I’d love too but I dislike using payment processors as middlemen for online transactions! I see you’re using Stripe which is one of the worst processors because they opaquely block all sorts of transactions. It would be great to use a system like this to promote and fund open source projects and fuel cottage industry without having to include megacorporations. Make a mail cash option for people who don’t want to show their papers to a payment processor!
Thought about this in a conceptual way some years ago [1] and the best option seems to be to let the developers decide how they want to be paid, i.e. have a `thanks.dev` file in the tree of the package with JSON-like data, e.g.
"payment": "iban", "data": "IBANCODE"` or
"payment": "link", "data": "https://..." or
"payment": "cryptoCoin", "data": "0xb3..." and so forth.
Of course, the problem is there are many different ways of giving thanks, so a protocol is required, that's the hard part actually in this space, standardization.
Why would there be fraud? The IBAN/payment link/crypto wallet/etc. is only one way: anyone can deposit, only one can withdraw. Everyone knows the IBAN for donating to Greenpeace, but only one can sue them [1]. As for the file itself, not being changed by a third party, the distributing program can check hashes of current payment method vs. previous and notify accordingly.
Funny, but that seems more of a mistake on the bank side, and given that the article is from 2008, I am not surprised. Lots of things went wrong in 2008 on the banks side. Nevertheless, in principle, having a public IBAN is harmless.
At first I thought "Oh another Patreon/Open Collective" but actually this is kinda neat in how it works.
Slightly offtopic, but every month when my Patreon donations get processed Patreon sends me this STUPID email with "Tweet your receipt!"
Honestly, it's so pathetic. It's like giving food to a homeless person while filming it so I can post it on Twitter.
Yes I realise it's an option and I don't have to (nor do I) click it.
"Webpack receives close to $200k in funding per year via OpenCollective but its direct dependencies receive minuscule amounts of funding, and there are 80+ of them."
All it takes is contributing a small % of revenue back. I'm not decided that 10%-30% will be the final # (can a business give that much and still compete?), but then also some of me feels that it should actually flip at some point (30% for nimbus, 70% for F/OSS project) if most of the value is actually the F/OSS project (i.e. the project is so high quality that all we do is mostly run it and upgrade it happily).
Right now only the Redis service is available (object storage is coming soon (tm)), but kick the tires:
One thing we haven't figured out is how to pay library authors. dunno what to do, but early idea is some % contribution and letting people calculate allotment (ex. 5% of your 20% revenue donation must go to libs, but you pick which libs you depend on get the most).
Thanks for the kind words -- I do have to make it real, and make sustainable profit first before my aims mean anything, but at least I think I'm pointing in the right direction.
> Much confusion that this domain isn't for the Nimbus weather station.
> Ah, the cloud! Is there anything it can't do?
Well looks like there might be a name change in the future... That might be a legitimate confusion point.
Concerning soending, open-source contributors are not employees. They do contribute to business, but wouldn’t do what you need if you needed it, like fixing vulnerabilities. There should be the same difference as between standard on-the-shelf products and custom products made for the industry, that fit a particular purpose.
> Concerning soending, open-source contributors are not employees. They do contribute to business, but wouldn’t do what you need if you needed it, like fixing vulnerabilities.
I agree, there's value being brought by both sides of this equation -- F/OSS developers for building something valuable, and Nimbus for providing it, making fixes/upstream contributions when necessary, etc.
The problem with the current state of things is that the value capture is ~0% for F/OSS projects. Maybe 15%-30% is too high, but it needs to be appreciably above 0% for F/OSS to flourish.
> There should be the same difference as between standard on-the-shelf products and custom products made for the industry, that fit a particular purpose.
Would you mind expanding on this? Are you advocating for open core? It's not that I want to provide an enterprise version of 10/100ss of software -- more that I think there's value in them as a service (use Postgres, but avoid getting a degree in Postges administration).
The idea is to do just enough hacking that makes the service more reliable and sustainable to run without manual ops burden -- that's the differentiator for Nimbus (along with know-how).
I really want someone to succeed at this and I like the approach but you need to run not walk to making it usable without private source code access. That’s a non-starter.
Absolutely fair point & this is something we're working on to open source. If you'd like to join the community feel free to join our discord https://discord.gg/fQGqvQdWxq For context sponsorships & donations have tax implications in different geographic & implications for our community. We're working to get better clarity on these points with our beta users.
