Sorry, but I'm not seeing how this will help. If I take e.g. libpng and rewrite it in Rust, then it's basically a new project. I don't understand how a patch replacing all existing code will be accepted upstream, or how the many projects using libpng will be convinced to use my new library.

One of the folks behind the bounty here. Happy to answer questions.

> Q: What if the maintainers won't accept the patch?

> A: The Fish in a Barrel Memory Safety Bounty only rewards contributions that are merged upstream. We strongly encourage people interested in pursuing a bounty to work with, not against, open source maintainers and to behave respectfully.

It's good to see this called out specifically, but I can't help but think this is attaching a monetary incentive to badger a project to accept a patch that at the very least requires changes to the project build system

Rewriting stuff in memory safe languages would be a worthwhile goal, but then they go on by providing bounties to write Linux Kernel drivers in Rust.

Rust is memory safe only in documentation but not in practise.[1] Rather provide bounties for real memory safe languages. Rust is also neither type safe[2] nor concurrency safe[3].

1: eg https://github.com/rust-lang/rust/issues?q=is%3Aissue+is%3Ao... but this is just the surface. alloca is not only unsafe but also security critical. Rust stack allocates too much unchecked.

2. https://doc.rust-lang.org/reference/unsafe-blocks.html

3. Races as eg with https://doc.rust-lang.org/reference/items/static-items.html?... requiring manual mutexes