The UI imposes a 5% minimum (and 15% default) value for "Tip thanks.dev" under "How much would you like to donate each month?" on https://thanks.dev/settings
This implementation is clearly for-profit. I want to directly tip open source projects using a system that doesn't involve other third parties taking a significant cut.
What are your fees?
Tips at time of donation. You decide.
If payment is required to use a service then that payment is not a "tip" - it is a "fee". Anything over the required payment would be a "tip". This FAQ answer implies that the required payment is zero, which, it turns out, is false.
There is absolutely nothing wrong with charging a fee for a service, but there is something wrong with lying about it.
> There is absolutely nothing wrong with charging a fee for a service
Agreed, but percentage-based fees can quickly become an unfairly large part of payments. I love the idea of this project, but I'd prefer there to be a 5% or X dollars minimum, so that if 5% is more than X dollars, then it doesn't force 5% minimum. If I'm donating $500 to 45 projects, then each project on an even split is getting $11, but thanks.dev is getting $25 even though their service isn't actually in use by my app/service. Seems unfair to me.
My guess is that more than half of that $25 goes to the payment provider (Stripe etc.). Maybe more.
The remaining ~$10 will go to thaks.dev to cover operational costs, administration and other expenses.
I don't expect them to work for free. If you think it's unfair, contact the developers directly to see if you can wire them money (to avoid PayPal fees). If it's too much work, you can pay services like thanks.dev that does the work for you.
Please take more time to read the context. If you read the post that I replied to instead of jumping to conclusions, you will find that you are incorrect
$25 refers to the 5% fee of the total amount ($500) that the site takes. I said that more than half of that fee is used to pay Stripe.
The irony of "someone should build something for free" when complaining about a donation system for helping open source projects get paid for their work.
Why would this be irony? If anything it's irony that they're offering a for profit service to facilitate donations vs adding themselves as a donor recipient on their platform.
No, the idea of having a simple payments system for open source devs to use to get paid for their "free" software should be "free". Let the merit of the software dictate. That's the whole point of open source. To build things freely and openly to make the best possible software that we (humans) can make. We should also expect the same in the tools we rely on to do that work. It's not a hard ask. It's a philosophy of not wanting a corporation to own the keys and profit from others work. Stripe already takes 2.9%+. I don't want someone else taking 10%-30%. Then I have to give the government 30%.
The "free" in FOSS is about being able to use the software as you see fit, without restrictions. Not that you don't have to pay a dime. Sure in practice the software is usually "free as in beer" but that's a side-effect, not a goal (or guarantee).
> the idea of having a simple payments system for open source devs
A payment system is never simple and if it's more than a standardized "funding.txt" format it will have running costs and someone has to cover these. How much this system should charge is debatable, but it should probably be higher than 0%.
> To build things freely and openly to make the best possible software that we (humans) can make.
This only works in a system where humans do not need money to live. This is not our system. In a capitalist system, for better or for worse, if you don't own a means of production you must work to get money because you need money to live.
We should recognize the value of work, and if it is useful, pay for it. It is only normal in such a system. I wish we were in a commons-based society, that all resources and production would be decided by workers in quantity and distributed based on needs, but that's not our system.
Have you not read the too many stories of open source developers struggling to make ends meet ? Of the gpg guy saying he might give up because it's just too much ? Of all the devs on the edge of burnout because of all the stress and the demands of people not here for participating but only for their own service ? Of the very article we're talking about ?
I would love to live in a system where everyone is actually free to do whatever they want with their time, all day long, all year long, but that's not where we live today. What kind of people has enough time and energy to devote hours of their lives to something that is not their primary way of earning money ?
I too use only FLOSS, and only put out project under copyleft licenses, but that doesn't mean I'm blind to the structures in which we live in.
> Thanks.dev presently supports itself through a voluntary tip percentage that, if more than zero, gets deducted from donation amounts along with a Stripe payment processing fee prior to distribution.
I also think they should allow manual addition of projects. E.g. I use Syncthing but that won't be found in my Github/Gitlab scans. I can donate via Github too but would be easier if I can have one place to control all such donations.
