Bug bounty framework?
Gleb Popov
arrowd at freebsd.org
Tue Apr 27 07:15:25 UTC 2021
On Mon, Apr 26, 2021 at 11:12 PM Li-Wen Hsu <lwhsu at freebsd.org> wrote:
> <snip>
>
> For the idea the original post described sounds like having a reward
> for completing a specified task. It's more like a job posting for
> seeking freelancers. But there is one (or more) for open source
> projects. Here is an example I remember:
>
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204521#c3
>
> https://www.bountysource.com/issues/75687739-new-driver-request-port-rtsx-from-openbsd-to-freebsd
>
> I guess leveraging those external services is better than setting up
> our own at this point?
>
> Bes,
> Li-Wen
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
>
Speaking of bountysource.com, it is a TERRIBLE site. I was the one who
posted the rtsx driver bounty, and after a while it turned out that
BountySource quietly takes money from your balance as a "fee for
inactivity". I lost about $100 before noticing this. From now I won't trust
in any general-purpose bug-bounting site unless it runs as a smart contract
for a block chain.
It'd be great if the Foundation implemented an ability to mention Bugzilla
PRs when making a donation.
More information about the freebsd-hackers
mailing list