Gregory's ServerUntil there is a definitive adjudication of the copyright status of LLM training data, it is *deeply irresponsible* to use Github Copilot for open source. I will refuse contributions created with it on any project I'm involved with, as well as permanently ban any user caught sneaking in Copilot-generated code in defiance of this rule. I would strongly encourage all maintainers to take this stand as well. License headaches are already bad enough without secret poison pills being injected.
 43 comments
 @feoh @glyph I seriously doubt that it only trains on the code already in the repo… these LLM style networks take an absolute ton of training data. In fact, their privacy page explicitly says that it *does not* use your code for training. It seems exactly identical to Copilot in terms of copyright ramifications. @mort @feoh @glyph how it is usually done is: the model is trained on a bunch of publicly available and/or private data, and later fine-tuned based on your own data to yield more relevant results for your own use case. I doubt that anyone's own code output is enough to train a good large language model.  @durchaus @mort @feoh @glyph according to their website "Trained exclusively on permissive open-source repositories" I must say does seem useful and legit https://www.tabnine.com/  @pidgeon_pete @feoh If you don't like this rule, I'm happy to make exceptions for anyone who can secure a binding contractual blanket copyright infringement indemnification from Microsoft. As long as they'll cover the full costs of both any legal defense and hiring contractors to do clean-room rewrites with full copyright assignment to the relevant person or org, then I would consider at least the show-stopper issue to be addressed.  @glyph do you think at some point it will be possible to prove that code has been generated by a LLM, and after that, to find the sources used? Really wondering 🙂  @glyph Generally I look suspiciously at strongly-worded hot takes like this, but I do agree with the underlying point. @diazona But also it's not a particularly hot take. Copilot reproduces its training data verbatim on a somewhat regular basis. https://hackernoon.com/legal-issues-surrounding-copilots-use-of-training-data @diazona In some sense it is not even a novel policy. If you were caught stealing code from another open source project, or from your employer's proprietary codebase, you'd be banned in the same way. Using an extremely slow probabilistic token generator to file off the copyright notices is not meaningfully different than using a text editor to do the same thing.  @glyph I speak as a former technical expert witness before the Copyright Board of Canada during the Internet copyright wars. My advice to clients is stay far away from this technology until litigation has settled its copyright status. You can't afford to be the test case. Or the loser of the test case. @glyph Well true, I suppose I didn't really mean "hot take" in the sense of controversial. I was thinking more of a strongly worded opinion and couldn't come up with the right word in the moment. @glyph honestly, I don't contribute to many of your open source projects so I don't think it'll actually impact me, but I do leave copilot enabled on my IDE for most work that I do. I would hate for someone to characterize an accidental PR pushed by me as trying to sneak AI generated code through just because I forgot that this was a repo where submitting code with this add-on enabled in my IDE was forbidden.    @glyph I have no reason to use *any* AI tool based on scraped data for *any* reason. Life is too short to learn how to use a new syntax / semantics or do free QA for a vendor. @glyph @AlgoCompSynth right. Everybody saying coders are doomed because of AI. The way I see it, it’s just another layer of abstraction that you have to master to actually achieve your goal. And this abstraction has random results to boot.     @glyph great reminder to make it clear in the context of my side-project, thanks! @glyph@mastodon.social out of curiosity - how would you see with 100% certainty that code is Copilot-generated? @glyph Thank you for taking the correct moral stand. While as far as I know, virtually zero people use my open source projects, I will implement a similar policy. @glyph Makes sense. Our lawyers told us to stay away from LLM generated code as well. |
@glyph Agreed. We're using Tab9 - https://www.tabnine.com/ which trains only on the code in your repository and doesn't treat your code like a publicly exploitable commodity.
Also? I think it produces vastly more useful, if less audacious in certain terms, results.
I've found it saves me probably around 30-40m a day in boilerplate I don't have to type.