pull down to refresh

The mega-whale from the past surfacing to throw money around is absolutely NOT ENOUGH and you are absolutely correct, there's an unbelievably huge problem in the open source community with people not being suitably compensated for their hard work and dedication.
If more people in the general public were aware of just how many critically important libraries/frameworks/technologies that are relied upon by the vast majority of the internet in order to keep things functioning, are being maintained by like maybe at best a handful of individuals (oftentimes not even that many, sometimes as few as 1 person -- and in almost all cases, they aren't being compensated whatsoever), perhaps it would open folks' eyes to just how dire the situation is.
I would really recommend anyone who is interested in this topic, to read this piece I'm linking below. It was an open letter written by the sole developer who built/maintains one of the most important and widely used javascript libraries on the entire internet called core-js -- anyone here who has ever done any kind of webdev work involving js has almost surely used it, at least as a dependency, at some point -- but for those who aren't developers, here's some context to appreciate:
  • core-js (at the time of the article, which was almost a year ago) had over 9 billion downloads via NPM (~250 million/month) & more than 19 million Github repositories have core-js as a dependency.
  • core-js is used on roughly ~50% of websites, with ~60-75% of the top 100 websites also using it -- including sites like: Amazon.com, Instagram, Twitter, Reddit, Twitch, OpenAI, Yahoo, Microsoft.com, Whatsapp, LinkedIn, Netflix, Pornhub, eBay, Binance, Apple.com, Paypal, AliExpress, Spotify, etc. etc. etc.
So yeah, this should give you an idea.
Anyway, I will not go on further about this, you can read the article here if you're interested, it's kind of long -- but to basically summarize, this guy has labored over this, mostly by himself, for YEARS, since 2014.
Part of his predicament is his own making as he didn't advertise or really ask for money for a long time. A lot of the people who contribute to open source projects like this, have a problem asking for donations, as what tends to happen -- which happened with the core-js developer -- is you risk facing immense backlash from a group of super entitled people who are of the opinion basically "go fuck yourself, I'm entitled to your work for free, I'll fork it or find someone else doing it if you don't wanna give it to me for free".
His donations were totaling a whopping $57 a month. Eventually npm implemented some things and with some other sources (most of it coming from another FOSS collective) he was able to get it up to $2500 a month. The really gross thing -- there wasn't a single corporation/company representing any of the top 1000 websites -- many of which use his library, who provided any kind of money.
Perhaps the worst part of this is that, since the developer is Russian, in addition to receiving an endless torrent of hatred and vitriol from unhinged lunatics calling him a fascist, etc. online, the few sources of income he had were slowly eliminated or shut down because of things like sanctions, github sponsorships weren't available to him, paypal wasn't available, none of that stuff. One funding company, Tidelift, was even scummy enough that they froze his pending payout of $1000 and then ghosted him and left him unread on emails for months, giving vague statements about "the war" as to the reasoning.
Anyway, it's not all dire, it does seem that after writing this open letter, he received a lot of people who chose to start helping out. I myself donated to this guy, sent him some bitcoin actually and it seems that some others have as well, last I checked the wallet he had posted had almost 1 BTC in it, which is cool. It's a shame though that it had to come to that stage.

So, then...

What's the solution? What can be done to help with this worsening issue of developers on open source projects essentially being ripped off?

Well there are a few things. Firstly I would say that developers who are releasing stuff in an open source manner and are developing in the open should immediately take a look at WHAT LICENSING MODEL they are utilizing for their code releases. Sadly, most people don't even bother really looking into this too deeply, and wind up using something without considering all of the ramifications of what they are choosing.
Open source and "free software" doesn't necessarily mean free as in "free lunch" -- it means free as in freely available. This is largely lost on a lot of normies and end-users, but even a lot of fellow developers will sometimes fall into the trap of thinking that because they want to do things in an open source manner, that somehow this also means that they owe the public anything. This isn't true. At the very least, there should be a lot more thought put into considering some of the licensing models that support true open source/non-profit/community use and contribution, while not screwing yourself over as a developer/contributor in the case that your project winds up getting used by or attempted to be rolled into something that's being developed by one of these huge corporations with tons of cash. If such a license type doesn't exist, perhaps it needs to be made. I don't have all the answers, I just know what I have seen and experienced myself.
Github sponsorships works pretty well, it's super easy to use and a lot of people are already on Github regularly, so if you have a repo on there that you want to get funding/donations on, it's not too difficult to make these requests visible to those people most likely to be making donations; contributors and end users of your work.