@[email protected]
#AI eliminated the natural barrier to entry that let OSS projects trust by default.
To me, this reads:
Corporate automation eliminated the natural barrier to entry that let #OSS projects trust by default.
I'm not much sure what you meant with "trust by default", but for sure #opensource projects never let unreviewed code in from strangers.

That what forks were for.

Now, since your automation won't prevent forks, it looks either pointless or just divisive.

I mean, forks are good!

But are you sure that automated contributor managenent can solve automated theft and regurgitation by corporations?
Who and how someone is vouched or denounced is up to the project. I'm not the value police for the world.
If it's your code that executes the "flat text file" in the repository, you are in control.

If your project spreads, you would be in the position to execute a wide variety of #SupplyChain and #DDoS attacks.

Even if you wouldn't, anybody taking control of your repo could, turning such repo into a high-value target.

You should really take effective #security measure to avoid this outcome.

For example you could force downstream project to fork and adapt your scripts by only ever pushing on your repo slightly broken code.

Eg, you could apply before each push an easy to invert

find vouch/|grep nu|xargs -n 1 sed -i 's/use/!!!BrOkEN!!!/g'
This way no one coukd directly use your GitHub actions without reviewing them and nobody would need to #trust you or your security practices.

____
Also, #GitHub?
The reign of #CopyALot?
I guess projects still there face no trust collapse in AI contributions and in contributing to AI.

@[email protected]

@[email protected]

First it's important to note that over years I realized that #OSI is just a corporate (and US-led) gatekeeper organization that serve the very interests their sponsors.
You can easily see this reading their license review mailing while keeping a tab opened on the sponsors page of the day through the #WaybackMachine.
Just as a couple of example, they rejected #MongoDB's #SSPL while #Amazon was their major sponsor and adopted CAL that was way more contentious.

The last damage that OSI did to our communities has been the #Meta dictated #OSAID (OpenSource #AI Definition) better known as #OpenWashing Definition, that superseed the #OSD and does not require training data sharing, voiding the freedom to study and welcoming toxic candies within "open source" just to avoid the #AIAct requirements.

So I don't care about OSI opinion about the #HackingLicense (or about anything else).

Having said that, you are right that its first condition forbid any use of the covered work that would limit third party access or use of it.

So basically you can't use your freedom to limit the freedom of others.

Is it still a free license?
Never asked to #RMS or #FSF, but I guess that such formal constraint makes it "not free" to their eyes.

What they miss, imho, is that freedom without communion is always going to be exploited by the strongers (under #capitalism, the rich) to oppress the weakest (everybody else, the workers, the customers, the environment...) as #LLM are showing these days.

In fact the latest version of the #HackingLicense was written in response ti #GitHub #Copilot (aka #CopyALot), after it distributed #GPLv3 code from #Quake with a wrong attribution and a permissive license.

The Hacking License is a dependency inversion: if you use data or code covered by it, anything that come out can be used under such license.

@[email protected]
This post was written May 2025, and the arguments apply to #AI code capabilities at this time. The arguments around lack of competence are certainly likely to become less prevalent...
Questo comunque rimane pensiero magico: se l'autore comprendesse come funzionano i #LLM non sarebbe tanto ottimista sulle "competenze" che #CopyALot potrà acquisire.