and perhaps other bug fixes.
If the Microsoft person making this request can’t update a command line switch, I seriously doubt they will try to build from source with a patch.
isn’t that what a canary release essentially is?
Man, must be rough to be an MS engineer and do work in public. Ignoring the financial aspect, can’t say I’ve never had a similar ticket and resolution.
Can’t reproduce bug. Closing ticket.
It’s what Microsoft would do in the same situation. It’s only fair
I understand you are having a problem with ffmpeg.
Firstly, I will need you to open a command prompt and run SFC /scannow.
And then reboot your PC.
And then run SFC /scannow again.
And reboot again.
Until you give up and reinstall Windows.
-Microsoft MVP
I tried all that but accidentally installed Linux at the last step, but it seems to have fixed the issue so I’m suggesting it as a functioning workaround to all of my colleagues
You forgot when the boot loader forgets where it placed your boot partition and you get to do a few rounds of bcdedit /h /s /gofuckyourself
have you tried restarting explorer yet?
Also, did you install all updates? Did you already accept Edge as your new web browser?
have you tried pressing shift + alt + T + f24 yet? It resets the shitfart dongle adapter.
I figured they would just run
sfc /scannowand then sit staring at their screen bewildered when it inevitably does nothing.
New decoder… who dis?
As if microsoft ever tries to repro anything… Just refer them to some of the most clunkiest and convoluted sites ever, where it should say to just reboot three times and hope for the best.
Hi, This is a high priority ticket and the FFmpeg version is currently used in a highly visible product in Microsoft. We have customers experience issues with Caption during Teams Live Event. Please help,
Use -data_field first as decoder option in CLI. Default value was changed from first to auto in latest FFmpeg version. Or modify AVOption of same name in API for this decoder.
Thanks @Elon for the reply, This is the command we are currently using: ffmpeg.exe -f lavfi -i movie=flvdecoder_input223.flv[out+subcc] -y -map 0:1 ./output_p.srt
I will be looking to see any updates in the FFmpeg documentation. Can you please elaborate and provide pointers the right decoding options or the right FF command er can use. Thank you!
ffmpeg.exe -data_field first -f lavfi -i movie=flvdecoder_input223.flv[out+subcc] -y -map 0:1 ./output_p.srt
Got that’s fucking brutal. This isn’t even asking them to fix a bug, it’s just basic help-desk shit.
I’m sure Microsoft has some good devs that are a net benefit to the open source projects they use, but this is not one of them.
If you’ve ever been forced to use Teams you must already know they scraped the bottom of their talent barrel for the team that works on it… The software is shit, riddled with bugs to the point where at one point I used to only be able to use teams on my browser because the desktop app just decided to never let me access the text chat, and the browser version I would load it would be a white screen and I would have to refresh 3 times for it to load. But at least it worked after those 3 refreshes. And it was exactly 3 refreshes every single time, never 2, never 4, and 5 was right out. It was always without fail 3 refreshes. Whether loading from Firefox, Chrome, or Edge. Fortunately we don’t have too many meetings with people using Teams these days, so I haven’t had to use it in a while, but its easily in my top 5 worst software I’ve been forced to deal with. Maybe Top 3. But its still miles behind Magento. Fuck Magento, just thinking of it right now gets my blood pumping and I refused to work with it ever again about 10 years ago… Fuck Magento. Teams is at least a distant 2nd or 3rd to that. Absolute crap.
I’m convinced it’s the whole B-2-B software world at this point. The shit starts at MS (or any of the FAANGS) and rolls downhill to everyone else.
We’re working on a huge Dynamics 365 thing at work, and one of the third parties we use for automated testing is just… the product seems barebones, is clearly built on top of open source automated testing tool, and is riddled with indicators that barely anyone works there, from the AI help bot to the “submit a ticket and we’ll assign it eventually” approach to all other interactions.
