🪥 FlossFunding

🌻 Synopsis

This tool can help library maintainers earn money from their open source work in one line of code.

👉️ No network calls.
👉️ No tracking.
👉️ No oversight.
👉️ Minimal crypto hashing.
💡 Easily disabled by ENV['FLOSS_FUNDING_SILENT'] = "CATHEDRAL_OR_BAZAAR"

Now, back to the one line of code I mentioned. If you blink you may miss it…

module MyGemLibrary
  include FlossFunding::Poke.new(__FILE__) # <====== THERE IT IS! ONE LINE OF CODE!
end

The website that will generate activation keys for your gems is coming soon @ floss-funding.dev. FLOSS Funding relies on empathy, respect, honor, and annoyance of the most extreme mildness. It doesn’t accept payments for activation keys, and trusts you to go and sponsor or donate to your favorite open source projects before getting their “activation key”.

What does an activation key do? It silences the nags for a library, and “activates” your peace of mind. It rewards you with a gold star sticker (⭐️) for each project you fund when your process exits. That’s it.

The project does not affect licensing of projects. It is purely a tool to help library maintainers earn money from their open source work.

This is permitted by nearly all, if not all, FLOSS licenses, including the popular MIT, BSD 2-clause, BSD 3-clause, Apache 2.0, etc.

There are two kinds of “free” in software:

Free as in beer
Free as in freedom (of speech)

No FLOSS licenses I am aware of guarantee “free as in beer”. Since developers deserve to be paid for their work, I decided to make this tool.

It has been my experience that work on the dark underbelly of software, down in the test harnesses, and the dev tools, often gets overlooked, as people focus on the big frameworks.

This tool makes it far easier to get paid for your work down there at the bottom of the stack, in the dev dependencies that get overlooked by most OSS funding tools.

Activation keys use a cipher encryption algorithm against a 2400-word dictionary, with some other data, like the project’s namespace, and the current month, thrown in, to make valid activation keys slightly difficult to discover manually. Once a key is made it is valid forever. There is no revocation. The activation keys are opaque, rather than private. They are not tied to you in any way. Other people may use the same one. And that’s fine! They don’t do anything except silence some STDOUT nagging.

TO DO List

Website coming soon.

A website to generate activation keys for gems
- List all known gems that can be activated with floss_funding
- Account creation with email address, for those who want to keep a record of their generated activation keys
- (Optional) Enter Gem Name
- Affirm they have purchased an activation key
- (Optional) Receive activation key specific to namespace & month generated
- Activation key will remain valid for that namespace forever (tested out to the June, 5425 C.E.)

I expect the current release of this gem to be compatible with Ruby 1.8.7+,
but it is only tested on CI against Ruby 2.3+,
due to the inherent limitations of GitHub Actions.

🚚 Amazing test matrix was brought to you by	🔎 appraisal2 🔎
👟 Check it out!	✨ github.com/appraisal-rb/appraisal2 ✨

💡 Info you can shake a stick at

Federated DVCS

Find this repo on other forges (Coming soon!)

| Federated [DVCS][💎d-in-dvcs] Repository | Status | Issues | PRs | Wiki | CI | Discussions | |-------------------------------------------------------|-------------------------------------------------------------------|---------------------------|--------------------------|---------------------------|--------------------------|------------------------------| | 🧪 [galtzo-floss/floss_funding on GitLab][📜src-gl] | The Truth | [💚][🤝gl-issues] | [💚][🤝gl-pulls] | [💚][📜wiki] | 🏀 Tiny Matrix | ➖ | | 🧊 [galtzo-floss/floss_funding on CodeBerg][📜src-cb] | An Ethical Mirror ([Donate][🤝cb-donate]) | [💚][🤝cb-issues] | [💚][🤝cb-pulls] | ➖ | ⭕️ No Matrix | ➖ | | 🐙 [galtzo-floss/floss_funding on GitHub][📜src-gh] | A Dirty Mirror | [💚][🤝gh-issues] | [💚][🤝gh-pulls] | ➖ | 💯 Full Matrix | [💚][gh-discussions] | | 🎮️ [Discord Server][✉️discord-invite] | [![Live Chat on Discord][✉️discord-invite-img]][✉️discord-invite] | [Let's][✉️discord-invite] | [talk][✉️discord-invite] | [about][✉️discord-invite] | [this][✉️discord-invite] | [library!][✉️discord-invite] |

Enterprise Support

Need enterprise-level guarantees?

[![Get help from me on Tidelift][🏙️entsup-tidelift-img]][🏙️entsup-tidelift] - 💡Subscribe for support guarantees covering _all_ FLOSS dependencies - 💡Tidelift is part of [Sonar][🏙️entsup-tidelift-sonar] - 💡Tidelift pays maintainers to maintain the software you depend on!
📊`@`Pointy Haired Boss: An [enterprise support][🏙️entsup-tidelift] subscription is "[never gonna let you down][🧮kloc]", and *supports* open source maintainers Alternatively: - [![Live Chat on Discord][✉️discord-invite-img]][✉️discord-invite] - [![Get help from me on Upwork][👨🏼‍🏫expsup-upwork-img]][👨🏼‍🏫expsup-upwork] - [![Get help from me on Codementor][👨🏼‍🏫expsup-codementor-img]][👨🏼‍🏫expsup-codementor]

Tokens to Remember
Works with JRuby
Works with Truffle Ruby
Works with MRI Ruby 3
Works with MRI Ruby 2
Works with MRI Ruby 1
Source
Documentation
Compliance
Style
Support
Maintainer 🎖️
`...` 💖	🧊 🐙 🛖 🧪

✨ Installation

Install the gem and add to the application’s Gemfile by executing:

$ bundle add floss_funding

If bundler is not being used to manage dependencies, install the gem by executing:

$ gem install floss_funding

🔒 Secure Installation

For Medium or High Security Installations

This gem is cryptographically signed, and has verifiable [SHA-256 and SHA-512][💎SHA_checksums] checksums by [stone_checksums][💎stone_checksums]. Be sure the gem you install hasn’t been tampered with by following the instructions below. Add my public key (if you haven’t already, expires 2045-04-29) as a trusted certificate: ```console gem cert --add <(curl -Ls https://raw.github.com/galtzo-floss/certs/main/pboling.pem) ``` You only need to do that once. Then proceed to install with: ```console gem install floss_funding -P HighSecurity ``` The `HighSecurity` trust profile will verify signed gems, and not allow the installation of unsigned dependencies. If you want to up your security game full-time: ```console bundle config set --global trust-policy MediumSecurity ``` `MediumSecurity` instead of `HighSecurity` is necessary if not all the gems you use are signed. NOTE: Be prepared to track down certs for signed gems and add them the same way you added mine.

🔧 Basic Usage

Usage patterns:

Traditional namespace (uses the including module’s name):

 module MyGemLibrary
   include FlossFunding::Poke.new(__FILE__)
 end

Arbitrary custom namespace (can add version, or anything else):

 module MyGemLibrary
   include FlossFunding::Poke.new(__FILE__, :namespace => "Custom::Namespace::V4")
 end

Configuration

Silence via lobal Environment Variable

For global silence the best solution is to set the environment variable FLOSS_FUNDING_SILENT=CATHEDRAL_OR_BAZAAR before your application starts.

If you can’t control ENV variables, and you can control the stack, at the beginning of the stack, before other things load, simply require "floss_funding/silent", and it will silence all output. Note that this is less performant than setting the global environment variable, as above.

Silence via Poke.new `silent` option.

silent options values can be any of:

truthy - indicates that the library including Poke.new requires FlossFunding to be silent, perhaps due to scanning the output of a command, or generating output that is expected elsewhere.
falsey - indicates that the library including Poke.new does not require FlossFunding to be silent. This is effectively the default.
Object that responds to :call - indicates that the library including Poke.new might require FlossFunding to be silent, and that evaluation will be done whenever FlossFunding attempts to print something.

If you have a library that doesn’t know, at the time of Poke.new inclusion, if it needs silence, pass an object that responds to :call as the silent option to FlossFunding::Poke.new.

IMPORTANT - By the time your Poke.new using library loads into a stack, other libraries may have already loaded Poke.new for themselves, and may have already generated output. This is not a solution for silencing all output. The main thing it can reliably do is silence the output from the at_exit handler.

If you need to silence everything, do so by setting the environment variable FLOSS_FUNDING_SILENT=CATHEDRAL_OR_BAZAAR before your application starts.

File-based Configuration

Gems that use the floss_funding gem can configure some features by creating a .floss_funding.yml file at their root directory. This works in the same manner as .rubocop.yml for gems that use RuboCop.

The following options are configured via the .floss_funding.yml file:

suggested_donation_amount - The suggested donation amount to display in the begging message (default: 5)
floss_funding_url - The URL to direct users to for donations or sponsorship
a. default: https://floss-funding.dev, which doesn’t take donations on behalf of other projects, but it will have helpful tips on how to find a way to donate.

Example Configuration

In your .floss_funding.yml at the root of your project:

suggested_donation_amount: 10
floss_funding_url: https://example.com/fund

🔐 Security

See SECURITY.md.

🤝 Contributing

If you need some ideas of where to help, you could work on adding more code coverage,
or if it is already 💯 (see below) check reek, issues, or PRs,
or use the gem and think about how it could be better.

We so if you make changes, remember to update it.

See CONTRIBUTING.md for more detailed instructions.

🚀 Release Instructions

See CONTRIBUTING.md.

Code Coverage

🪇 Code of Conduct

Everyone interacting with this project’s codebases, issue trackers,
chat rooms and mailing lists agrees to follow the .

🌈 Contributors

Made with contributors-img.

Also see GitLab Contributors: https://gitlab.com/galtzo-floss/floss_funding/-/graphs/main

⭐️ Star History

</a>

📌 Versioning

This Library adheres to .
Violations of this scheme should be reported as bugs.
Specifically, if a minor or patch version is released that breaks backward compatibility,
a new version should be immediately released that restores compatibility.
Breaking changes to the public API will only be introduced with new major versions.

📌 Is “Platform Support” part of the public API?

Yes. But I’m obligated to include notes…

SemVer should, but doesn’t explicitly, say that dropping support for specific Platforms
is a breaking change to an API.
It is obvious to many, but not all, and since the spec is silent, the bike shedding is endless.

dropping support for a platform is both obviously and objectively a breaking change

Jordan Harband (@ljharb, maintainer of SemVer) in SemVer issue 716

To get a better understanding of how SemVer is intended to work over a project’s lifetime,
read this article from the creator of SemVer:

“Major Version Numbers are Not Sacred”

As a result of this policy, and the interpretive lens used by the maintainer,
you can (and should) specify a dependency on these libraries using
the Pessimistic Version Constraint with two digits of precision.

For example:

spec.add_dependency("floss_funding", "~> 1.0")

See CHANGELOG.md for a list of releases.

📄 License

The gem is available as open source under the terms of
the MIT License .
See LICENSE.txt for the official Copyright Notice.

© Copyright

🤑 One more thing

Having arrived at the bottom of the page, please endure a final supplication.
The primary maintainer of this gem, Peter Boling, wants
Ruby to be a great place for people to solve problems, big and small.
Please consider supporting his efforts via the giant yellow link below,
or one of the smaller ones, depending on button size preference.

P.S. If you need help️ or want to say thanks, 👇 Join the Discord.