My Name is Armin Nehzat (aka armini), my brother is Ali Nehzat (aka qwerki). Feel free to also look us up on linkedin if that helps. Here's a podcast of my brother talking about how he started the project https://podcast.sustainoss.org/148
Sponsors have a slider that allows them to adjust their tip from 5% to 100% of their monthly donation. We figured minimum 5% would cover our compute & merchant fees but left it to the community to decide what we should get. We thought this was the most aligned approach with open source. Totally open to other ideas and suggestions though.
Under "Why don't the sum of my individual donations total to the amount I've donated?" you list stripe processing fees as #1...
So no, if you're taking a minimum of 5%, then any reasonable person is going to assume that you've already deducted the processing fees, not covering them out of that 5%.
I don't see any dishonesty here. They are in fact covering the fee out of the 5%. That means they are taking less than what "reasonable" persons think in your opinion.
The text may be imprecise, but it's a long way from dishonesty. In my opinion dishonesty requires a motive, and I don't see it here. If the 5% did not include fees, it would perhaps be different.
I work for a > 100 people company where the business model is entirely based on donations. We are using stripe for payment and it costs us money, but you can still use our service freely if you want to.
I agree it is not simple, but it proves it is doable.
The difference being that this service has real tangible costs such as card fees for every transaction. That's not really comparable with "it would be nice to be paid for my time" when pushing your code to GitHub. I haven't used the site but it seems reasonable that one solution won't apply to all kinds of projects.
They could break out the transactions explicitly. That would help reduce the feeling that they're taking more than their share, if they're not doing that.
Well, if they're there to secure a good chunk of peanuts for themselves, for being the intermediator, many would find this shady and wont want to deal with them.
Sorry, someone donating $10,000 to their favorite FOSS doesn't want an intermediator to take in $500 just for making the transaction.
Even more so when the actual transaction infrastructure is not going to be their's anyway, but some banks or Stripe or whatever.
Absolutely appreciate & respect your perspective. We're passionate about making open source sustainable & understand that there can be multiple ways of achieving this goal. The more ways money is channeled to the community the better...
I think it would be easier to defend taking a cut if the cut was calculated in the same way as for the dependencies, e.g. next.dev being automatically added to the list.
For every OpenSource project I donate to, I check, whether they provide a SEPA IBAN, then I just set up a monthly transfer of a small amount that I can afford instead of a bigger single donation.
Whenever possible, I try to avoid any instances in-between which take some % of the cake.
There is some overhead in collecting money. When you use a charge card a small percentage goes to the credit card and processing companies.
There are some gas stations in Massachusetts that have a slightly lower cash price because they don’t have to pay that fees and pass along the savings. Most businesses nowadays just fold that fee into the price.
If they are upfront about how much I’m ok with it. Otherwise you can send a check, but no one is using that option.
The service also completely blocks VPN users with a 403. That seems like blocking a pretty good chunk of your target audience to me. I will absolutely be looking elsewhere to support projects I benefit from.
People will sign praise your work, tell you how much they depend on it, and how it changed their lives. Others will ask you tricky questions that really ought to be asked to a lawyer.
...and they still won't donate a cent. I get about 70 cents per thousand unique visitors. About one in every 14,000 visitors donate. Affiliate income is roughly 100 times that without trying.
Let me put it differently: with the same traffic, donations barely cover my groceries, and affiliate income is a comfortable salary.
I'm at peace with that. I make free things for a reason. It's just something to keep in mind when suggesting donations as a business model. Doubly so as an alternative to ads.
Another tidbit: praise people who create the things you use. It feels so good to know that people use and love the fruits of your labour. I've become lavish in my praise after experience the effects of it.
I think the main obstacle to donations, even for those who _would_ wish to donate, is the fact that it requires a premeditated process (e.g. going to the project homepage to donate) or that it makes the request _before_ the user had a chance to realize how useful it is, rather than after.
If instead there is some way to capitalize the timing of the user experiencing "wow this makes my life so much easier!" to remind them with a low-friction shortcut to make a donation, this short-circuits the cognitive process that previously require the user's mind to go out of its way to invoke their "oh, I should probably donate" sense of reciprocity.
