Bounty program

rggjan · November 22, 2018, 6:22am

Take part in a bounty program like https://www.bountysource.com, where users can sponsor features they would like to get implemented.

anzenketh · November 24, 2018, 1:22am

They do take part in a bounty program https://hackerone.com/bitwarden

rggjan · November 25, 2018, 12:31pm

This is cool, but a different kind of bounty program. I’m talking about users give money to bitwarden for new features, instead of bitwarden gives money to users for security issues…

AndyBlaser · November 27, 2018, 8:47am

I agree and would love to see a bounty program, the possibilities with bountysource, gitcoin and the like would be really nice. Features that are very important to users will see greater bounties than other issues and would help developers prioritise?

colohost · November 27, 2018, 4:59pm

I’d prefer the developers prioritize the features requested by the enterprise license customers.

aspiers · April 9, 2020, 2:11pm

In Free / Open Source these are not mutually exclusive - they can happen at the same time. Developers who are getting paid via enterprise licenses can work on what the enterprise customers want, and freelance developers and everyone else can earn money from bounties placed by the community.

The only potential blocker is how many / which pull requests the maintainers of the codebase are willing to review and merge. But I’d be pretty astonished if they rejected community-funded enhancements which met a decent level of quality; if they did, this would send a very bad message out to the community and risk causing hard-forks of the project.

There is some precedent for this kind of behaviour being partially tolerated in Open Core projects such as GitLab, but if it happens too much then it typically tips the community over the edge (e.g. see the history behind LibreOffice vs. OpenOffice, or MariaDB vs. MySQL - incidentally both triggered by bad behaviour at Oracle).

aspiers · April 9, 2020, 2:14pm

It’s also worth noting that noone has to wait for the Bitwarden folks to “officially” enroll the project in a bounty program. Anyone can submit a bounty to any bounty management platform such as Gitcoin or Bountysource at any point. That’s the beauty of Free / Open Source software

Moxville · September 16, 2020, 12:25pm

Does Bitwarden pay bounties to reward hackers who notify the company of security vulnerabilities ?

tgreer · September 16, 2020, 1:00pm

Currently, we have our HackerOne project, but monetary bounties aren’t available just yet. We’re working on improving that, though. Stay tuned!

OLLI_S · October 25, 2020, 5:01pm

@tgreer These bounty programs are really working, I donated already some money for KeePassXC (donated for two features, 50 US$ in total).
When I stay at KeePassXC (do not switch to Bitwarden) then I have the next two features in KeePassXC where I will donate 50 US$,
I am a personal user, not a company, so my donations were “low”.

K0media · October 30, 2020, 1:20am

You’re not alone here, bro.

Not earning in dollars is such a pain, sometimes.

OLLI_S · October 30, 2020, 4:56pm

But now something really serious:
I would pay for some features that are extremely important to me like:

So please consider making this available.