So it looks like the idea is it goes through your GitHub dependencies, and splits your donation up among them.
That’s a pretty neat idea.
I wonder if it would be possible or even desirable to try and get some automatic measure of “how much” you depend on a given project, to weigh the split. Probably that would be really difficult to capture. Anyway the current idea is already pretty cool.
Not automatic, but it already supports a measure of "how much" you depend on a project: boosting. You can boost dependencies up or down by up to a factor of 20 (e^3).
Regarding the post generally, using the problem of “how should I re-distribute my donations” to help solve the problem of “am I actually willing to be part of your software supply chain or am I just a hobbyist project, good luck using my code” seems like a nice way of hitting two birds with one stone.
Neat idea. Would it be useful to let folks analyze a repository without signing up? I'm thinking a user may want to scan a large repository and get a report (top X sponsor-enabled dependencies). This might be useful data to present during funding discussions.
I'm more than happy to help, just connect with me on https://discord.gg/fQGqvQdWxq we're currently doing this for a few presentations. It just depends on the ecosystem that specific org is managed under.
You're absolutely right. When you login you can actually see a list of dependencies & make your own adjustments. While thanks.dev makes a recommendation based on what's analysed, sponsors are able to boost or exclude beyond our recommendations. It's not perfect & has a lot of room to improve but we hope it's a good starting point :)
Re gaming the system you're totally right. Although slightly unintuitive, we've also heard the opposite from maintainers. That they'll be motivated to remove the silly one line packages from their dependency trees due to the imbalance of value they provide vs extract.
We also prune self dependencies, circular dependencies and a few other cases to keep things level. Hopefully we'll be at a stage to open source our codebase soon and can better leverage community feedback in this space :)
Genius idea. I try to donate to open source software I've used for long time, especially if I cannot contribute any code back. This site seems to automate the process of finding out which dependencies of your software are accepting donations.
Unfortunately, I cannot use this right now, because Maven dependencies can't seem to be found, and neither can Cargo dependencies. I decided to test it with an app that uses a mix of ClojureScript and Rust. There is a shadow-cljs.edn file at the root level of the folder, but those dependencies are not picked up. Neither are stuff in a package-lock.json. There is a Cargo.lock file in a subfolder, but that does not seem to be scanned either.
However, I am able to verify there exist dependencies, in each of these files, that are actively seeking for funding and use GitHub sponsors.
Hi Koito17 Thanks for trying it out! Are you able to ping me your github handle so I can get to the bottom of it (email in profile).
Alternatively, for multi-project repos you can add a thanks.yaml file to the root of the repo with a `maxDepth: 2` value inside it. Unfortunately, deep scanning the entire repo looking for files would be prohibitive due to GH rate limiting hence this approach.
Please keep me posted. I'm also available on Discord if you need anything.
Hi. First of all, thanks for the quick response, and more importantly, working on this cool idea!
I see on the website that CLJS isn't supported; that's fine. But the NPM dependencies not being detected does intrigue me. I'm going to follow up with you on Discord if that's fine
The UI imposes a 5% minimum (and 15% default) value for "Tip thanks.dev" under "How much would you like to donate each month?" on https://thanks.dev/settings
This implementation is clearly for-profit. I want to directly tip open source projects using a system that doesn't involve other third parties taking a significant cut.
Absolutely appreciate & respect your perspective. We're passionate about making open source sustainable & understand that there can be multiple ways of achieving this goal. The more ways money is channeled to the community the better...
I think it would be easier to defend taking a cut if the cut was calculated in the same way as for the dependencies, e.g. next.dev being automatically added to the list.
The difference being that this service has real tangible costs such as card fees for every transaction. That's not really comparable with "it would be nice to be paid for my time" when pushing your code to GitHub. I haven't used the site but it seems reasonable that one solution won't apply to all kinds of projects.
They could break out the transactions explicitly. That would help reduce the feeling that they're taking more than their share, if they're not doing that.
Well, if they're there to secure a good chunk of peanuts for themselves, for being the intermediator, many would find this shady and wont want to deal with them.
Sorry, someone donating $10,000 to their favorite FOSS doesn't want an intermediator to take in $500 just for making the transaction.