As reviled as impulse-driven microtransactions are, I think there is much for open-source projects to learn from and wield in an ethical manner.
Right now it seems there is a false dichotomy between being either [be unethical and leverage user impulse] or [be ethical and off-putting to the user].
There is no reason why an understanding of the psychology in friction-reduction can be utilized ethically to encourage "impulse-reciprocity".
A model that might be worth analyzing is the streamer-donation UX flow -- yes it can be used irresponsibly to encourage parasocial obsession, but in the hands of the responsible it is a facilitation of healthy engagements with the audience
My tip jar is in my email signature, which means it's part of the answer people get when they request free support from me. It's also at the end of the content they consume from my website.
Depends how you present it. The Ubuntu download page used to punch you in the face asking for donations. They also tried sliders, asking downloaders to choose how to spend the money they donated. These were super successful. People felt in control of how their money was spent. There was no way for them to check in on that, it was a trust process. But the net result was a lot of people donated a very significant amount of money.
Similarly I understand (from an interview with the developer) that the eBook software Calibre gets a significant number of donations from users via the giant donate button in the toolbar.
I do agree, having a "tip jar" option for donations is rarely as successful as the above methods though. Not diminishing your personal experience. Just saying it's possible to change the way things are done, and get more.
Tipping in the real world is easy. You just leave some of the money you have on you. Tipping online is a far more deliberate process, unless you're already processing payments.
Thanks for sharing your experience & insight. You’re observations are similar to our experience. We as a community could always do a better job recognising & rewarding each other.
I use affiliate links for the products I mention in my guides. There is no promotion beyond "if you need this service I just talked about, these options exist in your language".
If I actually pitched products, I'd make even more.
I have no insight but I could imagine that GitHub are going to offer something similar based on that data at some point in the future.
For us the "top" developers on that page are people with 150+ repos that we depend on that I have never head of before. It turns out that they are all tiny JavaScript libraries that we depend on in some repository that's not part of our real product.
I'm happy to sponsor them as well but it'd be cents not euros per month compared to libraries that do the "heavy lifting" for us. At the moment we hand-pick things, also not ideal.
All of that text to say: This is a hard problem, I have no idea how to solve it but I applaud you and everyone who's giving it a shot.
A 5% flat fee is too much for me though, if it had a cap then it'd be different.
Same here, that list from github is close to useless.
In some cases we depend on a library indirectly, because we use a wrapper to match it to our stack. An old school example is we use bower, and want to use the uglify library. Someone has made an uglify-for-bower wrapper, that's like 20 lines of code, so we depend on that. But all the meat, and where I would like the money to go, is the uglify maintainers, one level down.
I'm not saying those people making the wrappers haven't brought us some value. But it's less than the underlying library.
Github falls prey to this. My guess is thanks.dev also would? But at least it has a "boosting" option, I just don't want sindresorhus to scoop up all the money...
That doesn't stop us from sponsoring some projects, it's just a manual process and having this automated would be great. Not sure if thanks.dev can do it but at the moment I'd probably like to exclude the whole JavaScript ecosystem and just include one or two libraries that I _know_ we're using.
And I'd like a similar thing as thanks.dev but for non-code-dependencies. Let's say our devs are using Kubernetes, Kind, Visual Studio Code, VLC etc. - they are not dependencies of our code but it'd be good to have those sponsorships also managed in a single place.
There may even be some use in having a standard format to define those kind of things so they can be machine readable. i.e. I'd like a repo that contains a file with the tools we rely on that can then be used for sponsorship purposes. Like a SBOM for internal tooling.
Yeah, good point on the non-code-dependencies. While most of them I use have some big corporate backing, there's lots of small invisible things running everything getting little attention (like the old openssh story)
If you have the time, we’d love to connect with you on our discord & learn more about your experience. It’s a hard problem & that needs a strong open community. Given the recent PayPal incident, I don’t think GitHub should be the only solution.
I do see your point but in this case _everyone_ pays the 5% even though the payout only happens once per project and the payment also only happens once per person donating.
