Ffmpeg Has Issued a Dmca Takedown on Github
Key topics
The FFmpeg project's decision to issue a DMCA takedown on a GitHub repository has sparked a heated debate, with some commenters defending the move as a necessary enforcement of the LGPL license, while others criticize it as a heavy-handed tactic that ultimately harms the open-source community. The repository in question had incorporated FFmpeg code while claiming to be Apache 2.0-licensed, a clear violation of the LGPL terms. As commenters weigh in, some argue that the violator had ample warning and ignored the license, while others worry that the takedown will stifle collaboration and hurt the community. A notable consensus emerges around the idea that the community will likely respond by forking and fixing the issue, rendering the takedown a potentially Pyrrhic victory for FFmpeg.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
N/A
Peak period
128
0-12h
Avg / period
26.7
Based on 160 loaded comments
Key moments
- 01Story posted
Dec 26, 2025 at 12:48 PM EST
7 days ago
Step 01 - 02First comment
Dec 26, 2025 at 12:48 PM EST
0s after posting
Step 02 - 03Peak activity
128 comments in 0-12h
Hottest window of the conversation
Step 03 - 04Latest activity
Jan 2, 2026 at 3:38 PM EST
2h ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
This is not allowed under the LGPL, which mandates dynamic linking against the library. They copy-pasted FFmpeg code into their repo instead.
[1] https://x.com/HermanChen1982/status/1761230920563233137
Seriously, if we copied in violation their code, how many hours would pass before a DMCA violation?
FLOSS should be dictatorial in application of the license. After all, its basically free to use and remix as long as you follow the easy rules. I'm also on the same boat that Android phone creators should also be providing source fully, and should be confiscated on import for failure of copyright violations.
But ive seen FLOSS devs be like "let's be nice". Tit for tat is the best game theory so far. Time to use it.
Saying this as a GPL hardliner myself.
The problem here isn't a technical violation of the LGPL, it's that Rockchip doesn't own the copyright to FFMPEG and simply doesn't have the legal authority to release it under any license other than the LGPL. What they should have done is put their modified FFMPEG code into a forked project, clearly label it with LGPL LICENSING file, and link against that.
There were opportunities to take advantage of this.
The FFmpeg devs saw the violation, even laughed about how funny it was, then they tweeted.
Immediately the developers from Rockship answered: Herman Chen: "I apologize... lack of understanding on conflict between Apache and LGPL. We will replace these code in future update. And do more homework on open source license."
FFmpeg: "Thank you for your message"
If you need something from someone, and they have not done it, you don't send a bomb after 1.5 years of silence. You can send a reminder.
If after these reminders, they don't know how to do, and you want them to do something, then you can educate them:
- A) Click fork on the FFmpeg repo - B) Move your file to that repo - C) Create a Makefile that will build a .so with that file only. - D) Link that .so with to your project
Takes 10 minutes.
If they do not want, this is a different case, justifying DMCA, but nothing indicates that here in the public communications.
About the 1.5 years; silence != patience.
"We gave them time" is not the same as "we gave them a deadline and reminders."
Now, still:
- Rockchip's code is gone - FFmpeg gets nothing back - Community loses whatever improvements existed - Rockchip becomes an adversary, not a partner
Spent time to think and document all the IRC chats, the Twitter thread, the attitude of the SoC manufacturer, etc.
But here, as FFmpeg is LGPL and we talk about one single file, there is even less work to do in order to fix that.
https://github.com/github/dmca/blob/master/2025/12/2025-12-1...
> ... the offending repository maintainers were informed of the problem almost 2 years ago ([private]), and did nothing to resolve it. Worse, their last comment ([private]) suggests they do not intend to resolve it at all.
Seems like the reporter have them a _lot_ of time to fix the problem, then when it because obvious (to them) that it was never going to be fixed they moved to the next step.
But there's a difference between "refuses" and "apologizes and admits confusion" and then forgets because lazy / or pretends to forget.
Escalation can be gradual: reminder, warning, final warning, then nuclear.
Or, you immediately escalate to DMCA / court and that's very fair, but suddenly like 2 years after silence (if, and only if that was the case, because maybe they spoke outside of Twitter/X).