Even more so when the actual transaction infrastructure is not going to be their's anyway, but some banks or Stripe or whatever.
> Thanks.dev presently supports itself through a voluntary tip percentage that, if more than zero, gets deducted from donation amounts along with a Stripe payment processing fee prior to distribution.
I also think they should allow manual addition of projects. E.g. I use Syncthing but that won't be found in my Github/Gitlab scans. I can donate via Github too but would be easier if I can have one place to control all such donations.
The irony of "someone should build something for free" when complaining about a donation system for helping open source projects get paid for their work.
Why would this be irony? If anything it's irony that they're offering a for profit service to facilitate donations vs adding themselves as a donor recipient on their platform.
No, the idea of having a simple payments system for open source devs to use to get paid for their "free" software should be "free". Let the merit of the software dictate. That's the whole point of open source. To build things freely and openly to make the best possible software that we (humans) can make. We should also expect the same in the tools we rely on to do that work. It's not a hard ask. It's a philosophy of not wanting a corporation to own the keys and profit from others work. Stripe already takes 2.9%+. I don't want someone else taking 10%-30%. Then I have to give the government 30%.
> the idea of having a simple payments system for open source devs
A payment system is never simple and if it's more than a standardized "funding.txt" format it will have running costs and someone has to cover these. How much this system should charge is debatable, but it should probably be higher than 0%.
> To build things freely and openly to make the best possible software that we (humans) can make.
This only works in a system where humans do not need money to live. This is not our system. In a capitalist system, for better or for worse, if you don't own a means of production you must work to get money because you need money to live.
We should recognize the value of work, and if it is useful, pay for it. It is only normal in such a system. I wish we were in a commons-based society, that all resources and production would be decided by workers in quantity and distributed based on needs, but that's not our system.
Have you not read the too many stories of open source developers struggling to make ends meet ? Of the gpg guy saying he might give up because it's just too much ? Of all the devs on the edge of burnout because of all the stress and the demands of people not here for participating but only for their own service ? Of the very article we're talking about ?
I would love to live in a system where everyone is actually free to do whatever they want with their time, all day long, all year long, but that's not where we live today. What kind of people has enough time and energy to devote hours of their lives to something that is not their primary way of earning money ?
I too use only FLOSS, and only put out project under copyleft licenses, but that doesn't mean I'm blind to the structures in which we live in.
The "free" in FOSS is about being able to use the software as you see fit, without restrictions. Not that you don't have to pay a dime. Sure in practice the software is usually "free as in beer" but that's a side-effect, not a goal (or guarantee).
Sponsors have a slider that allows them to adjust their tip from 5% to 100% of their monthly donation. We figured minimum 5% would cover our compute & merchant fees but left it to the community to decide what we should get. We thought this was the most aligned approach with open source. Totally open to other ideas and suggestions though.
Under "Why don't the sum of my individual donations total to the amount I've donated?" you list stripe processing fees as #1...
So no, if you're taking a minimum of 5%, then any reasonable person is going to assume that you've already deducted the processing fees, not covering them out of that 5%.
I don't see any dishonesty here. They are in fact covering the fee out of the 5%. That means they are taking less than what "reasonable" persons think in your opinion.
The text may be imprecise, but it's a long way from dishonesty. In my opinion dishonesty requires a motive, and I don't see it here. If the 5% did not include fees, it would perhaps be different.
I work for a > 100 people company where the business model is entirely based on donations. We are using stripe for payment and it costs us money, but you can still use our service freely if you want to.
I agree it is not simple, but it proves it is doable.
What are your fees?
Tips at time of donation. You decide.
If payment is required to use a service then that payment is not a "tip" - it is a "fee". Anything over the required payment would be a "tip". This FAQ answer implies that the required payment is zero, which, it turns out, is false.
There is absolutely nothing wrong with charging a fee for a service, but there is something wrong with lying about it.
> There is absolutely nothing wrong with charging a fee for a service
Agreed, but percentage-based fees can quickly become an unfairly large part of payments. I love the idea of this project, but I'd prefer there to be a 5% or X dollars minimum, so that if 5% is more than X dollars, then it doesn't force 5% minimum. If I'm donating $500 to 45 projects, then each project on an even split is getting $11, but thanks.dev is getting $25 even though their service isn't actually in use by my app/service. Seems unfair to me.