It might be that it is this expensive to run, I don't know. It just seems unfair to me that the platform would get 5% and "only" 95% are distributed to the projects. I do understand that everyone has a different definition of "fair" and I also don't know what I'd be willing to spend. It's something I'd need to think about.
Letting Microsoft GitHub try to monopolize laterally in the developer space by doing funding is going to lead to further lock-in for folks down the line. I’d be wary of supporting them with a chunk of your donation.
At first I thought "Oh another Patreon/Open Collective" but actually this is kinda neat in how it works.
Slightly offtopic, but every month when my Patreon donations get processed Patreon sends me this STUPID email with "Tweet your receipt!"
Honestly, it's so pathetic. It's like giving food to a homeless person while filming it so I can post it on Twitter.
Yes I realise it's an option and I don't have to (nor do I) click it.
I love and support this idea very much. I had actually been thinking about this exact solution myself, but I'd personally want to stay clear of anything involving real money, so it's great that you're doing it. :)
Just a note which probably isn't worth your time to act on, but using this service as a maintainer in Finland is illegal unless you can offer a geoblocking feature that can block any Finnish supporters from routing money to Finnish maintainers. This is due to our Money Collection Act which prohibits soliciting any donations except for very strict circumstances which aren't really applicable here. Might be worth a note on the page if you have extra time, since this is not know by many Finns that I've talked to.
Not sure if you're assuming that I am using the service with the wording "for you" or if it's a general question (I'm not a user). But if it's a general question, legally speaking, my best guess (not a lawyer) is that it would be perfectly legal to make a maintainer account to forward the funds to other projects, since you are not receiving anything. I guess you know if a feature like that is worth the trouble to implement.
That’s good because maintainers who receive funds can forward it to others or even send it to an open collective. That helps keep the money circulating in the ecosystem.
So it looks like the idea is it goes through your GitHub dependencies, and splits your donation up among them.
That’s a pretty neat idea.
I wonder if it would be possible or even desirable to try and get some automatic measure of “how much” you depend on a given project, to weigh the split. Probably that would be really difficult to capture. Anyway the current idea is already pretty cool.
Not automatic, but it already supports a measure of "how much" you depend on a project: boosting. You can boost dependencies up or down by up to a factor of 20 (e^3).
Regarding the post generally, using the problem of “how should I re-distribute my donations” to help solve the problem of “am I actually willing to be part of your software supply chain or am I just a hobbyist project, good luck using my code” seems like a nice way of hitting two birds with one stone.
Re gaming the system you're totally right. Although slightly unintuitive, we've also heard the opposite from maintainers. That they'll be motivated to remove the silly one line packages from their dependency trees due to the imbalance of value they provide vs extract.
We also prune self dependencies, circular dependencies and a few other cases to keep things level. Hopefully we'll be at a stage to open source our codebase soon and can better leverage community feedback in this space :)
You're absolutely right. When you login you can actually see a list of dependencies & make your own adjustments. While thanks.dev makes a recommendation based on what's analysed, sponsors are able to boost or exclude beyond our recommendations. It's not perfect & has a lot of room to improve but we hope it's a good starting point :)
One thing that I haven't seen addressed here or in the FAQ is:
What happens to donations towards dependencies where the maintainer / organization / group of maintainers is not registered at thanks.dev?
The FAQ has a section titled "What happens if I don’t claim my balance?", but I think this only applies to people registered at thanks.dev.
I'm not even sure that thanks.dev would be able to reliably contact developers that / maintainers in all (most ?) situations.
great observation & questions, we will update that on our FAQ shortly. If users aren't registered then we can't verify who's project admin & no funds will be allocated to them from the sponsors pool. Only when an admin register then we can allocate funds.
If I decided to sponsor my project's dependencies with say 100 USD and none of the developers are registered with thanks.dev – which seems like a reasonable assumption, especially as thanks.dev appears to be a young project – I wonder what happens with the money.
The money can't be allocated.
Does thanks.dev just keep it? Is it "stored" until it can be allocated?
And if this is the case: From the information on allocation it seems that all of the money will be distributed between all eligible developers (possibly 3 months after devs don't claim their balance)?
