On Tue, Jul 30, 2013 at 05:35:04PM -0400, Rogan Hamby wrote: > I haven't heard any dissents and at least two in favors of (you and I) so > in the spirit of a meritocracy I would say Kathy that at the least if you > want to come up with a model of how to handle it, go ahead and let's start > poking at the details. > > I won't derail things with my wishlist for accessibility. :) > > I agree that wishlist bugs shouldn't be on the list.
Okay, I'll offer a conditional dissent then. I worry that the introduction of financial incentives will disrupt the contributor ecology. As soon as money is in the picture, all sorts of interesting side effects can occur. For example, will this act as a disincentive for open communication and collaboration about potential alternatives for fixing a bug (because potential fixers jealously guard their approaches from one another)? Will it reduce the interest of current developers in providing assistance to new contributors? Will it introduce difficulties in trying to divvy up credit for bug fixes? Do reviewers of bug fixes get any share of the cash? Do reporters of bugs who provide reproducible test cases get any share of the cash? Is there any requirement to providing regression tests (to prevent the bug from ever rearing its head again) as part of the bug fix? Will contributors of new functionality bury bugs they know about in the interest of getting paid twice, once for the new functionality, and then later for the bug fixes? My conditional dissent would like some examples of projects where bug bounties have actually worked. The examples that I've seen have focused on reporting security vulnerabilities. If there are a few solid cases out there that can serve as a model for us, then I would turn my dissent into cautious assent. It could be that I've just read one too many Dilbert cartoons...
