The whole use it but if it behaves as expected, it’s your fault is a ridiculous stance.
You can’t say “you can do this thing that we know will cause problems that you have no way to mitigate, but if it does we’re not liable”. The infringement was a foreseeable consequence of the policy.
From the foundation's point of view, humans are just as capable of submitting infringing code as AI is. If your argument is sound, then how can Linux accept contributors at all?
EDIT: To answer my own question:
Instead of a signed legal contract, a DCO is an affirmation that a certain person confirms that it is (s)he who holds legal liability for the act of sending of the code, that makes it easier to shift liability to the sender of the code in the case of any legal litigation, which serves as a deterrent of sending any code that can cause legal issues.
If that worked any corporation that wanted to use code they legally couldn’t could just use a fork from someone who assumed responsibility and worst case they’d have to stop using it if someone found out.
It’s just the same as if I copy-paste proprietary code into the kernel and lie about it being GPL.
Is the Linux foundation liable there?
LLMs can and do regurgitate code without the user’s knowledge. That’s the problem, the user has no way to mitigate against it. You’re telling contributors “use this thing that has a random chance of creating infringing code”. You should have foreseen that would result in infringing code making its way into the kernel.
If you don’t feel comfortable about where some code has come from, don’t sign your name.
The fact LLMs exist and can generate code doesn’t change how you would behave and sign your name to guarantee something.
For comparison, you wouldn't say, "you're free to use a pair of dice to decide what material to build the bridge out of, as long as you take responsibility if it falls down", because then of course somebody would be careless enough to build a bridge that falls down.
Preventing the problem from the beginning is better than ensuring you have somebody to blame for the problem when it happens.
that's assuming that the problems and incentives are the same for everyone. Someone whose uncle happens to own a bridge repair company would absolutely be incentivized to say
> "you're free to use a pair of dice to decide what material to build the bridge out of, as long as you take responsibility if it falls down"
I guess we’ll need to reevaluate what copy rights mean when derivatives grow on trees?
I'm not talking about maintainability or reliability. I'm talking about legal culpability.
Anything generated by an AI is public domain. You can include public domain in your GPL code.
I would urge some stronger requirement with the help of a lawyer. You only need a comment like "completely coded by AI, but 100% reviewed by me" to make that code's license worthless.
The only AI-generated part copyrightable are the ones modified by a human.
I am afraid that this "waters down" the actual licensed code.
...We should start opening issues on "100% vibecoded" projects for relicensing to public domain to raise some awareness to the issue.
Language models do generate character for character existing code on which they are trained on . The training corpus usually contain code which is only source available but is not FOSS licensed .
Generated does not automatically mean novel or new the bar needed for IP.
[1] Even this is not definitely ruled in courts or codified in IP law and treaties yet .