GitHub today launched Sponsors, a new tool that lets you give financial support to open source developers. Developers will be able to opt into having a “Sponsor me” button on their GitHub repositories and open source projects will also be able to highlight their funding models, no matter whether that’s individual contributions to developers or using Patreon, Tidelift, Ko-fi or Open Collective.
The mission here, GitHub says, is to “expand the opportunities to participate in and build on open source.”
That’s likely to be a bit controversial among some open source developers who don’t want financial interests to influence what people will work on. And there may be some truth to that as this may drive open source developers to focus on projects that are more likely to attract financial contributions over more esoteric projects that are interesting and challenging but aren’t likely to find financial backers on GitHub. We asked GitHub for a comment about this but did not receive a response by the time this article went live.
The program is only open to open source developers. During the first year of a developer’s participation, GitHub (and by extension, it’s corporate overlords at Microsoft) will also match up to $5,000 in contributions. For the next twelve months, GitHub won’t charge any payment processing fees either (though it will do so after this time is over).
Payouts will be available in every country where GitHub itself does business. “Expanding opportunities to participate on that team is at the core of our mission, so we’re proud to make this new tool available to developers worldwide,” the company says.
It’s worth noting that this isn’t just about code and developers, but all open source contributors, including those who write documentation, provide leadership or mentor new developers, for example. As long as they have a GitHub profile, they’ll be eligible to receive support, too.
To make this work, GitHub is also launching a ‘Community Contributors’ hovercard to highlight the people who built the code your applications depend on, for example.
It will definitely be interesting to see how the community will react to Sponsors. The idea isn’t completely novel, of course, and there are projects like Beerpay that already integrate with GitHub. Still, the traditional route to get paid for open source is to find a job at a company that will let you contribute to projects, either as a full-time or part-time job.
In addition to Sponsors, GitHub is also launching a number of new security features. The company today announced that it has acquired Dependabot, for example, a tool that ensures that projects use the most up-to-date libraries. GitHub Enterprise is getting improved audit features, which are now generally available, and maintainers will now get beta access to a private space in GitHub to discuss potential security issues so that their public chats don’t tip off potential hackers. GitHub is also taking token scanning into general availability, which is meant to prevent developers from accidentally leaking their credentials from services like Alibaba Cloud, Amazon Web Services, Microsoft Azure, Google Cloud, Mailgun, Slack, Stripe and Twilio.
GitHub’s enterprise edition is also getting a few updates, including more fine-grained permissions, which are now generally available. Also generally available are Enterprise accounts, while new features like internal repos and organizational insights are now in beta.