Nix Bounties , rewarding people who package/maintain with $$$$$$$$$$$$

There are currently 961 open issues for packaging requests on nixpkgs issues.

So, I’ve been thinking, and when i think, things happen.

We need to setup nix bounties.

Where someone with $$$$ can Connect with someone who can package/maintain

So if someone needs something packaging for nixpkgs, it can get done and the site gets the developer paid for their time/work from the requester(s)

I’m not sure how this would work for short/long term package maintenance but it might get things moving in the right direction.


@mat @mightyiam could this be a topic for Summer of Nix 2023?

I’m not sure how this would work for short/long term package maintenance but it might get things moving in the right direction.

I think, all packages need to have proper long term maintainers, otherwise it might be better not having such package in repository. My main concerns are potential problems with lack of security patching or dependency/compatibility problems over the time.


There are third party sites that allow you to post bounties for OSS work. Bountysource is the one I’ve heard of but I think there are others.

Those seem to work best if a project “blesses” one of them by linking to it in docs and explaining it to people. It might be worthwhile to use it for bounties other than just packaging too.

I’ll admit though, I’ve never actually used any of them so I don’t know how effective they actually are.


It doesn’t seem like we have the capacity to implement more ideas at this point.

1 Like

I guess people can just keep an eye out for names they keep seeing on their favourite/critical packages & see if they list donation links anywhere.

Probably couldnt do some kind of automatic “pay all the maintainers of these packages” because firstly I dont think there’s any good platforms for this. But also its pretty trivial to add yourself as a maintainer but doesnt mean you do any maintaining :sweat_smile:


Yeah, it was just a shower thought.

I’d been watching a lot of speakers on keeping open source ecosystems alive, how to get everyone paid.

New Students have the most time to give, and also need to get their CV’s filled up to get a professional job.

However, what they give in time, they lack in experience.

So to keep experienced engineers, they need to remunerated for their time, in a fair manner.

I thinking donating to developers is a great start. However, getting something between that and crowd funding certain tasks may be good idea

Combining the task, with what a person whats to give to get it done, also has the effect of ‘voting’. However you voting not with a ‘like’ but with $, which is effectively the same thing.

I’m going to start to flesh out a MVP for this, and see what it would look like, unless their is a F/OSS locally installable app that does it already?

services.nixbounties.enable = true;

I fear that this could make nixpkgs quality worse.
we might have a lot of packages that

  • have been added because of packaging requests and money
  • no one is interested in actually maintaining.

more packages != better

Kind of related, I thought for a while that maybe we can get some corporate sponsorship and ship out nixos shirts/hoodies to thank them.


What GitHub offers might be a viable model, maybe. (or similar ones)

EDIT: though such approaches aren’t new or specific to NixOS. And even after so many years and attempts I rarely see someone who could pay a noticeable part of their life expenses from (such) donations.


First of all, let’s not forget money is not the only (even primary?) motivator: much of the stuff I do in open source in my free time would not be “financially sustainable” by a long shot, but it’s just satisfying to work together, “do the right thing” and “do the thing right” without worrying about budgets, deadlines or uncertain outcomes :slight_smile: .

That said, I definitely agree it is useful to find models that allow contributors to justify setting aside significant time for things that benefit the project but they wouldn’t get to in their “free time”.

I’m not super optimistic about “bounties”:

  • It encourages doing the minimal amount of work to get the bounty, rather than taking into account longer-term sustainability.
  • Professional software development is expensive. Funding even medium-sized projects would quickly need a group of individual “backers”, introducing complicated group-decision-making on what the task is, who it should be awarded to and when it is “done”.

Rather than setting “nameless” bounties, I think a model where companies that want to support/evolve the parts of the ecosystem they rely on grow a (hopefully) longer-term relationship with a particular contributor might work best.

Shameless self-promotion: I’m one of the people you could hire for such things :wink: .


I’d like to second @raboof and point out that bounties are virtually always in the top five solutions that are suggested to the open source funding problem, and have been for a long time. It seems like if they were to make any positive impact, then, they would have already done so. Empirically speaking, maybe they just don’t work?

@raboof , @chreekat , I see.

I set up a lets system many moons ago, It was a time bank. Where people traded time, rather than money. It worked really well. Someone helped someone in the garden for an hour. Then they could use to maybe, get some to help them paint a fence for an hour. The currency used was time.

So there might be other ways than just cold hard cash.

Time is probably the one thing you can’t make more off.

