Two models past $1k — and one that hit the ceiling

Before getting into the teardowns: the data situation for this kind of research is worse than most maintainers assume. GitHub Sponsors — the platform most maintainers reach for first — does not publicly disclose exact monthly earnings. It shows sponsor counts and goal-completion percentages; you can infer a floor if you know the lowest tier, but you cannot confirm a number. 1 Of the 50+ individual maintainers checked for this issue, the closest to a confirmed $1k/month was Łukasz Domeradzki (ArchiSteamFarm, 13,328 stars), sitting at roughly $461/month — 90% of a $512/month goal, with 102 sponsors. 2 Not over the line.

Open Collective is the only platform that publishes actual financial figures — annual budget estimates, disbursements, and individual expense records are all public. That's where the verifiable data lives. Polar.sh, frequently cited in sustainability discussions, has pivoted to a B2B billing infrastructure product and no longer supports open source creator funding. 3 So the scope here is narrower than the premise suggests, and that's worth naming directly.

What follows are the two clearest documented cases this research window produced — one Open Collective framework, one B2B retainer arrangement — plus a third case that documents what happens when a skilled, visible TypeScript maintainer runs the pure-donation model as hard as possible and still falls short.

What it is: GrapesJS (25,900 GitHub stars, 4,600 forks) is an open-source web builder framework for constructing HTML templates without writing code — the kind of drag-and-drop canvas that powers website editors and email builders. BSD 3-Clause licensed, maintained by Artur Arseniev as a solo admin with no company or foundation backing. 4

Publicly disclosed monthly earnings: ~$2,394/month. Open Collective shows an estimated annual budget of $28,728, calculated from recurring sponsorships: one Gold sponsor ($500/month), 47 active Sponsors ($100/month tier), and 54 Backers ($2/month tier), plus a long tail of one-time donors. All-time raised: $131,358; all-time disbursed: $131,209 — Arseniev runs almost zero reserve. 4

Monetization model: Tiered sponsorship via Open Collective. No dual license, no hosted SaaS layer, no paid plugin — just a clean three-tier structure with corporate logo placement at higher tiers.

The trigger: Transparency paired with a specific expense category. Arseniev's Open Collective page shows a monthly "Issues & Development" expense — most recently €1,900 (approximately $2,225) pulled on May 10, 2026. 4 That single line item communicates something most Patreon-style pages don't: where the money goes, and that someone is treating this as professional work rather than a tip jar.

The framework's positioning also matters. GrapesJS is the open-source layer that commercial website editors and email marketing platforms are built on top of. Its user base includes companies that have a direct financial interest in the project staying healthy — exactly the audience that will fund a Gold sponsor slot rather than a $5 GitHub tip.

Would this work for you? The structural requirement is a user base that builds products on your project, not just uses it. GrapesJS doesn't ask $100/month from individual developers; it asks $100/month from the SaaS company that ships a drag-and-drop editor to 10,000 of its own paying customers. If your project is a utility library that individual developers import once and never think about, the corporate sponsor tier is a much harder conversation. If your project is embedded infrastructure for tools that generate revenue — job queue for Node.js apps, chart library for dashboards, build tooling for production pipelines — the logic holds.

What it is: Filippo Valsorda maintains the Go standard library's cryptography packages, along with age (a modern encryption tool), mkcert (a local certificate authority for development), yubikey-agent, and related transparency tooling. These are not hobbyist projects — they are security-critical infrastructure used in production systems globally.

Publicly disclosed monthly earnings: Equivalent to his total compensation package at Google (base + equity). Valsorda left the Go team at Google in May 2022 and spent nine months designing a retainer model. By February 2023, he had six paying clients: Sigsum/Glasklar Teknik AB (the company behind Mullvad VPN), Protocol Labs, Latacora, the Interchain Foundation (Cosmos SDK), Smallstep, and Tailscale. 5

Monetization model: Professional retainer. Three contract tiers (Silver, Gold, Platinum), all in the five-figure-per-year range. The value proposition is three-part: companies reduce the business risk of a critical dependency being unmaintained; they get a communication channel into the project roadmap; Platinum clients get access to Valsorda as a security expert beyond the open source project scope.

The trigger: The model change was structural, not promotional. Valsorda's diagnosis of existing funding approaches was that each one misaligned incentives — donations don't scale, corporate employment can't expand with project success, support contracts consume the maintainer's time, and feature-bounty sponsorships reward adding code rather than the harder work of maintaining it. 5 The retainer asks companies to pay for the existence of an expert who maintains a dependency they rely on, not for a specific deliverable. That's a fundamentally different product.

Would this work for you? This model has two hard prerequisites that most projects don't meet simultaneously. First, your project has to be security- or infrastructure-critical enough that companies face real downside risk if it degrades. A popular UI component library used by a hundred startups is valuable; an unmaintained cryptography library used in the same hundred startups' authentication stacks is a liability. The risk framing is different. Second, you need enough personal reputation that companies are willing to enter a multi-thousand-dollar-per-year contract with you specifically, not just donate to your project. Valsorda was a Google security engineer before going independent; the clients were already in conversations with him. If you haven't established that personal credibility yet, the retainer model is a destination, not a starting point.

Josh Goldberg left his engineering job in January 2022, started full time on open source in March 2022, and published a detailed financial accounting six months later. His numbers: approximately $600/month in OSS sponsorship — $200 from his personal GitHub Sponsors page and $400 as his share of the TypeScript ESLint project's Open Collective pool. 6

He described the dynamic clearly:

Goldberg wasn't an invisible maintainer. TypeScript ESLint is one of the most widely used TypeScript toolchain projects. He was public, articulate about his situation, and actively seeking sponsors. The $600/month figure isn't a measure of his effort or his project's quality; it's a measure of what pure donation-based sponsorship yields for a developer tooling library when there's no locked value, no tier gate, and no enterprise risk story.

His stated goal at the time was to reach $1k/month by end of 2022. The blog post doesn't confirm he got there through sponsorship alone — the gap was filled by consulting work and book royalties from Learning TypeScript (O'Reilly). That's not a failure story. It's a diagnostic: for a pure library maintainer, diversified income streams (sponsorship + writing + consulting) may be the realistic shape of "sustainability," not sponsorship alone crossing $1k/month.

What these cases — combined with the documented failure patterns from the prior issue's data — suggest about model fit by project archetype:

A few observations the matrix can't fully capture:

The gap between reaching $1k/month and sustaining it. GrapesJS has raised $131k over its lifetime and maintains near-zero cash reserves — Arseniev withdraws almost exactly what comes in. That's sustainable as long as the sponsor base holds, but there's no buffer. The retainer model provides more predictability per client relationship, but requires ongoing relationship management that a solo maintainer may not have bandwidth for.

The transparency effect is real. Open Collective's public expense records serve a dual purpose: they show sponsors that money reaches the maintainer, and they implicitly signal professional standards. Maintainers considering tiered sponsorship who haven't yet set up public expense reporting are leaving a credibility signal on the table.

And the data asymmetry problem doesn't go away. Because GitHub Sponsors hides exact figures, the projects actually earning $1k+/month on that platform are invisible to this kind of research — and invisible to the next maintainer trying to understand what's possible. That's a structural gap in the ecosystem's ability to share what works.