My guess is that more than half of that $25 goes to the payment provider (Stripe etc.). Maybe more.
The remaining ~$10 will go to thaks.dev to cover operational costs, administration and other expenses.
I don't expect them to work for free. If you think it's unfair, contact the developers directly to see if you can wire them money (to avoid PayPal fees). If it's too much work, you can pay services like thanks.dev that does the work for you.
Please take more time to read the context. If you read the post that I replied to instead of jumping to conclusions, you will find that you are incorrect
$25 refers to the 5% fee of the total amount ($500) that the site takes. I said that more than half of that fee is used to pay Stripe.
For every OpenSource project I donate to, I check, whether they provide a SEPA IBAN, then I just set up a monthly transfer of a small amount that I can afford instead of a bigger single donation.
Whenever possible, I try to avoid any instances in-between which take some % of the cake.
The service also completely blocks VPN users with a 403. That seems like blocking a pretty good chunk of your target audience to me. I will absolutely be looking elsewhere to support projects I benefit from.
My Name is Armin Nehzat (aka armini), my brother is Ali Nehzat (aka qwerki). Feel free to also look us up on linkedin if that helps. Here's a podcast of my brother talking about how he started the project https://podcast.sustainoss.org/148
There is some overhead in collecting money. When you use a charge card a small percentage goes to the credit card and processing companies.
There are some gas stations in Massachusetts that have a slightly lower cash price because they don’t have to pay that fees and pass along the savings. Most businesses nowadays just fold that fee into the price.
If they are upfront about how much I’m ok with it. Otherwise you can send a check, but no one is using that option.
Make it as organized/structured as possible. Go through the social initiatives arm of the firm, if they are big enough to have one. To them "our social responsibility initiatives" or "open source community contributions" sounds better and webpage-worthy than "we pay project X, Y and Z" (even though that is basically what it boils down to).
On the other hand, for a smaller firm, this might probably be just a one-to-one talk/convincing an executive. If you can't convince one, try another. If you can't convince any, take it as a flag with the color of your choosing.
I'd love to help you build out that business case & open source it. Let me know if you're interested https://discord.gg/fQGqvQdWxq We're also started sharing interviews with maintainers who talk about the people aspect of what this funding means to them https://www.youtube.com/@thanks_dev
Tell them it is risk management; funding OSS ensures that projects you depend on will exist as OSS into the future and hopefully have less bugs and security problems.
I've thought about exact same thing for a long time. Except instead of just analyzing dependency list, create plugin for vscode/npm/etc and analyze how much each dependency is really used by you.
Great that somebody finally built tool like that, good luck!
Hi Animesh! The biggest difference would be that TD answers both "who should I sponsor AND how much?". It continually calculates the weight of each dependency in your codebase and distributes your monthly budget accordingly.
The next biggest difference is that it distributes micro-payments up to 3 levels deep into the dependency tree. We've noticed majority of people sponsor the top of mind projects, but the deep nested dependencies don't get any love. This automated approach should fix that.
Don't hesitate to ping me if you have any other questions please (email in profile).
Why Array.isArray() when you can require("isarray").isArray()? (Node.js 0.10.0, Fx 4.0)
deep-equal has 43 packages (& 17m weekly downloads) that are mostly (is|has)-* packages or redundant wrappers like for-each and object-keys (https://npmgraph.js.org/?q=deep-equal) and you’ll find this package included in a lot of upstream libraries. Ask for a banana and get a gorilla and forest... Luckily many have moved to fast-deep-equal (0 dependencies), but there are a lot of other examples of this sort of thing.
I created openlist.dev, where developers could add small banners of products they love to their GitHub profiles and get paid if users click the banner. Looking for companies to become early users
More money in the ecosystem will naturally create more competition but I’m sure the community will adapt & evolve accordingly. There’s no shortage of smart people in this space.
I'm on the receiving end of donations from sourcegraph using this. It's around $10 per month from that single donation and is for the only Go HTML santizer, which you use when you have user generated / untrusted input that you need to display as HTML. https://github.com/microcosm-cc/bluemonday
For me the library has been good enough for my own use for a very very long time. I mostly neglect it unless there's some critical issue (which there hasn't been for a very long time — but clearly infosec world knows this lib exists as when I do make changes with crap commit messages I get emails asking what the implications are). I don't improve it at all as my time is better spent on my day job.
