

Lessons learned from bountying bugs - cperciva
http://www.daemonology.net/blog/2011-09-05-lessons-learned-from-bountying-bugs.html

======
eneveu
Offering bounties for small bugs such as "cosmetic" errors is great.

When browsing open source code, I often refrain from reporting small mistakes
(e.g. spelling errors), fearing it would "waste" the time of the maintainers
for "superficial" problems... I also don't want them to think I'm criticizing
their code / spelling.

I think even small errors are important (broken window theory). By explicitly
encouraging such reports, you encourage people to read your code, but you also
let people know it's okay to "bother" you with these small errors.

------
Xurinos
This is really cool, and it sounds like a great thing to try for important
projects. I just wanted to get more detail on something.

 _People who report bugs usually care more about feeling respected than
getting every possible dollar from you._ ... _I awarded two very similar bugs
from the same reporter $10 and $50 respectively_

Where does this assertion about respect come from? How do you know this? Did
people come out and say it? Did their interest in continuing to look for bugs
rise, fall, or stay the same as a result of the consistent explanations? Do
you have actual quotes from the reporters?

I was just curious if this is speculation because it is very easy for us to
make the fallacy of assuming someone else thinks the way we do, that their
reason for doing something would be the same as what we think would be the
reason. I want to believe the assertion, but since it is a generalization, I
am skeptical.

~~~
ralph
I think I'm the bounty hunter that got $10 and $50 for two similar bugs.
cperciva's summary is accurate in my case. WRT feeling respected, it wasn't an
explicit need for me but implicitly it helps a lot that his replies had a few
lines of explanation when it was a "no, not a bug" or a borderline decision on
how big a bounty. Just as it would if I'd had made the report to a non-bounty
FLOSS project.

~~~
cperciva
_I think I'm the bounty hunter that got $10 and $50 for two similar bugs._

Yep. I would have named you, but I don't like doing that without asking
permission first and I didn't know that I was going to mention the $10/$50 bit
until I was halfway through writing that blog post.

------
16s
I didn't submit any bugs, but I certainly enjoyed reading the code. I learned
a lot from it. Tarsnap has some of the simplest, understandable C code I've
ever read. If I ever need, secure remote backup, I'd use this software and
recommend it to others.

~~~
cperciva
_Tarsnap has some of the simplest, understandable C code I've ever read._

Thanks! It's great to hear comments like this -- _I_ think my code is clean
and understandable, but I know that most people say the same thing about their
own code, so having someone else say this is very gratifying.

