I would be willing to contribute to a bounty for various features. Some new features I would like to see is support for WireGuard and OwnCloud. If there is another way to accomplish this please reply.
I love the idea. So far no one as offered a bounty and we didn’t discuss it. FreedomBox Foundation might be able to facilitate this. @haidar from the foundation can tell us. We can organize this either here on the forums or use a existing bounty platform elsewhere (if they are free software friendly, respect privacy etc.).
Sounds interesting. We could hypothetically create a bounty program for high-priority features.
If by “bounty section” you mean a program that pays contributors to complete a given task, then the FreedomBox Foundation would need to provide (1) a budget and (2) administrative procedures for reviewing code and paying contributors. I’m not sure that we can dedicate those two resources. But I will bring this up at a meeting and ask the staff at the Foundation what we can do.
But if by “bounty section” you mean a list which asks for free, voluntary contributions, then that is more achievable. This volunteer bounty program would require that our development team curate a feature bounty list, which should be written in enough detail to make the objectives clear.
- I believe the original suggestion was for facilitating users to donate money for the implementation of specific features. @simjim, in another thread offered bounty money for a couple of features if I am not wrong. Foundation won’t need to provide for the budget.
- Code reviews can happen from community as they are happening now. We would just welcome more code. We can set some basic criteria for implementation such as solid plan when staring the bounty and declaring a bounty complete when it gets merged into the main code.
The remaining administrative procedures accepting donations from users for a particular feature and giving to the bounty winner will have to be done. Since the foundation accepts donations, these would be donations ear marked for a particular purpose.
We can also consider choosing a third-party platform and just use it. They will manage all that. Perhaps we can start that way and if the program gains traction, we can organize it under the foundation. If we start by creating a section of the forum for this purpose and organize it there, then that would be fine too.
Thank you for the clarification, Sunil. This helps.
I now see that the Foundation would only need to provide administrative support for the transfer of funds. I will talk about this proposal at an upcoming meeting, and I’ll get back to you.
I discussed this with staff at the FreedomBox Foundation, and, unfortunately, I learned that the Foundation, as a 501( c)3 organization, cannot easily facilitate a bounty program. Here is why:
As a 501( c)3 non-profit based in the US, the FreedomBox Foundation can only accept tax-deductible donations. In the described bounty program, the payment being transferred is a payment for a service between two people (a payer and a contributor), which wouldn’t constitute a tax-deductible donation that the Foundation can accept. I learned that facilitating the transfer of payments would actually require significant administrative plumbing, which the Foundation really can’t afford to do at this time. Unfortunately, the FreedomBox Foundation cannot facilitate a bounty program.
An alternative is for the community to continue accept feedback via the forum and implement ideas whenever it is possible and prudent.
Note: I am not a lawyer. Nothing in this post constitutes legal advice. I’m simply conveying information regarding a constraint imposed by the Foundation’s status as a 501( c)3 non-profit.
Would using an outside bounty program be acceptable. If so, could freedombox link to it without an issue with the 501©3 status? Without a connection from freedombox I believe the bounty program would not receive the attention it needs to be successful.
Also, I’ll be glad to start with a contribution of $200 towards including WireGuard. What would you consider an appropriate goal for the total bounty to get WireGuard included in freedombox. There seem to be many bounty services like bountysource.com to pick from.
Any BTW, I just donated $100us to freedombox.org.
Thank you very much! We appreciate your generosity.
We are discussing this. I’ll post here when I have an update.
I talked about this with the Foundation staff, and we are open to it. But there are some questions surrounding governance of this bounty program by the developers. In short, if we (the FreedomBox community) begin accepting features through a bounty program, then the core developers would need to find a way to manage these issues:
Bounty review process: Any feature which is requested in a bounty program would need to go through a review process by the core devs. This review process would filter out features which the core devs don’t want to integrate into FreedomBox (e.g. if someone offered to pay $300 for the integration of a poorly designed static site generator, the devs would discuss and tell the requester that the request has been rejected and that they better save their money). To solve this issue, the core devs would need to take on the additional responsibility of monitoring the bounty page to make sure that only approved bounties get paid for. We could create a category in the forum called “Bounties” in which interested parties can request for approval from the core devs.
Division of funds: Another issue is the division of a bounty for an item
that was developed by more than one person. Who keeps the money in this
case, and who decides how the money is divided when there are disputes? I think one way around this is for the bounty feature development process to require a determination of the division of labor and funds BEFORE any work is done. All parties must mutually agree at the beginning of the process.
Team-implemented items: Someone may offer a bounty for an item that our
team was planning to implement anyway (e.g. the reachability wizard). What do we do? Do we reject the bounty, or does the team accept it and divide it among volunteers who made contributions to the development? Though I could imagine the funds being used to “fast track” the development of a feature (so it gets done this month instead of in 6 months), it is an open question as to whether or not the core devs should reject the bounty in cases when a feature was already on the TODO list.
Since this is new to us, an implementation plan will take some time. But our developers will discuss and will try to determine if a governance model is worth trying out.
- Since this bounty will be paid by outside sources I don’t think is necessarily needs the core devs approval. The core devs have final authority to accept or deny any pull request to incorporate the code into the Freedombox project. That said, I think anyone considering paying money for a bounty should at least converse with the core devs about the likely hood of being accepted.
- Those creating the bounty can decide about the division of funds and it should be clearly stated in the bounty description. I see no reason why an existing core dev could not fulfill the bounty requirements and accept payment.
- I see no reason a bounty could not be created for an item already on the roadmap. A core dev could certainly provide the code and accept the bounty.
Since the bounty program cannot be handled directly by Freedombox due to the reasons stated earlier they should have no official say in the creation or payment of the bounty. After all the core devs have ultimate rights to decide if the pull request is accepted or not. This does not preclude core devs from fulfilling and collecting on a bounty.
I’m skeptical concerning bounties in general – as promising as they may sound. A bit of background how we at snowdrift.coop relate to this:
Great link. Lots of thought and experience in there.
My idea about using a bounty was to try to get 2 main features added to freedombox relatively quickly; Wireguard (for VPN browsing on open wifi) and NextCloud. Although I’m a developer I thought it would be faster to pay someone that already has expertise with Plinth than to try and write the modules myself. From the link, I see it wasn’t a great idea.
For me thou, I set up a 2nd raspberry Pi with WireGuard and NexCloud and put them in my DMZ and have Freedombox running on my internal network to provide SearX and Privoxy, so now I have a complete system that satisfies my use cases.
Guess this sums it up:
The best-laid plans of mice and men often go awry