I've often thought that there's room for improvement such as a DOM style sanitizer to validate HTML input rather than just a SAX style sanitizer, perhaps formatting of output in addition to sanitising input, transformation rules to allow a safe embedly type thing, etc.
When I got the initial donation I was surprised, first ever bit of support for open source software I'd written (as this was not written on company dime).
Even at $10 per month it is motivating enough to think someone values it. If it accrues into something significant then I may actually feel motivated to improve it rather than just support it.
Interesting is that I'd regard this OSS lib as successful by usage as sourcegraph says 803 projects use it — but given that a fair number of those are things like Hugo which in turn have thousands of forks and many more thousands of instances of use, well it does appear that this sanitizer is to safe HTML in Go what https://xkcd.com/2347/ illustrates. Originally it was written for my own use and it's now used by virtually everything in the Go world that makes a website.
Perhaps people don't know this and libraries like it exists though? Perhaps they import some web framework and this came with it? Well, for that awareness thank you to thanks.dev
Of the models I've seen so far for supporting individuals who create OSS code this one stands out by highlighting dependencies. Likely the solution is a blend of things... a commission type system for rare engineers and skills (i.e. https://words.filippo.io/pay-maintainers/ ) and thanks.dev for the long-tail of those who have done things and you want to use it long-term. There are also companies who create OSS software, and if you value their work and don't want what they produce to go behind Enterprise differentiation then perhaps pay for their services too.
reading this comment made my day :) thanks for your contributions to open source, the least we could do is recognise & reward you for your work. What people often forget is the people aspect of open source. I've done countless interviews with open source maintainers & you are all just awesome https://www.youtube.com/@thanks_dev it's a pleasure working with you & I love hearing your stories
Our take on this is that funds should distribute across the dependency tree. We currently facilitate trickling your budget 3 levels deep. https://thanks.dev/static/how covers this in more detail.
That seems like a pretty sensible way of doing things.
I wonder: will people find a way to exploit it? E.g. create a simple but useful dependency that uses 100 sub-dependencies, all by the same author? Will larger, more self-contained dependencies lose out to small ones?
Exactly. Many OSS developers work for free. Myself included (I develop some OSS software). And the way I try to be a good OSS citizen is by being constructive and supportive in various OSS communities I care about. You're not going to get my money. But you might get my time, attention, and skills. For free.
The way the OSS communities works is not money but value creation. There are all sorts of value people get out of creating things for each other. People like the recognition and appreciation they get for their work, the satisfaction they get out of doing a thing, the interactions with others, etc. Plenty of ways to get value from creating stuff for others. And sometimes people actually get paid directly or indirectly to work on a thing. It's fine. I'm not against that. Just don't expect/demand me to pay for a thing. And I won't do so either. That simple promise is why OSS works. We both end up getting some value if we work together. And we might even get paid indirectly. For example I have a consulting career and I dabble in startups. So my motives are not entirely altruistic.
204 comments
[ 3.0 ms ] story [ 227 ms ] thread[1] https://github.com/ly3xqhl8g9/delicense
The worst case here is a lot of fraud for the people who shared their details.
[1] https://www.greenpeace.org.uk/news/succession-greg-sue-green...
these things are still possible, you don't even have to know as much detail as this person gave out
Consider using Monero for such a purpose. I've gotten paid in Monero. It pretty much just works.
Slightly offtopic, but every month when my Patreon donations get processed Patreon sends me this STUPID email with "Tweet your receipt!" Honestly, it's so pathetic. It's like giving food to a homeless person while filming it so I can post it on Twitter.
Yes I realise it's an option and I don't have to (nor do I) click it.
"Webpack receives close to $200k in funding per year via OpenCollective but its direct dependencies receive minuscule amounts of funding, and there are 80+ of them."
♥
Emojis are Unicode, not ASCII (I think, not an expert myself).
We should also be able to use arrows ⇒, the trademark symbol ™, whatever this is ∴, or maybe this ℜ.
But we can test it, maybe HN supports Unicode Emojis but nobody is using them...