I’d be wary of corporate sponsorship, because depending on the ‘corporate’, and how hands off, hands on they are, this ‘favour’ is seldom with wanting something back.

You scratch my back and I’ll scratch yours.

Certainly food for thought.

I guess this loop has been played out many times , with all distros that package upstream projects. We are the lowest in the food chain, because we take others work, and make it run.

Who wants to pay for that?

But maybe we a few tweaks to the model… , this ecosystem can be sustainable, without toxic forms of corporate sponsorship. (not all corporate sponsorship is toxic, just depends on the corporate , they are not all tarred with the same brush).

Maybe there is no way around this and all open source projects are doomed to the fate of the others that came before. Or maybe not.

I don’t know what the future holds on this subject… (even though i am from 2038) , i can only to refer to history as my guide.

Maybe there is no answer to this, maybe it’s just ‘thats the way it is and there is no changing it’ . Thats what i thought about tradition Unix, yet here we are…

1 Like

more packages != better


But not all packages are equal, and not all packages have the same ‘importance’.

A library that is used by > 1000 programs …

You could probably calculate the ‘importance’ of package, from the number of things that depending on it, the number of users using it etc etc etc. There must be a set of metric that could define this.

This could be used as a ‘bonus’ multiplier, for bounties (time. nix coins, dollars, kudos, reputation)

Ibm used to Klocks as a metric for paying programmers, for every 1000 lines of code they wrote they got paid more.

Seems like a good idea , but it made programmers write large sprawling programs, rather the smaller optimised programs… i classic case of the management not understanding what software was, how to craft it.

Maybe software organisations (which are sometime an individual or < 2 actual people) , should pay programmers not to developer code, not add features, but pay for refactoring, pay for documentation, pay bonuses for tests. Rather than a feature based economy, which has probably got us into this ‘software complexly’ crisis. Nix doesn’t address that, it just manages that complexity.

How could one measure the complexity of a derivation (package / module).

Many nix should come with a way of submitting (voluntary) stats on what your machine has installed. I can see whay Macrohard do this ‘data collection’, so they know what to spend their time 'make that ‘thing’ work.

Like a CVE score but for ‘importance’.

The more i think about it, the more is, How does open source work so well at all?

The kernel has it easier, its a much smaller project compared to nix/OS .

I’m going to wander off for a while and mull this over… food for thought. Thanks you for all your comments.

Github take a cut, I’d love the cut to go somewhere else…

The Nixos foundation.

I’m thinking of programmatic solution to a problem as things scale up.

The foundation/infra is undermanned. I don’t want them to try running this. And if you outsource it to some service – yes, the service will take a cut.

I would love to bounty up on Package request: Teradici PCoIP Client · Issue #239042 · NixOS/nixpkgs · GitHub

I’ve completed a bounty through in 2021 so you can try that.
But also look into what are the current best bounty services

Github has onetime sponsorings so if there’s trust then that could work.

1 Like

cool , it would be nice to have a specific nix branded site, just for maintaining nixpkgs…

The foundation could then take a small percentage to keep the site running, and the developers paid.

so everyone wins…

This looks very relevant to this discussion:

Are bounties really a thing we wanna go for?


I think packaging bounties in particular may be a bit iffy. Mostly they’ll be for clunky proprietary things that will break frequently and need specific dependency versions that will therefore force some other packages to stick around. Otherwise the bounty-giver would probably just package it themselves, I doubt random end users are going to ask you to write easy open source packages because they can’t figure out nix.

This means significant additional maintenance burden, and given the nature of bounties as well as nixpkgs maintenance that will then likely fall onto the already stretched maintainers.

The flow of nixpkgs contributions is also nowhere near smooth enough to support bounties, a lot of PRs kind of end up in limbo for months/years. If bounties are tied to PRs merging, that’ll probably cause resentment all around.

OTOH, pragmatically, bounties are probably just about the only way to get initial movement on complex, purely business-oriented packages like the one mentioned in this thread. Don’t think you’ll find many people packaging proprietary HP VPN/remote desktop combo tools for fun, when F/OSS alternatives that often also just work better exist.

Maybe there could be a separate nixpgks-proprietary, or nixpkgs-wrapped repo for packages like that, and maybe bounties would be more suitable for a repository focused on them. Maintenance could then also mostly come in the form of bug bounties, with a general understanding that the maintenance of this repo is more spotty, and barriers for contribution lower. Could also serve as a graveyard for old gcc/python/java versions and such, for orgs that never update their toolchains.

1 Like