Offering bounty for bugs in an open source project – good or bad?

Question

We have two well received open source project for web related tools and we could attract a few sponsors via open collective. This means we now have a few bucks we would like to invest back into the communityWe thought about offering bounties and then letting users write invoices to our open collective so they can get paid.The questions would be:1) Is offering bounties even worth it? 2) What range should a bounty be? min. 50$? 3) Write an invoice and get 100% of the money or use a system? 4) What systems are out there and which one would you recommend?The Open Source projects we are considering it for is: https://github.com/open-wc/open-wc https://github.com/modernweb-dev/web

mhh__ · Accepted Answer

We (the D language foundation) have a bounty system.
It's not bad, however I wouldn't expect the world from it: the kind of things that get bounties put on them are often not $150 bugs - i.e. it's not always the incentive you might imagine it to be.
The bounties do however work as a statement of intent for new contributors to see what is important vs nice to have.
I also would let the bounties be set by users rather than centrally.
We also maintain a fund ourselves with enough money to fund a few things ourselves, our so-called HR fund, I recommend doing that also.

hnnnnnnng · Answer

It's a great way to attract people that just want to shove low quality solutions into your project. I recall github or some other org offering free tshirts if you committed to open source. Repos were flooded with one line changes and the real developers got annoyed

capableweb · Answer

Good idea for specific things, where you already know how you want the implementation to be like. Otherwise you can't really control the overall code quality. Small chunk issues that are definite done/not done, and easy to check if it's fixed or not. Price depending on what you think your own implementation time would be * how much you value getting the contribution.

d4kmor · Answer

What I found so far:https://issuehunt.io/ - 10% issuehunt fee - 3.5% stripe fee to deposit also 3.5% to withdraw - search seems good with filters - diverse projects - last tweet in 2019https://www.bountysource.com/ - 10% withdrawal fee - search seems limited - seems to be almost exclusive to crypto - twitter is active

ecesena · Answer

HackerOne has an open source program which is free. You could start with it: https://www.hackerone.com/company/open-source-communityI'm sure you can talk to them then, and figure out the best strategy to offer paid rewards.