EDIT: I was listing some Unicode Emojis here, but you were correct, they were removed after posting. At least the ASCII symbols show up :)
[0]https://www.ascii-code.com/html-symbol
Excuse the crappy looking site (been busy trying to actually deliver all the shit on that page), but I believe that F/OSS can be sustainable:
https://nimbusws.com/#sustainability
All it takes is contributing a small % of revenue back. I'm not decided that 10%-30% will be the final # (can a business give that much and still compete?), but then also some of me feels that it should actually flip at some point (30% for nimbus, 70% for F/OSS project) if most of the value is actually the F/OSS project (i.e. the project is so high quality that all we do is mostly run it and upgrade it happily).
Right now only the Redis service is available (object storage is coming soon (tm)), but kick the tires:
https://nimbusws.com/app (register @ the bottom!)
One thing we haven't figured out is how to pay library authors. dunno what to do, but early idea is some % contribution and letting people calculate allotment (ex. 5% of your 20% revenue donation must go to libs, but you pick which libs you depend on get the most).
Much confusion that this domain isn't for the Nimbus weather station.
Ah, the cloud! Is there anything it can't do?
Thanks for the kind words -- I do have to make it real, and make sustainable profit first before my aims mean anything, but at least I think I'm pointing in the right direction.
> Much confusion that this domain isn't for the Nimbus weather station. > Ah, the cloud! Is there anything it can't do?
Well looks like there might be a name change in the future... That might be a legitimate confusion point.
TIL of the nimbus weather station: https://www.rainbird.com/golf/nimbusii
It's like a Bloomberg Terminal for weather...?
I agree, there's value being brought by both sides of this equation -- F/OSS developers for building something valuable, and Nimbus for providing it, making fixes/upstream contributions when necessary, etc.
The problem with the current state of things is that the value capture is ~0% for F/OSS projects. Maybe 15%-30% is too high, but it needs to be appreciably above 0% for F/OSS to flourish.
> There should be the same difference as between standard on-the-shelf products and custom products made for the industry, that fit a particular purpose.
Would you mind expanding on this? Are you advocating for open core? It's not that I want to provide an enterprise version of 10/100ss of software -- more that I think there's value in them as a service (use Postgres, but avoid getting a degree in Postges administration).
The idea is to do just enough hacking that makes the service more reliable and sustainable to run without manual ops burden -- that's the differentiator for Nimbus (along with know-how).
That’s a pretty neat idea.
I wonder if it would be possible or even desirable to try and get some automatic measure of “how much” you depend on a given project, to weigh the split. Probably that would be really difficult to capture. Anyway the current idea is already pretty cool.
The formula is explained in https://thanks.dev/static/how.
If this takes off people will be inventivized to make lots of small dependencies that are likely to be needed in tier 1 (or tier 2).
The trick will be to find a bug in a first dep of webpack for example, fork it and fix some bugs there then convince webpack to switch to you.
Algorithmic decisions can be gamed.
I suggest instead the app lists the deps, and you choose how much to give each one.
Re gaming the system you're totally right. Although slightly unintuitive, we've also heard the opposite from maintainers. That they'll be motivated to remove the silly one line packages from their dependency trees due to the imbalance of value they provide vs extract.
We also prune self dependencies, circular dependencies and a few other cases to keep things level. Hopefully we'll be at a stage to open source our codebase soon and can better leverage community feedback in this space :)
Thanks for building this!
Unfortunately, I cannot use this right now, because Maven dependencies can't seem to be found, and neither can Cargo dependencies. I decided to test it with an app that uses a mix of ClojureScript and Rust. There is a shadow-cljs.edn file at the root level of the folder, but those dependencies are not picked up. Neither are stuff in a package-lock.json. There is a Cargo.lock file in a subfolder, but that does not seem to be scanned either.
However, I am able to verify there exist dependencies, in each of these files, that are actively seeking for funding and use GitHub sponsors.
Alternatively, for multi-project repos you can add a thanks.yaml file to the root of the repo with a `maxDepth: 2` value inside it. Unfortunately, deep scanning the entire repo looking for files would be prohibitive due to GH rate limiting hence this approach.
Please keep me posted. I'm also available on Discord if you need anything.
I see on the website that CLJS isn't supported; that's fine. But the NPM dependencies not being detected does intrigue me. I'm going to follow up with you on Discord if that's fine
- They already understand what kind of code base it is and already do dependency scanning for security issues
- They have payment details
- They have the "verified" payment method of a person / project (If sponsoring is enabled)
This implementation is clearly for-profit. I want to directly tip open source projects using a system that doesn't involve other third parties taking a significant cut.