If so, what if there is only one (transitive) dependency that is registered with thanks.dev?
"Webpack receives close to $200k in funding per year via OpenCollective but its direct dependencies receive minuscule amounts of funding, and there are 80+ of them."
I’d love too but I dislike using payment processors as middlemen for online transactions! I see you’re using Stripe which is one of the worst processors because they opaquely block all sorts of transactions. It would be great to use a system like this to promote and fund open source projects and fuel cottage industry without having to include megacorporations. Make a mail cash option for people who don’t want to show their papers to a payment processor!
Thought about this in a conceptual way some years ago [1] and the best option seems to be to let the developers decide how they want to be paid, i.e. have a `thanks.dev` file in the tree of the package with JSON-like data, e.g.
"payment": "iban", "data": "IBANCODE"` or
"payment": "link", "data": "https://..." or
"payment": "cryptoCoin", "data": "0xb3..." and so forth.
Of course, the problem is there are many different ways of giving thanks, so a protocol is required, that's the hard part actually in this space, standardization.
Why would there be fraud? The IBAN/payment link/crypto wallet/etc. is only one way: anyone can deposit, only one can withdraw. Everyone knows the IBAN for donating to Greenpeace, but only one can sue them [1]. As for the file itself, not being changed by a third party, the distributing program can check hashes of current payment method vs. previous and notify accordingly.
Funny, but that seems more of a mistake on the bank side, and given that the article is from 2008, I am not surprised. Lots of things went wrong in 2008 on the banks side. Nevertheless, in principle, having a public IBAN is harmless.
Genius idea. I try to donate to open source software I've used for long time, especially if I cannot contribute any code back. This site seems to automate the process of finding out which dependencies of your software are accepting donations.
Unfortunately, I cannot use this right now, because Maven dependencies can't seem to be found, and neither can Cargo dependencies. I decided to test it with an app that uses a mix of ClojureScript and Rust. There is a shadow-cljs.edn file at the root level of the folder, but those dependencies are not picked up. Neither are stuff in a package-lock.json. There is a Cargo.lock file in a subfolder, but that does not seem to be scanned either.
However, I am able to verify there exist dependencies, in each of these files, that are actively seeking for funding and use GitHub sponsors.
Hi Koito17 Thanks for trying it out! Are you able to ping me your github handle so I can get to the bottom of it (email in profile).
Alternatively, for multi-project repos you can add a thanks.yaml file to the root of the repo with a `maxDepth: 2` value inside it. Unfortunately, deep scanning the entire repo looking for files would be prohibitive due to GH rate limiting hence this approach.
Please keep me posted. I'm also available on Discord if you need anything.
Hi. First of all, thanks for the quick response, and more importantly, working on this cool idea!
I see on the website that CLJS isn't supported; that's fine. But the NPM dependencies not being detected does intrigue me. I'm going to follow up with you on Discord if that's fine
I really want someone to succeed at this and I like the approach but you need to run not walk to making it usable without private source code access. That’s a non-starter.
Absolutely fair point & this is something we're working on to open source. If you'd like to join the community feel free to join our discord https://discord.gg/fQGqvQdWxq For context sponsorships & donations have tax implications in different geographic & implications for our community. We're working to get better clarity on these points with our beta users.
Why Array.isArray() when you can require("isarray").isArray()? (Node.js 0.10.0, Fx 4.0)
deep-equal has 43 packages (& 17m weekly downloads) that are mostly (is|has)-* packages or redundant wrappers like for-each and object-keys (https://npmgraph.js.org/?q=deep-equal) and you’ll find this package included in a lot of upstream libraries. Ask for a banana and get a gorilla and forest... Luckily many have moved to fast-deep-equal (0 dependencies), but there are a lot of other examples of this sort of thing.
But dependency tracking is hard and all of these platforms only scratch the surface. For example, I've never seen a solution that detects C libraries used from other languages, let alone the dependencies of these libraries. Then there are build-time dependencies which are hard to detect. Here's an example of a complex dependency chain:
redmine -> ruby-commonmarker -> libcmark -> re2c
Wake me up if someone offers a solution that detects chains like that.