I looked them up on Linked In and 12 people work there. 8 of them have C-suite or VP titles, and 4 of them are interns from a local university. This is the state of all modern tech: a board room full of investors, a website, and a product barely glued together from FOSS parts by interns. If you wonder why everything feels like a scam now it’s because it is.
Name and shame!
I wouldn’t be surprised to find out it’s Atlassian/JIRA
Found the guy who created the FFMpeg ticket on LinkedIn. Job title: “Principal software engineer”, saying they are “A detailed, analytical Software Engineer with Eighteen years of experience”. 18 years?! Fuck me dead…
We’re working on a huge Dynamics 365 thing at work
So I had two interviews at a Dynamics 365 partner, until they ended up restructuring internally and said they’d “get in contact if they have need for new devs”… Then later I interviewed at an Odoo partner, got the job and ya know what? I’m glad I didn’t get the Dynamics 365 partner job. Not only is our core product FOSS, it actually feels pretty nice as an end user too.
You probably can’t change things at your job, which sucks, but anyone looking at ERP solutions should probably consider Odoo as an option.
There’s a reason Teams is/was shit.
The first teams was written in AngularJS (which is a slow to run resource hog, but fast to develop) wrapped in Electron. It was kind of a minimum viable product, just to build something quickly to get some feedback and stats on what people needed.
The plan was to build a new native version of teams and build it into the next windows while having an web fallback (built on react) for everyone else.
They stopped working on the original teams and started working on the new versions.
They got half-way through working on the native and react versions when suddenly, covid happened.
They couldn’t keep working on the new versions because they wouldn’t be ready for a while, so they had to go back and resume development on the old one, introducing patch after patch to quickly get more features in there (like more than 2 webcam streams per call).
Eventually covid subsided and they were able to resume development on the new teams versions.
Windows 11 launched with a native teams version (which has less features but runs super quick), and the new react based teams (which can now be downloaded in a webview2 wrapper) has been in open beta since late last year (if you’ve seen the “Try the new Teams” toggle, then you’ve seen this). The React+Webview2 teams will replace the AngularJS+Electron version as the default on July 7th.
“New Teams” has been so painful for me, but if I understand correctly that is because my work is still on Windows 10. The Windows 11 version works better than the React version?
The windows 11 teams runs better, but if you’re using a school or work account, you need to use the old AngularJS+Electron version, or the new React+Webview2 version.
So for the time being, the Windows 11 teams is more catered for personal use only. It’s kind of like a modern reboot of Microsoft’s old MSN Messenger. It was included in Windows 11 (rebranded as “Chat”) but it’s been unbundled from Windows 11 installs and I think rebranded again. But not having the school/work account support means not a lot of people use it.
The transition between the AngularJS+Electron version and the React+Webview2 versions is happening now. At some point soon, anyone who is running an OS too old to run the new teams will be forced to use the browser version.
So after their transition, we’ll have to wait and see if they add the school/work account support to the native version because everyone using teams right now only uses those accounts.
So what do microsoft’s crack teams working at? typescript? xbox? vscode? Because those are the smoothest microsoft products I tried so far. The rests seem to get the bottom of the barrel these days.
Seems like they are mostly trying to pawn off their issues onto unpaid volunteers instead of doing any actual development.
You got this dumbass at MS and then you’ve got the other MS guy who’s a god damn hero that very well might have saved the world atm lmao
Jon Skeet? He’s my hero, but he hasn’t worked at MS for quite some time I believe.
He’s talking about Andres Freund, who uncovered the OpenSSL backdoor that was slipped into liblzma from the xz malicious maintainer. Dude saw a valgrind error and a function with a fixed runtime was taking too long and using too much CPU and reversed out and saved a major ssh backdoor from going upstream as Fedora was going to release it just days later.
I highly doubt that he works at Microsoft since his username is Elon Musk.
I’m sure Microsoft has some good devs that are a net benefit to the open source projects they use, but this is not one of them.