At some point the dance isn't worth the peanut.
Sorry, someone donating $10,000 to their favorite FOSS doesn't want an intermediator to take in $500 just for making the transaction.
Even more so when the actual transaction infrastructure is not going to be their's anyway, but some banks or Stripe or whatever.
This phrasing is just inappropriate, and the situation you cite is an extreme.
> many would find this shady and wont want to deal with them
What's the point of armchair prognostication? We'll find out, and their pricing isn't fixed in stone?
Nothing stops you there to put 100% into one of those and 0% on the others.
> Thanks.dev presently supports itself through a voluntary tip percentage that, if more than zero, gets deducted from donation amounts along with a Stripe payment processing fee prior to distribution.
I also think they should allow manual addition of projects. E.g. I use Syncthing but that won't be found in my Github/Gitlab scans. I can donate via Github too but would be easier if I can have one place to control all such donations.
[0]: https://www.theregister.com/2023/04/07/thanksdev_open_source...
A payment system is never simple and if it's more than a standardized "funding.txt" format it will have running costs and someone has to cover these. How much this system should charge is debatable, but it should probably be higher than 0%.
What does this mean? Using this service is letting the merits dictate. It doesn't stop anyone building a competitor.
This only works in a system where humans do not need money to live. This is not our system. In a capitalist system, for better or for worse, if you don't own a means of production you must work to get money because you need money to live.
We should recognize the value of work, and if it is useful, pay for it. It is only normal in such a system. I wish we were in a commons-based society, that all resources and production would be decided by workers in quantity and distributed based on needs, but that's not our system.
The problem comes from people believing they should be paid for willingly giving away the fruits of their labor.
I only use FLOSS and don’t feel I’m missing out at all.
I would love to live in a system where everyone is actually free to do whatever they want with their time, all day long, all year long, but that's not where we live today. What kind of people has enough time and energy to devote hours of their lives to something that is not their primary way of earning money ?
I too use only FLOSS, and only put out project under copyleft licenses, but that doesn't mean I'm blind to the structures in which we live in.
Sponsors have a slider that allows them to adjust their tip from 5% to 100% of their monthly donation. We figured minimum 5% would cover our compute & merchant fees but left it to the community to decide what we should get. We thought this was the most aligned approach with open source. Totally open to other ideas and suggestions though.
In a perfect world, Stripe and the credit card companies could waive the fees for donations, but that is not the case.
Someone has to actually cover those fees.
So no, if you're taking a minimum of 5%, then any reasonable person is going to assume that you've already deducted the processing fees, not covering them out of that 5%.
I don't think you're being open and honest here.
The text may be imprecise, but it's a long way from dishonesty. In my opinion dishonesty requires a motive, and I don't see it here. If the 5% did not include fees, it would perhaps be different.
I agree it is not simple, but it proves it is doable.
There is absolutely nothing wrong with charging a fee for a service, but there is something wrong with lying about it.
Agreed, but percentage-based fees can quickly become an unfairly large part of payments. I love the idea of this project, but I'd prefer there to be a 5% or X dollars minimum, so that if 5% is more than X dollars, then it doesn't force 5% minimum. If I'm donating $500 to 45 projects, then each project on an even split is getting $11, but thanks.dev is getting $25 even though their service isn't actually in use by my app/service. Seems unfair to me.
The remaining ~$10 will go to thaks.dev to cover operational costs, administration and other expenses.
I don't expect them to work for free. If you think it's unfair, contact the developers directly to see if you can wire them money (to avoid PayPal fees). If it's too much work, you can pay services like thanks.dev that does the work for you.
(And now I'm realizing that American tipping culture may be playing in to differing expectations here...)
EDIT: I see they have now updated their wording.
It's literally public information
$25 refers to the 5% fee of the total amount ($500) that the site takes. I said that more than half of that fee is used to pay Stripe.
Surely they are not making a transaction for every patron/maintainer combination, but rather batching the payments.
Otherwise yes this is a Stripe charity :)
I'm seeing comments from two separate accounts, but when you look at their about, they seem to be the same person:
https://news.ycombinator.com/user?id=qwerki https://news.ycombinator.com/user?id=armini
tea.xyz will not have fees once it goes live with its funding protocol for open-source software.
