漏洞赏金计划
¥Bug Bounty Program
PixiJS 致力于为 Web 提供可靠、高性能的渲染引擎。为了支持这一使命,我们推出了一项 Bug 赏金计划,以奖励帮助 PixiJS 更加稳定和健壮的贡献者。
¥PixiJS is committed to delivering a reliable, high-performance rendering engine for the web. To support that mission, we’re launching a Bug Bounty Program to reward contributors who help make PixiJS more stable and robust.
工作原理
¥How It Works
-
赏金标签分配 PixiJS 团队将确定符合条件的问题,并应用
bounty标签以及特定的金额。¥Bounty Tag Assignment The PixiJS team will identify eligible issues and apply the
bountylabel along with a specific dollar amount.只有带有
bounty标签和金额的问题才有资格参与此计划。¥Only issues labeled with the
bountytag and a dollar amount are eligible for this program.你可以找到所有当前带有赏金标签的问题 此处。
¥You can find all current bounty-tagged issues here.
-
提交要求 要获得赏金,你必须:
¥Submission Requirements To claim a bounty, you must:
-
提交一个可修复问题的 Pull 请求 (PR)。
¥Submit a Pull Request (PR) that fixes the issue.
-
在你的 PR 描述中链接此问题。
¥Link the issue in your PR description.
-
请包含一个清晰的示例或测试用例,以证明错误已得到解决。
¥Include a clear example or test case demonstrating that the bug is resolved.
-
遵循我们的标准 贡献指南。
¥Follow our standard contribution guidelines.
-
-
审批流程
¥Approval Process
-
PixiJS 团队将审核你的 PR。
¥The PixiJS team will review your PR.
-
如果你的修复程序被接受并合并到主分支,你的赏金即被批准。
¥If your fix is accepted and merged into the main branch, your bounty is approved.
-
-
合并 PR 后请求付款:
¥Requesting Payment Once your PR is merged:
-
你可以通过我们的 Open Collective 页面提交付款请求。
¥You can submit a payout request via our Open Collective page.
-
请在你的请求中包含已合并 PR 和赏金问题的链接。
¥Include a link to the merged PR and the bounty issue in your request.
-
付款将通过 Open Collective 处理。
¥Payments will be processed through Open Collective.
-
条款和条件
¥Terms & Conditions
-
只有预先批准的带有
bounty标签和金额的问题才有资格参与此计划。¥Only issues pre-approved with a
bountytag and dollar amount are eligible. -
赏金由 PixiJS 团队自行决定。我们保留拒绝不完整、引入回归或不符合项目标准的修复程序的权利。
¥Bounties are awarded at the PixiJS team's discretion. We reserve the right to reject fixes that are incomplete, introduce regressions, or do not meet project standards.
-
你可以提交未带有赏金标签的问题的修复,但这些修复不符合获得经济奖励的资格。
¥You may submit fixes for issues without a bounty tag, but they will not be eligible for financial rewards.
-
多个贡献者可以为同一赏金提交 PR,但只有被合并的 PR 才有资格获得付款。
¥Multiple contributors can submit PRs for the same bounty, but only the PR that gets merged is eligible for payment.
-
赏金金额是固定的,不可协商。
¥The bounty amount is fixed and non-negotiable.
-
滥用、发送垃圾信息或提交低质量内容可能会导致被排除在计划之外。
¥Abuse, spamming, or low-quality submissions may result in exclusion from the program.
赞助赏金
¥Sponsoring Bounties
如果你是正在开发项目的开发者或公司,并且希望赞助一次性赏金,请联系 Matt Karl @bigtimebuddy (hello@mattkarl.com) 安排细节。
¥If you are a developer or company working on a project and would like to sponsor a one-off bounty, please contact Matt Karl @bigtimebuddy at hello@mattkarl.com to arrange the details.
赞助商可以直接向我们的 Open Collective 进行一次性捐赠,以资助赏金计划。
¥Sponsors can make one-time donations directly to our Open Collective to fund the bounty.
我们恳请赞助商在赏金金额上额外增加 10%,以支付 Open Collective 的处理费用。
¥We kindly request that sponsors add an additional 10% to the bounty amount to cover Open Collective's processing fees.
查找赏金问题
¥Finding Bounty Issues
你可以在我们的 GitHub 代码库中轻松找到 符合条件的赏金问题。
¥You can easily find eligible bounty issues on our GitHub repository.
这使你可以将贡献重点放在有经济回报的任务上。
¥This allows you to focus your contributions on tasks that have a financial reward.
我们为何这么做
¥Why We're Doing This
我们相信开源和社区协作的力量。我们的漏洞赏金计划旨在:
¥We believe in the power of open source and community collaboration. Our bug bounty program is designed to:
-
鼓励贡献者解决重要且有影响力的问题。
¥Encourage contributors to tackle important, impactful issues.
-
我们理解调试和修复复杂问题所涉及的艰苦工作。
¥Recognize the hard work involved in debugging and fixing complex problems.
-
请知悉 PixiJS 核心团队规模较小,并且经常专注于其他关键任务,你的贡献有助于更快地解决问题。
¥Acknowledge that the PixiJS core team is small and often focused on other critical tasks, your contributions help get issues resolved faster.
-
让 PixiJS 更好地服务于每个人。
¥Make PixiJS even better for everyone.
有疑问?
¥Questions?
欢迎在我们的 GitHub 讨论区 上提问或加入我们的 Discord 社区。
¥Feel free to ask questions on our GitHub Discussions or join our community Discord.