Found the guy who created the FFMpeg ticket on LinkedIn. Job title: “Principal software engineer at Microsoft”, saying they are “A detailed, analytical Software Engineer with Eighteen years of experience”. 18 years?! Fuck me dead…
I’m sure Microsoft has some good devs
I’m sure they do too, but I’ve been surprised many times by the former coworkers I’ve learned have ended up working for Microsoft. To put it politely, they were generally not the best programmers I’ve ever worked with.
It’s basically the new IBM.
That’s the level of an intern that has never even seen a command. Imagine not being able to literally cat a string with another string, aka. add -data_field first to a command.
Raymond Chen. Hilariously enough, his best blog posts involve him jumping through hoops for MSFT customers with support contracts.
That, but they couldn’t even insert the advised parameter to the command themselves, instead they had the capacity to basically demand improvement to the documentation, from those “filthy ffmpeg developers”
Tell Copilot to fix it.
Hilariously the issue was just a setting change in the update, that you can easily change via a command option. They saw thing didn’t work, and didn’t read the change log at all before asking to pay a one time fee to guarantee it be maintained for them.
So ffmpeg gets a few thousand dollars for such a simple answer/solution? Sounds good to me?
The problem is that Microsoft wants to pay that for a permanent “never maintain in a way that breaks caption decoding in any default behaviour we use” with that one time payment.
Its a quick fix on Microsofts end to change a quick flag in ffmpeg. It’s also quick on their end to maintain a fork that only changes the default. One time payments for maintenance make open source projects like ffmpeg subject to fail.
Yes, they should have read the update notes. But I don’t see much in the way of documentation regarding the data_field cli option in their documentation even now.
“A failure to plan on your part does not constitute an emergency on my part.” -Someone hopefully working on ffmpeg.
“A failure to plan on your part does not constitute an emergency on my part.”
Wow now that is a quote I’m going to steal. Wondering if “A failure to understand on your part does not constitute an emergency on my part.” has the same punch or is as relevant… anyway, thanks for sharing!
Does that go for the xz vulnerability too? Wasn’t it a Microsoft dev who discovered that?
In this case, it’s actually Microsofts fault. There is no bug in ffmpeg, Microsoft just didn’t properly use it
the xz vulnerability was done through a superflous dependency to systemd, xz was only the library that was abused to use systemd’s superflous dependency hell. sshd does not use xz, but systemd does depend on it. sshd does not need systemd, but it was attacked through its library dependency.
we should remove any pointless dependencies that can be found on a system to prevent such attacks in future by reducing dependency based attack vectors to a minimum.
also we should increase the overall level of privilege separation where systemd is a good bad example, just look at the init binary and its capability zoo.
The company who hired “the” systemd developer should IMHO start to really fix these issues !
so please hold your “$they have fixed it” back until the the root cause that made the xz dependency level attack possible in the first place has been really fixed =)
Of course pointing it out was good, but now the root cause should be fixed, not just a random symptom that happened to be the first visible atrack that used this attack vector introduced by systemd.
I don’t get why they don’t propose a fix themselves.
99% morons, that’s why…
Why spend money when you can bully people?
I see what you’re saying, but no one is being bullied here.
Not really but Microsoft being pushy without wanting to pay for a support contract is kind of on par for that shit company.
Microsoft also makes like half of the languages and dev tooling that every piece of software depends on. Microsoft is certainly problematic but I would not consider their support or attitude towards open source projects in general to be.
half
You’re kidding, right? Especially on open source?
Embrace, extend, extinguish. THAT is Microsoft, so if tomorrow that company burns to the ground, the world will be a little better.
Lmfao, it’s honestly hard to tell whether people on Lemmy are genuine old heads still stuck in the past or just young ones blindly repeating what they’ve heard that sounds edgy.
There hasn’t been an example of Microsoft EEEing something in 20 years. You could literally be in college right now and the past time Microsoft even tried to sabotage an open source project would be before you were born.