There are some gas stations in Massachusetts that have a slightly lower cash price because they don’t have to pay that fees and pass along the savings. Most businesses nowadays just fold that fee into the price.
If they are upfront about how much I’m ok with it. Otherwise you can send a check, but no one is using that option.
https://en.liberapay.com/
The platform itself is also a project on the platform, where the donation happens
https://en.liberapay.com/Liberapay
GitHub sponsors isn't too bad, they take a 3% cut (and the CC takes another 3%). But you're effectively donating to Microsoft, which feels icky.
On the other hand, for a smaller firm, this might probably be just a one-to-one talk/convincing an executive. If you can't convince one, try another. If you can't convince any, take it as a flag with the color of your choosing.
For example:
https://anonymoushash.vmbrasseur.com/2022/10/27/open-source-...
The next biggest difference is that it distributes micro-payments up to 3 levels deep into the dependency tree. We've noticed majority of people sponsor the top of mind projects, but the deep nested dependencies don't get any love. This automated approach should fix that.
Don't hesitate to ping me if you have any other questions please (email in profile).
deep-equal has 43 packages (& 17m weekly downloads) that are mostly (is|has)-* packages or redundant wrappers like for-each and object-keys (https://npmgraph.js.org/?q=deep-equal) and you’ll find this package included in a lot of upstream libraries. Ask for a banana and get a gorilla and forest... Luckily many have moved to fast-deep-equal (0 dependencies), but there are a lot of other examples of this sort of thing.
For me the library has been good enough for my own use for a very very long time. I mostly neglect it unless there's some critical issue (which there hasn't been for a very long time — but clearly infosec world knows this lib exists as when I do make changes with crap commit messages I get emails asking what the implications are). I don't improve it at all as my time is better spent on my day job.
I've often thought that there's room for improvement such as a DOM style sanitizer to validate HTML input rather than just a SAX style sanitizer, perhaps formatting of output in addition to sanitising input, transformation rules to allow a safe embedly type thing, etc.
When I got the initial donation I was surprised, first ever bit of support for open source software I'd written (as this was not written on company dime).
Even at $10 per month it is motivating enough to think someone values it. If it accrues into something significant then I may actually feel motivated to improve it rather than just support it.
Interesting is that I'd regard this OSS lib as successful by usage as sourcegraph says 803 projects use it — but given that a fair number of those are things like Hugo which in turn have thousands of forks and many more thousands of instances of use, well it does appear that this sanitizer is to safe HTML in Go what https://xkcd.com/2347/ illustrates. Originally it was written for my own use and it's now used by virtually everything in the Go world that makes a website.
Perhaps people don't know this and libraries like it exists though? Perhaps they import some web framework and this came with it? Well, for that awareness thank you to thanks.dev
Of the models I've seen so far for supporting individuals who create OSS code this one stands out by highlighting dependencies. Likely the solution is a blend of things... a commission type system for rare engineers and skills (i.e. https://words.filippo.io/pay-maintainers/ ) and thanks.dev for the long-tail of those who have done things and you want to use it long-term. There are also companies who create OSS software, and if you value their work and don't want what they produce to go behind Enterprise differentiation then perhaps pay for their services too.
I can donate to some and rotate each month, but how about the rest, and dependencies?
I can donate to some and rotate each month, but how about the rest, and dependencies?
There is just so much software there that seems hopeless (although there are also billions of users).
I wonder: will people find a way to exploit it? E.g. create a simple but useful dependency that uses 100 sub-dependencies, all by the same author? Will larger, more self-contained dependencies lose out to small ones?
The way the OSS communities works is not money but value creation. There are all sorts of value people get out of creating things for each other. People like the recognition and appreciation they get for their work, the satisfaction they get out of doing a thing, the interactions with others, etc. Plenty of ways to get value from creating stuff for others. And sometimes people actually get paid directly or indirectly to work on a thing. It's fine. I'm not against that. Just don't expect/demand me to pay for a thing. And I won't do so either. That simple promise is why OSS works. We both end up getting some value if we work together. And we might even get paid indirectly. For example I have a consulting career and I dabble in startups. So my motives are not entirely altruistic.
https://github.com/fossjobs/fossjobs/wiki/resources#patronag...