You open source guys need to figure out a way to charge people for the value that you provide. You ran the experiment for a very long time and it looks like this "beggar" model really doesn't seem to be working for the vast majority of your projects.
Take money, don't wait for people to give you money for the free value that you provide.
This 100%. I run a German limited company (GmbH) and I can't just send money somewhere without a proper invoice. I've even had issues with paid services (think VPN providers etc) that don't send out invoices, so then I'm stuck with an expense that I can't deduct as a business expense. Make sure you can issue correct invoices, and let potential customers know upfront!
I’m actually optimistic about the progress & shift in behaviour. There’s a few companies that are setting a clear example & leadership in this space like Sentry, sourcegraph & cash app who genuinely want to help improve the ecosystem.
The intention is laudable, but this kind of business model makes me think of all these NGOs appearing in the 90s/2000s purportedly to "help poor africans" [0,1].
While many have been (trying to) do their best, it's unfortunate that many got richer on the back of the people they were supposed to help. Sometimes with local accomplices who also benefit from the grift.
I guess the main take away would be that transparency and accountability are paramount if you want to be part of such an ecosystem, especially as a middleman for money transactions.
> You need to enable JavaScript to access thanks.dev.
Not a great start for delivering me basic information on what this even is.
Reminder that Microsoft GitHub and GitLab do not have a duopoly on decentralized (self-hostable) version control. Products like this feed into folks feeling compelled to join big, proprietary services.
Neat idea. Would it be useful to let folks analyze a repository without signing up? I'm thinking a user may want to scan a large repository and get a report (top X sponsor-enabled dependencies). This might be useful data to present during funding discussions.
I'm more than happy to help, just connect with me on https://discord.gg/fQGqvQdWxq we're currently doing this for a few presentations. It just depends on the ecosystem that specific org is managed under.
I'm on the receiving end of donations from sourcegraph using this. It's around $10 per month from that single donation and is for the only Go HTML santizer, which you use when you have user generated / untrusted input that you need to display as HTML. https://github.com/microcosm-cc/bluemonday
For me the library has been good enough for my own use for a very very long time. I mostly neglect it unless there's some critical issue (which there hasn't been for a very long time — but clearly infosec world knows this lib exists as when I do make changes with crap commit messages I get emails asking what the implications are). I don't improve it at all as my time is better spent on my day job.
I've often thought that there's room for improvement such as a DOM style sanitizer to validate HTML input rather than just a SAX style sanitizer, perhaps formatting of output in addition to sanitising input, transformation rules to allow a safe embedly type thing, etc.
When I got the initial donation I was surprised, first ever bit of support for open source software I'd written (as this was not written on company dime).
Even at $10 per month it is motivating enough to think someone values it. If it accrues into something significant then I may actually feel motivated to improve it rather than just support it.
Interesting is that I'd regard this OSS lib as successful by usage as sourcegraph says 803 projects use it — but given that a fair number of those are things like Hugo which in turn have thousands of forks and many more thousands of instances of use, well it does appear that this sanitizer is to safe HTML in Go what https://xkcd.com/2347/ illustrates. Originally it was written for my own use and it's now used by virtually everything in the Go world that makes a website.
Perhaps people don't know this and libraries like it exists though? Perhaps they import some web framework and this came with it? Well, for that awareness thank you to thanks.dev
Of the models I've seen so far for supporting individuals who create OSS code this one stands out by highlighting dependencies. Likely the solution is a blend of things... a commission type system for rare engineers and skills (i.e. https://words.filippo.io/pay-maintainers/ ) and thanks.dev for the long-tail of those who have done things and you want to use it long-term. There are also companies who create OSS software, and if you value their work and don't want what they produce to go behind Enterprise differentiation then perhaps pay for their services too.
reading this comment made my day :) thanks for your contributions to open source, the least we could do is recognise & reward you for your work. What people often forget is the people aspect of open source. I've done countless interviews with open source maintainers & you are all just awesome https://www.youtube.com/@thanks_dev it's a pleasure working with you & I love hearing your stories
Exactly. Many OSS developers work for free. Myself included (I develop some OSS software). And the way I try to be a good OSS citizen is by being constructive and supportive in various OSS communities I care about. You're not going to get my money. But you might get my time, attention, and skills. For free.
