Hi guix, "pelzflorian (Florian Pelz)" <[email protected]> writes: > Nguyễn Gia Phong <[email protected]> writes: >> There are different kinds of maybes. Baseless suspicion is one thing, >> rsyslog openly admitting to use LLMs' output is clearly another. >> The uncertainty here is about which snippets must be rewritten >> to revert the copyright violations, not if they did something wrong. > > Well, here I believe no snippet in rsyslog is in violation, even though > copying some LLM answers (or their trained data) are violations. To > support this, we should look at what courts of law decide. Which for > source code has not happened, I believe.
I agree that watching the courts is a good idea, but I think it's not enough, in particular because - courts are slow - there are *many* relevant jurisdictions - courts aren't particular technologically savy, and may not recognize even obvious license laundery - the degree to which court rulings form a precedent Instead, I'd propose to follow courts *and* assess whether something includes license laundry / automated plagiarism on a best-effort basis. > But I will watch Wikipedia entry > https://en.wikipedia.org/wiki/Artificial_intelligence_and_copyright > > I also thought Free Software Foundation said such violations are rare, > but apparently I misremembered; their stance is not yet clear? > >> I suggest we take the reactive approach: if a package become known to us >> to be bad (violating copyright, containing backdoor, failing to build) >> then we either make it good or remove it. > > Certainly, reactive this is the minimum of legal obligation. Agreed > And reactive is all we should be for now. I'd say it would be good to be vigilant as well: don't just wait for complaints, but be on the lookout, take a quick gander at the recent commit history of a project you'd like to package - this is often also a good indicator of the projects general health. >> Even if it makes zero difference in practice, contributors and users >> (myself included) would like to know if Guix welcome and redistribute >> license-laundered works. > > We only disagree on if license laundering happens in Guix packages’ > practice. (And perhaps in LLM-aided Guix contributions.) > > Guix’ packages are not vibe coding. I sincerely hope it can stay that way > So far at least. I believe. Except maybe some packages quickly imported from > CRAN etc and not checked carefully by accident. > > Regards, > Florian kind regards, pinoaffe
