On Sun, 02 Nov 2025 03:09:39 +0100 Michael Niedermayer via ffmpeg-devel <[email protected]> wrote: > I like the idea > > Note, the SPI Vice President, who helped us with the STF stuff is possibly > on vacation ATM (not 100% sure). And also this is the first sw development > task we do without > STF/GSoC/OPW. So there could be some extra delay. > I thus suggest if we want to do this, that we move forward with it ASAP so > that > we dont add additional delay
What should the process be? Do I sign a SoW / contract with SPI first? Or does e.g. Stefano just agree to the bounty? Who decides if a given merged patch qualifies as satisfying the criteria? Should the GA have to vote on approving bug bounties? What if somebody else decides to "snipe" a bug bounty while the developer who proposed it is still working on it? I personally think: 1. A contract is not necessary for a one-off bug bounty, just a written approval from SPI should be enough. 2. If there is a dispute, the TC should decide if a patch sufficiently addresses the bug bounty. (Of course, in such a case as the bug bounty involving a member of the TC, they would recuse themselves due to CoI) 3. A GA vote is only necessary if there are dissenting opinions, or ongoing disputes about the scope and amount of the bounty; let's say a week without objections should be enough to greenlight a bounty. 4. Developers should announce when they begin working on a bounty, and then nobody else should be able to claim it until a reasonable amount of time has passed. (Perhaps 12 weeks) _______________________________________________ ffmpeg-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