The way the OSS communities works is not money but value creation. There are all sorts of value people get out of creating things for each other. People like the recognition and appreciation they get for their work, the satisfaction they get out of doing a thing, the interactions with others, etc. Plenty of ways to get value from creating stuff for others. And sometimes people actually get paid directly or indirectly to work on a thing. It's fine. I'm not against that. Just don't expect/demand me to pay for a thing. And I won't do so either. That simple promise is why OSS works. We both end up getting some value if we work together. And we might even get paid indirectly. For example I have a consulting career and I dabble in startups. So my motives are not entirely altruistic.
Our take on this is that funds should distribute across the dependency tree. We currently facilitate trickling your budget 3 levels deep. https://thanks.dev/static/how covers this in more detail.
That seems like a pretty sensible way of doing things.
I wonder: will people find a way to exploit it? E.g. create a simple but useful dependency that uses 100 sub-dependencies, all by the same author? Will larger, more self-contained dependencies lose out to small ones?
All it takes is contributing a small % of revenue back. I'm not decided that 10%-30% will be the final # (can a business give that much and still compete?), but then also some of me feels that it should actually flip at some point (30% for nimbus, 70% for F/OSS project) if most of the value is actually the F/OSS project (i.e. the project is so high quality that all we do is mostly run it and upgrade it happily).
Right now only the Redis service is available (object storage is coming soon (tm)), but kick the tires:
One thing we haven't figured out is how to pay library authors. dunno what to do, but early idea is some % contribution and letting people calculate allotment (ex. 5% of your 20% revenue donation must go to libs, but you pick which libs you depend on get the most).
Thanks for the kind words -- I do have to make it real, and make sustainable profit first before my aims mean anything, but at least I think I'm pointing in the right direction.
> Much confusion that this ___domain isn't for the Nimbus weather station.
> Ah, the cloud! Is there anything it can't do?
Well looks like there might be a name change in the future... That might be a legitimate confusion point.
Concerning soending, open-source contributors are not employees. They do contribute to business, but wouldn’t do what you need if you needed it, like fixing vulnerabilities. There should be the same difference as between standard on-the-shelf products and custom products made for the industry, that fit a particular purpose.
> Concerning soending, open-source contributors are not employees. They do contribute to business, but wouldn’t do what you need if you needed it, like fixing vulnerabilities.
I agree, there's value being brought by both sides of this equation -- F/OSS developers for building something valuable, and Nimbus for providing it, making fixes/upstream contributions when necessary, etc.
The problem with the current state of things is that the value capture is ~0% for F/OSS projects. Maybe 15%-30% is too high, but it needs to be appreciably above 0% for F/OSS to flourish.
> There should be the same difference as between standard on-the-shelf products and custom products made for the industry, that fit a particular purpose.
Would you mind expanding on this? Are you advocating for open core? It's not that I want to provide an enterprise version of 10/100ss of software -- more that I think there's value in them as a service (use Postgres, but avoid getting a degree in Postges administration).
The idea is to do just enough hacking that makes the service more reliable and sustainable to run without manual ops burden -- that's the differentiator for Nimbus (along with know-how).
Make it as organized/structured as possible. Go through the social initiatives arm of the firm, if they are big enough to have one. To them "our social responsibility initiatives" or "open source community contributions" sounds better and webpage-worthy than "we pay project X, Y and Z" (even though that is basically what it boils down to).
On the other hand, for a smaller firm, this might probably be just a one-to-one talk/convincing an executive. If you can't convince one, try another. If you can't convince any, take it as a flag with the color of your choosing.
I'd love to help you build out that business case & open source it. Let me know if you're interested https://discord.gg/fQGqvQdWxq We're also started sharing interviews with maintainers who talk about the people aspect of what this funding means to them https://www.youtube.com/@thanks_dev
Tell them it is risk management; funding OSS ensures that projects you depend on will exist as OSS into the future and hopefully have less bugs and security problems.
