Something of note about the FOSS Contributer Fund by Indeed is that the projects supported by anyone company running their own fund is entirely determined by themselves - which is inevitably going to lead to bias and oversight, maybe because some projects are not considered important or are ignored by the operators of the fund.
To solve this problem I’d implement a single shared dependency graph for all projects in the Dependency Funding Tool.
For example:
Suppose I work with the OrbitDB library, which depends on both IPFS and p-map. But I only know of the first and not the latter dependency - IPFS is considered part of the “OrbitDB Stack” and p-map only an auxiliary library.
If I worked at a company running the FOSS Contributor Fund, I’d probably propose and vote for OrbitDB and IPFS - but I’d not know about the dependency on p-map unless I looked at one of the many package.json files in OrbitDB’s source code. Thus removing an important source of support for that project.
This is why we need a global single dependency graph that can be used to calculate the dependency of a single project on any other project.
Anyone should be able to add tips to this graph (i.e. adding a new project and it’s dependencies) and petition other projects to add them to their dependencies.
The connections between graph nodes should be directional and weighted indicating the severity of the dependence (in the example above, IPFS may receive a higher dependency weight than p-map).
To then calculate a list of projects that a person should contribute to with money, time, effort or otherwise I’d look at the projects they use directly (by scanning their usage statistics or browser history locally) and then looking up those project’s dependencies in the graph and sorting the resulting list based on the weights of the dependency and the distance between a project and the user facing project.
(This is fair, because a project like log4j or Linux, that is used by millions of people and is only part of the dependency graph at a far latter stage, than say, MongoDB, OrbitDB or p-map, receive smaller but more numerous support in this system).
The institutions of a global dependency graph, that is publicly known and where project developers can add, remove and change the weights of their projects, as well as petitioning others to change their own projects connection with them, is thus a more transparent and fairer way to support free software than using a corporate controlled funding program.
Yet it’s not without it’s problems, project developers could try to unfairly manipulate their dependencies or unfairly weight certain connections. But I believe this system can work well on a good faith basis, since all changes are public, such manipulations of the graph would be known and could be counteracted by removing projects from your project’s own dependencies or asking people using the tool not to support certain projects that are calculated.
(Equivalents to the Fediverse’s bans, muting and blocks instituted not by an overarching institution but by small parts of the Fediverse in a semi-democratic manner).
See: socialcoding