- Discuss the changes in the private gulp team forum.
- Include a cost estimation with either a fixed price or hours + rate (suggested $50 per hour).
- Notify the team before you exceed an estimate.
Bug bounties may be assigned at the Core Members’ discretion to issues of significant importance - usually issues outstanding for at least 6 months.
- Issues with bug bounties will be labeled “Bug Bounty: $x”.
- In order to claim a bug bounty, create a Pull Request that fixes an issue with a “Bug Bounty” label.
- The Pull Request must be reviewed and merged by a Core Member. If competing submissions exist, the best solution will be chosen by a Core Member. All else equal, the first submission will be chosen.
- Once your Pull Request is merged, you can submit an expense to our Open Collective which includes the link to your submission in the description (e.g. $100 bug bounty claim for #2226). You will also need to provide an invoice, see the Open Collective Expense FAQ for more details and to get a Google Docs template that you can use.
- Then, add a comment on your Pull Request, noting that you’ve claimed the money, with a link to your Open Collective expense. This is to ensure the same person who fixed the issue is claiming the money.
- Your expense will be validated by a Core Member and then your payment will be dispersed by Open Collective the following Friday.