[montzark]

Imo other related code of the person who made that mistake should be audited, could be there is similiar mistake somewhere else.

Additionally imo possible that some developers would intentionally make such mistakes to sell these to interested persons, there are millions to be made here.

[vitus]

The breakage [0] was introduced by the creator [1] of the project. If you want to audit 1674 commits over the past 12 years, it'd be easier to just audit the full project.

[0] https://github.com/webmproject/libwebp/commit/21735e06f7c1cb...

[1] https://github.com/webmproject/libwebp/commit/c3f41cb47e5f32...

[isodev]

Establishing a blaming culture would be quite detrimental. Bugs happen, regardless of who commits the code.

A more robust approach is to implement appropriate checks (like fuzzing, code analysis etc) that offer an opportunity to review and correct issues before they ship (and for people to learn from).

[irundebian]

The chromium developers do all this but this hasn't prevent this bug.

[summerlight]

That's not a good reason to just blame a specific developer instead of having the best practice in place.

[isodev]

It's software, bugs happen.

[irundebian]

Many bugs can be prevented.

[flohofwoe]

Why even bother looking at other code this person wrote? Straight to jail for such a capital offense!!! (jeesus dude...)

[yjftsjthsd-h]

Nobody said that. The suggestion was that probably that if this is caused by, say, one person having a slightly wrong mental model, it's worth checking if they made similar mistakes elsewhere. Not necessarily implying fault, just a heuristic. (And given the particular author, in this case probably not super useful, but still a decent question)