That way, others know you defend your territory and that compliance is rewarded.
I think here it is a final warning stage (nuclear would be court, which could and should be an option).
Also it’s rude, which is reason enough not to do it.
This is what big corporations do to the little guys, so we owe big corporations absolutely nothing more.
They gave Rockchip a year and a half to fix it. It is the responsibility of Rockchip to take care of it once they were originally notified, and the FFmpeg dvelopers have no responsibility to babysit the Rockchip folks while they fulfill their legal obligations.
> - Rockchip's code is gone > - FFmpeg gets nothing back > - Community loses whatever improvements existed > - Rockchip becomes an adversary, not a partner
This is all conjecture which is probably why you deleted it.
Their code isn't gone (unless they're managing their code in all the wrong ways), FFmpeg sends a message to a for-profit violation of their code, the community gets to see the ignorance Rockchip puts into the open source partnership landscape and finally... If Rockchip becomes an adversary of one of the most popular and notable OSS that they take advantage of, again, for profit then fuck Rockchip. They're not anything here other than a violator of a license and they've had plenty of warning and time to fix.
He offer perspective from a Chinese POV, so I think it is worth people reading it. ( Not that I agree with it in any shape or form )
You are right, and the FFmpeg devs are also 100% right and I perfectly understand that.
In fact I like the idea to push the big corps and strongly enforce devs' rights.
I think earlier enforcement would have been beneficial here, just that dropping a bomb after 1 year of silence and no reminder (and we still don't know if that was the case), is a bit unpredictable, so I wanted to raise that question
All they could say was "we are too busy with the other 1000s chips we have, we will delay this indefinitely".
Ridiculous.
"Distributing buildable source under Apache 2.0 would surely qualify too"
reconcile with
"doesn't own the copyright to FFMPEG and simply doesn't have the legal authority to release it under any license other than the LGPL"
They should be covered as an aggregation, provided the LGPL was intact.
Not sure what you're trying to say here. DMCA takedown enforcement is 100% the responsibility of the Online Service Providers per statute. It's the mechanism by which they receive safe harbor from liability for hosting infringing content.
Once a valid (from a process perspective) claim is submitted, the provider is required to take the claimed content down for 10 days. From there the counter claim and court processes can go back and forth.
You can post your thoughts, feelings, and opinions on google blog, and I can submit a DMCA and google is required to take down your thoughts feelings and opinions immediately without verification.
If you don’t own it and cannot legally relicense part as LGPL, you’re not allowed to publish it.
Just because you can merge someone else’s code does not mean you’re legally allowed to do so.
> This may or may not be possible
I am not sure what you are saying, that is different from the comment you replied to.
The problem arises when you try to distribute binaries. And/or source code (maybe).
Fair use doesn't get thrown out the window because GPL authors have a certain worldview.
Second, there are a lot of non-copyrightable components to source code - if you can't copyright it - you certainly can't GPL it. These can be copied freely by anyone at any time.
Copyleft licenses are designed to prevent you mixing code as the licenses are generally incompatible with mixing.
More permissive license will generally allow you to mix licenses. This is why you can ship permissive code in a proprietary code base.
As for linking, “weak copyleft” license allow you to link but not to “mix” code. This is essentially the point of the LGPL.
If they aren't compatible, then you can't use them together, so you have to find something else, or build the functionality yourself.
In the specific ffmpeg case, you are allowed to dynamically link against it from a project with an incompatible license.
I'm honestly quite confused what FFmpeg is objecting to here, if ILoveRockchip wrote code, under a compatible license (which Apache 2.0 is wrt. LGPLv2+ which FFmpeg is licensed under) -- then that seems perfectly fine.
The repository in question is of course gone. Is it that ILoveRockchip claims that they wrote code that was written FFmpeg? That is bad, and unrelated to any license terms, or license compatibility ... just outright plagiarism.
The notice has a list of files and says that they were copied from ffmpeg, removed the original copyright notice, added their own and licensed under the more permissive Apache license.
To those downvoting, curious why? Many of the links are not viewable, since GitHub hides them, so any discussion becomes quite tricky.
https://archive.softwareheritage.org/browse/directory/ed4b20...