I've thought about exact same thing for a long time. Except instead of just analyzing dependency list, create plugin for vscode/npm/etc and analyze how much each dependency is really used by you.
Great that somebody finally built tool like that, good luck!
Is nobody concerned with the fact this tool scans your repository contents? This tool is mostly intended for use with private projects, not open source, so I would expect a LOT more scrutiny (and options) around security.
"Donation" is a somewhat tainted word, because it often has certain legal issues attached. Most maintainers aren't non-profits, so they don't take donations, they get income (and it'll get taxed). At the same time, "donating" something without it actually being a donation is complicated for businesses (e.g. github not invoicing me for sponsorships gets my tax consultants to make sad faces).
I understand the idea, but giving it a better legal framework than "it's a donation. but not really" would definitely help.
I personally like to see companies sponsoring maintainers. We’re working to clarify that with the community is the terms have different value propositions & financial implications.
"Sponsoring" is fine, but for business processes you need a paper trail where something gets invoiced somewhere. It doesn't matter for tiny amounts, but your accountant will want something to hand to the IRS if there's ever an audit.
From what I understand, you're not 1:1 giving the money to some maintainer that's chosen but you'll distribute it according to code usage etc, so you won't be a payment provider, but it counts as revenue for you and you give the money to maintainers, right? Are you invoicing or do you go the github route?
After Google shut down Google Reader I specifically went looking for an alternative I could pay money for and landed with Newsblur[0]. I've been a happy customer ever since.
Pretty soon after that I moved over from Gmail to Fastmail[1], again it was a service that took my money so that I was the customer not the product being sold.
Yeah a lot of people here question why we're charging a minimum 5% fee but fail to understand that we all need to make ends meet or else we will also be shut down in time.
I receive a very small amount of donations on this platform for my work. I have some projects out there that are used as a dependency by a few million people. Fwiw in just over six months I've received around $20 and haven't cached it out yet. I get email notices about a few cents here and there but haven't bothered to take the time to setup Stripe in order to withdraw.
More money in the ecosystem will naturally create more competition but I’m sure the community will adapt & evolve accordingly. There’s no shortage of smart people in this space.
I'm using Jekyll for my rinkidink website. Jekyll is the workhorse tool of Github. Github is owned by Microsoft, who's not hurting for cash, or so I've heard.
You're absolutely right. Some orgs have huge lists. We do suggest the split but it's rather subjective so we also provide the tools to let sponsors boots & exclude.
Hi! Thanks for trying it out. I have reached out via email but just in case, looks like your account is configured for only first level dependencies. If you increase it to 3 levels it'll show much better results. You're also able to adjust the distribution of funds via boosting in the dependencies page.
Please note the donation will be kept in PENDING state for 5 days to allow time for full dependency analysis, adjustments via boost and/or exclusions. In this time we'll be reaching out to the other projects in your dependency tree to onboard them.
Please ping me if you need anything. Many thanks again!
Ok thanks so much. I assumed first level dependencies were anything that would turn up in a requirements.txt so reduced it from the default.
Thanks for building this and I'm looking forward to seeing how it develops.
I will add my voice to the "allowing this service full access to my repos is uncomfortable" crowd, there's a couple of my clients that have stricter NDAs which has meant those repos have been excluded. But you'll figure that out when you do.
Hi Animesh! The biggest difference would be that TD answers both "who should I sponsor AND how much?". It continually calculates the weight of each dependency in your codebase and distributes your monthly budget accordingly.
The next biggest difference is that it distributes micro-payments up to 3 levels deep into the dependency tree. We've noticed majority of people sponsor the top of mind projects, but the deep nested dependencies don't get any love. This automated approach should fix that.
Don't hesitate to ping me if you have any other questions please (email in profile).
There's already a lot of foundations that haven't been able to scale the process of paying thousands of developers due to tax & employment issues across the globe. We think creating the right commercial incentives would have a better chance but we might also be wrong. Time will tell...
I created openlist.dev, where developers could add small banners of products they love to their GitHub profiles and get paid if users click the banner. Looking for companies to become early users
This implementation is clearly for-profit. I want to directly tip open source projects using a system that doesn't involve other third parties taking a significant cut.