* Daniel P. Berrangé: > On Fri, Jul 18, 2025 at 11:38:27AM +0200, Florian Weimer wrote: >> * Daniel P. Berrangé: >> >> > In practical terms, how can a contributor do due-diligence on the >> > output of an AI generator ? The vast size of training material makes >> > it hard, if not impossible validate the license & copyright >> > compliance of non-trivial code. Some tools claim to validate their >> > output for compliance in some manner, but what that actually means >> > is hard to find out & the reliablity of such claims is unclear. >> >> The same way they already do for other contributions? >> >> Even without AI, they could have been lifted off places like >> Stackoverflow, without proper attribution. This isn't a new problem. >> What has changed is that you can go to a web site and solicited >> potentially problematic contributions. > > It has changed from a clear concious decision to copy content, to an > impossible to diagnose side effect of using the tools.
You don't know that if you are reviewing an unsolicited contribution, or a contribution not directly targeted at Fedora. You don't set the rules for those. > IMHO that is materially different, because the former is only a problem > for the small subset of untrustworthy developers who deliberately ignore > their obligations, while the latter problem can unwittingly affect any > developer who uses the tools no matter how diligen tthey are. I disagree. Today, we only have approval of licenses, not approval of content. Maintainers are not required to check that content they import from upstream or other upstream-associated sources (such as a patch posted on an upstream mailing list) is actually covered by the declared license or the license implied by association with the specific upstream project. Thanks, Florian -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
