Introduction to GitHub Bounty Scanning
I've spent countless hours contributing to open-source projects on GitHub, and honestly, I used to waste a lot of time searching for bounties to work on. Last Tuesday, I realized I'd spent an entire morning scouring the platform for something, anything, to sink my teeth into. But manually searching for these bounties can be a real pain - it's tedious, time-consuming, and just not scalable. That's why I built a GitHub Bounty Scanner using Node.js, which has been a total game-changer for me, saving around 2 hours per week.
The thing is, on my system, I used to spend around 30 minutes every day searching for bounties on GitHub. This involved filtering through numerous repositories, checking for open issues, and looking for bounties. Not only was this process tedious, but it also limited the number of repositories I could search through. With over 200 million repositories on GitHub, manual searching was just not going to cut it.
Building the Bounty Scanner
To build the scanner, I used the GitHub API to fetch open issues from repositories. I chose Node.js for this project because it's easy to use, performs well, and has a ton of great packages available. The first step was to authenticate with the GitHub API using a personal access token. Here's an example of how I did this:
const axios = require('axios');
const token = 'your-personal-access-token';
const headers = {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
};
axios.get('https://api.github.com/user', { headers })
.then(response => {
console.log(response.data);
})
.catch(error => {
console.error(error);
});
This code snippet authenticates with the GitHub API and fetches the user's data. Turns out, it's pretty straightforward once you get the hang of it.
Fetching Open Issues
Once authenticated, I used the GitHub API to fetch open issues from repositories. I targeted repositories with the bug-bounty label, as these are the ones that typically offer bounties. Here's an example of how I fetched open issues:
const axios = require('axios');
const repoOwner = 'repository-owner';
const repoName = 'repository-name';
const label = 'bug-bounty';
const headers = {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
};
axios.get(`https://api.github.com/repos/${repoOwner}/${repoName}/issues?labels=${label}&state=open`, { headers })
.then(response => {
console.log(response.data);
})
.catch(error => {
console.error(error);
});
This code snippet fetches open issues from a repository with the bug-bounty label. I've been running this on our 3-server setup, and it's been working like a charm.
Performance and Cost
The Bounty Scanner has been running in production for over 6 months now, and it's saved me a significant amount of time. On average, it takes around 10 seconds to scan 100 repositories, which is a huge improvement over manual searching. In terms of cost, I'm using a free GitHub API plan, which allows for 5000 requests per hour. Since I'm only making a few hundred requests per day, I'm well within the limit. The scanner is running on a $5 per month DigitalOcean droplet, which is more than sufficient for this use case.
Time Saved and Bounties Found
Since building the Bounty Scanner, I've found and completed 15 bounties, with an average payout of $150. This translates to a total of $2250, which is a significant amount considering the scanner only took around 200 lines of code to build. In terms of time saved, I've estimated that the scanner saves me around 100 hours per year, which is equivalent to around $5000 based on my hourly rate. Building a GitHub Bounty Scanner in Node.js has been a game-changer for my open-source contributions, saving me 100 hours per year and earning me $2250 in bounties.
Top comments (0)