And yep, they only included the most openly permissive ones there (APL2 and MIT), completely skipping everything else. Ugh.
thank you!
The simplest way to comply while keeping your incompatible license is to isolate the LGPL part into a dynamic library, there are other ways, but it is by far the most common.
Patents != copyright
... yet, you did it anyway, without going into detail or providing any clue where these violations (as you claim) are.
If there's any substance to what you say, provide some details and proof, so it can be a constructive discussion, rather than just noise.
It's an open question (the FSF has their opinion, but it has never been adjudicated) if the GPL impacts dynamic linking.
One could argue that if one ships GPL dynamic libraries together with one's non GPLd code, one is shipping an aggregate and hence the GPL infects the whole, but its more complicated to say if one ships a non GPLd binary that runs on Debian, Redhat et al and uses GPLd libraries that they ship.
If everyone just actively boycotted that site, it would become irrelevant overnight. Anything else is simply condoning it continued existence. Don't kid yourself.
It remains to be seen how much 'pull' FFmpeg has against the 'push' of Rockchip.
Intentional noncompliance with copyright law can get you quite a distance, but there's a lot of money involved, so if you ever catch the wrong kind of attention, usually by being too successful, you tend to get smacked.
It's fairly trivial to block torrent traffic.
Checks out sufficiently dystopian, yep.
That's the most techbro-brained idea I could come up with.
https://github.com/nyanmisaka/ffmpeg-rockchip
Rockchip is a hardware platform, what hardware the code runs on isn't relevant here.
Really, it comes down to encoding. Arbitrarily short utf-8 encoded strings can be generated using a coin flip.
It's trivially true that arbitrarily short reconstructions can be reproduced by any random process and reconstruction length scales with the similarity in output distribution to that of the target. This really shouldn't be controversial.
My point is that matching sequence length and distributional similarity are both quantifiable. Where do you draw the line?
Picking randomly out of a non-random distribution doesn't give you a random result.
And you don't have to use randomness to pick tokens.
> My point is that matching sequence length and distributional similarity are both quantifiable. Where do you draw the line?
Any reasonable line has examples that cross it from many models. Very long segments that can be reproduced. Because many models were trained in a way that overfits certain pieces of code and basically causes them to be memorized.
Right, and very short segments can also be reproduced. Let's say that "//" is an arbitrarily short segment that matches some source code. This is trivially true. I could write "//" on a coin and half the time it's going to land "//". Let's agree that's a lower bound.
I don't even disagree that there is an upper bound. Surely reproducing a repo in its entirety is a match.
So there must exist a line between the two that divides too short and too long.
Again, by what basis do you draw a line between a 1 token reproduction and a 1,000 token reproduction? 5, 10, 20, 50? How is it justified? Purely "reasonableness"?
Doesn’t invalidate your story in the slightest - I just know they’ve gotta be chasing this, specifically, like it’s life or death.
[0] https://githubcopilotlitigation.com [1] https://www.theverge.com/2022/11/8/23446821/microsoft-openai...
Copyright and patents are completely independent concepts.
The “perpetual” part is the issue but “rent seeking” is the entire reason that copyright and patents exist to begin with.
This sounds pedantic, but it’s important to not mistake the means for an end:
> To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;
https://constitution.congress.gov/browse/article-1/section-8...
Did you know that Facebook owns the patent on autocompletes? Yahoo owned it and Facebook bought it from them as kind of a privately owned nuclear weapon to create a doctrine of mutually assured destruction with other companies who own nuclear-weapons-grade patents.
Of course the penalty for violating a patent is much worse if you know you are doing it, so companies are very much not eager to have the additional liability that comes with their employees being aware that every autocomplete is a violation of patent law.
The real (legal) question in either case, is how much is actually copied, and how obvious is it.
It’s also incredibly hard to tell if a LLM copied something since you can’t ask it in court and it probably can’t even tell you if it did.
But the issue with copyright I think comes from the distribution of a (potentially derivative or transformative in the legal sense) work, which I would say is typically done manually by a human to some extent, so I think they would be on the hook for any potential violations in that case, possibly even if they cannot actually produce sources themselves since it was LLM-generated.
