ASF on bug bounties

Matthias Kirschner mk at
Fri Jun 16 14:28:41 UTC 2017

Dear Paul, 

I missed your blog entry before, so thanks for your summary!

* Paul Boddie [2017-06-16 13:55 +0200]:
> The report does make valid points about the burden of security-related 
> feedback on Free Software projects. Unfortunate, then, that it states this: 
> "People are volunteers." While Free Software projects are typically open to 
> volunteer participation, the likes of the Apache Software Foundation should be 
> looking to promote and develop ways through which "people" will not be 
> (unpaid) volunteers but can instead dedicate their "work time" to maintaining 
> and improving Free Software.

Actually I would be very interested in the percentage of Apache
developers who do their work on a paid basis. My impression always was
that the percentage of paid developers is quite high in that area. Does
anyone of you have any insights there? Else I would ask the author.


Matthias Kirschner - President - Free Software Foundation Europe
Schönhauser Allee 6/7, 10119 Berlin, Germany | t +49-30-27595290
Registered at Amtsgericht Hamburg, VR 17030  |   (
Contact (  -  Weblog (

More information about the Discussion mailing list