To casual tech enthusiasts who want to fit in with die hard open source enthusiasts it’s cool to hate Microsoft, for professional software developers who have seen what say, JavaScript was like before and after Microsoft started working on it, we have a bit of a more nuanced view of them.
Lack of faith in their own talent?
Probably cause the software engineers writing a high level chat app in TypeScript don’t have the skills or knowledge to fix a bug in a C++ video decoder.
Maybe microsoft should try reinstalling windows.
Have they turned it off and on again?
Old issue, so why post it now make it sound like MS demands something?
Opened 11 months ago Last modified 11 months ago
It’s a regression, so ffmpeg should fix a regression.
What regression? It was a PEBKAC
Old issue, so why post it now make it sound like MS demands something?
I think it’s because of that recent security issue, and then the subject of corporations tithing into open source code efforts instead of just using it for freeish, that grew around the discussion of that security vulnerability.
Tasteless! MSFT can have their armies of skilled people do this instead of leeching off FOSS contributions. It’s just not an acceptable move from a profit-driven entity to expect free labor, regardless of the FOSS philosophy of the project!
To be fair, I’m sure this is a lone developer at Microsoft, not Microsoft as a company. A lot of this still absolutely applies, but it’s not Microsoft as a company making an official decision to go ask the FFMEPG guys for free shit.
It’d be nice if the guy had an avenue to go to leadership, tell them about the issue, and just ask them to actually fund the guys to work on it.
They did offer a few thousand as a one time purchase so i doubt this is a lone developer.
But it seems that it’s actually built in to some part of their software so Microsoft is still responsible as a whole.
Companies like Microsoft should really have a fund for fixing open source projects - it’s breeds good will, reduces the cost of development, and they in turn get software for much less cost than if they did it themselves.
Like - we are using project X and I want to request a bug fix, they go - estimate your effort in shirt sizes or points or some shit for you to do it.
A bean counter looks at their scale that directly converts effort to cost they have under the table, and they give you a budget to offer the dev of the software as part of the fix request
I think they wanted something more like $10k/year, which seems pretty cheap when you compare it to the price of one employee.
Fair! But if someone works in tech, this kind of etiquette is something worth learning
They offered a few thousand dollars, but not a long term contract.
That’s fine, but long term maintenance is the main pain for FOSS projects. I am not sure what’s the right protocol here, though. In general, maybe FOSS projects should start a subscription service for big time companies like MSFT. Why not?
I’m honestly in favor of something like that, but when people are saying SSPL isn’t FOSS because it supposedly discriminates against different classes of users, we won’t get the momentum for people to view any sort of “FOSS except for commercial” license as valid or worth using.
Some such licenses exist (not saying they’re good or anything). PolyForm Noncommercial and PolyForm Small Business are two examples https://polyformproject.org/licenses/
I love how that PM brings up the fact that this is needed for a product launch. Like who cares?
Seriously. What part of “BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.” do they not understand?
I don’t see the issus though, opening a GitHub issue isn’t suing
Need to add a ‘not for use with Microsoft products, including operating systems’ clause for a version or two.
I think adoption of the JSLint license’s ”This software can oly be used for good and not evil" clause would cover that. I hear IBMs lawyers had issue with it lol
Yes, but they were satisfied when IBM was given a license to use JSLint for evil.
Good, tell leech corporations and specially Microsoft to fuck right off. Pay for it or do it yourselves.
I wonder if these trillion dollar companies offer support contracts for astroturfing on social media on their behalf. I can’t think of any other way so many people are supporting their sociopathic attitude.
there are companies out there that do this kind of thing.
Cognitive dissonance.
For a lot of people, either they accept “this trillion dollar corporation that controls all my computers, and the programming languages I use, and my code editor, is evil”. Or they accept “this trillion dollar company does lots of good things for me and is good”.
One is easier to accept than the other.