But the legal test always seems to come back to what I said before, simply "how much was copied, and how obvious is it?" which is going to be up to the subjective interpretation of each judge of every case.
It's already fixed. Anything you make with AI cannot be protected in any way (UK gives some leeway on certain types of creations).
So if it mimics code from ffmpeg for example, then ffmpeg wins.
Questions about LLMs are primarily about whether it's legal for them to do something that would be legal for a human to do and secondarily about the technical feasibility of policing them at all.
The law exists mostly to oppress. It's exactly the argument that gun proponents make "Only the good guys obey gun laws, so only the bad guys have guns."
All the good guys are losing following the law, all the bad guys are winning by violating the law. Frankly, at this stage, they write the laws.
I remember Rowan Atkinson (the UK actor) made a speech about this effect a couple of years ago and never heard about it since but definitely feeling it more and more... No exposure, no money, no legal representation. And at the same time we are being gaslit about our privilege.
It took 2 years because FFmpeg waited 2 years to send a DMCA notice to Github, not because of delays in the legal system. I think you are conflating different unrelated issues here.
Another example exists in Ontario's tenant laws constantly being criticized as enabling bad tenant behavior, but reading the statute full of many month delays for landlords and 2 day notices for tenants paints a more realistic picture.
In fact, one such landlord lied, admitted to lying, and then had their lie influence the decision in their favor, despite it being known to be false, by their own word. The appeal mentioned discretion of the adjudicator.
Not sure how long that can go on before a collapse, but I can't imagine it's very long.
I think it should be perfectly OK to make value judgements of other people, and if they are backed by evidence, make them publicly and make them have consequences for that person's position.
I do agree however with your assessment because any (additional) accountability would improve matters.
[0] https://globalnews.ca/news/11487484/cra-tax-service-calls-au...
Declining civilizations obsess over rules. Rising ones obsess over outcomes.
The West has turned software into theology. Licenses are no longer pragmatic tools; they're moral texts. You didn't just copy code incorrectly, you sinned. You violated the sacred distinction between "dynamic linking" and "static linking" like a heretic confusing transubstantiation. So of course the response is excommunication via DMCA, administered by a US platform acting as the high court of global legitimacy.
China, meanwhile, treats code the way early America treated British industrial designs: as something you learn from, adapt, and improve until it disappears into the background of actual progress. This isn't because Chinese engineers are "confused" about copyright. It's because they don't share the Western belief that ideas become ethically radioactive if they cross an invisible legal membrane without the right ceremony.
What HN calls "license violations" are, in a broader historical sense, the sound of a rising system refusing to internalize the anxieties of a declining one. The LGPL is a product of a very specific moment: European legalism meeting American corporate compromise. Pretending it's a universal moral truth is like insisting everyone must use QWERTY because it worked for typewriters in 1890.
So when GitHub issues a DMCA takedown, it's not defending openness; it's defending relevance. It's the West saying: the rules still matter, please keep caring about them. But history suggests that once you're relying on process to assert superiority over results, you're already late.
You can cheer this if you want. Just don't confuse enforcement with inevitability. The future usually belongs to the people who ship, not the ones who litigate why shipping was noncompliant.
That self-interest has led to cooperation between humans. Humans have evolved to work together, cooperate, form social bonds, and friendships because doing so improves survival and wellbeing over the long run. Civility is part of that toolkit. It is not a denial of self-interest. Civility is part of that self-interest.
That's a pretty substantial assertion and without much to back it up.
The framing of copyright as basically the same as ownership of chattel or land is a propaganda campaign.
I don’t think Rockchip learned from the ffmoeg code. They simply copied it outright without attribution.
If you publish the code, there's an argument to be made that yes, others should freely use it: if you could (or did) monetize the code yourself you wouldn't publish it. If you didn't, or failed trying to monetize it, maybe it's better for society if anyone else also gets to try?
> Declining civilizations obsess over rules. Rising ones obsess over outcomes.
Heard that in a very different context. Care to mention what you are referring to? How do you know?
24 more comments available on Hacker News