Why the scare quotes around mistake? Are you implying that it's intentional? Or negligence? It seems like nobody noticed the CUPS license change until now, so it's irrelevant, right?
How is it not intentional? To me it seems very clear that someone designed this bot to specifically alter the LICENSE file so that it matches some sort of predefind Microsoft file.
Edit: To give a bit more nuance, I would guess that the actual bot changing the LICENSE files is not a mistake, but working as intended. What could, however, be a mistake is thinking that licenses can be legally overwritten. It wouldn't be a "rogue engineer" kind of mistake. Certainly several people at Microsoft have signed off on this.
I'm sure it could be used, however that would probably be a similar problem. Microsoft has internal libraries with all sorts of licenses. Replacing the actual licenses with a template wouldn't be the correct move there either.
Because it was done intentionally by an employed individual in this case rather than a bot. You cannot in good conscious as an individual make this "mistake" without knowing or acting maliciously unless you are incompetent to begin with. Seems like a growing trend at MS. And I'll remind you that Apple actually uses CUPS for their print backend and funds it directly, they retain the original license and support the project, meanwhile MS takes it, doesn't contribute and acts like it's their own, sick.
...but aside from Eritrea, Ethiopia, Iran, Iraq, Marshall Islands, Nauru, Palau, Somalia, and South Sudan everyone is part of one or more (usually more) international treaties that cover copyright such as the Berne Convention or TRIPS or UCC, so you should expect in most places that most people on HN are likely to ever deal with have copyright law that isn't too different for the most common situations.
If that function always returned, say, the AACS key then it would likely be violating copyright in the US. Regardless of whether it was the result of a computation or statically defined.
It looks like Microsoft developed this all along. Yes, git keeps history, but it's unethical and ugly to begin with.
Also, I'm not sure you can just change the copyright information, and change the history of the code like that.
However, this is typical of Microsoft. Like DOS, like Windows App Store / Packaging ripoff (they asked the guy some questions, sherlocked his software, even didn't thank him later), etc.
A supercorp will have far more resources to succeed in courts than an individual person, such that the courts are not a fair avenue for resolving disputes. The court of public opinion is, unfortunately, far more accessible to the individual.
That being said, if someone were to sue Microsoft over this (they would have to be the original copyright holder), I think it's more likely Microsoft would try and settle out of court.
> This repo has been populated by an initial template to help get you started. Please make sure to update the content to build a great experience for community-building.
The original copyright holder claims on reddit[0] that it was forked, and there doesn't seem to be any implication of buying the rights to the software.
> The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
MS would be in the wrong to redistribute this code without the notice that includes '(c) 2020 LesnyRumcajs' - however, just changing the line doesn't constitute copyright infringement or fraud if MS reverses the change and/or simply appends the original MIT license above their MIT license (since MS does indeed have '5 commits ahead' of the origin repo, all of those changes are copyright MS but still MIT licensed). They could even simply have a file called 'LICENSE2' with the original notice, if they can't easily exclude this repo from the bot.
> MS would be in the wrong to redistribute this code without the notice that includes '(c) 2020 LesnyRumcajs' - however, just changing the line doesn't constitute copyright infringement or fraud
Given that this change was committed to the main branch, if I download the code right now, haven't Microsoft redistributed it?
Things get philosophical rather quickly I'm afraid.
If I misconfigure an FTP server, and you download some MIT code that I stripped the copyrights from, does that count as redistribution?
No. If you hack into my company and siphon out an EXE for an internal tool that uses GPL licensed code, you are not entitled to the source code of the package because the company did not “distribute” it to you; you took it without any right to have it.
There’s a whole philosophical debate we can have where we quibble over the definitions of words as they deal with technology, but the (US) courts generally don’t care about technicalities. An analogy is stolen property. If you purchase something that is stolen property, you have (almost) no legal right to it; the courts will often order its seizure for return to the original owner. By “hacking” (according to the CFAA), you “stole” the EXE.
Those two things are far more similar to each other than to a public repo whose intent is to redistribute. So no, this case is not the same as either a misconfigured FTP server or a misconfigured repo.
Which is fine, and surely an honest mistake. Automation is great, but the way I see it is, how many other projects have been forked and automatically re-licensed, and then profited from without proper attribution? An accident still needs to be flagged, and still needs to be corrected. They also need to be learned from and avoided in the future.
> An accident still needs to be flagged, and still needs to be corrected.
Yes. Additionally, the way such actions are performed is not great because the mechanism used does not provide any way to provide feedback - if the change was done by a user account, then they would have received notifications about the comments posted under the commit, but the ones received by the service account probably go nowhere.
No judgment from me since I suspect it is also an accident and I’ve made enough in my life that I don’t get super judgy in most cases. But what purpose is there for a bot that forks and makes changes like adding template files? Copyright aside, I don’t understand the value of this bot.
If I were to guess, it would be that the action performed here (or the basis of the code implementing this action) was intended to be done on internal Microsoft repositories that should be open-sourced.
I would't call a honest mistake some bot that is created to change code to a MS license. First of all, this kind of thing needs to be done after careful review, if they're doing it in an automated fashion there is almost the certainty that they'll take somebody else's work as their own.
Because “Microsoft Bad”. When a company gets big enough, there will always be a portion of the population you can never please, and Microsoft reached that size a long time ago.
From twenty year ago. You say it’s in their DNA, but I’ll bet that the majority of people there now were not there 20 years ago. Old habits die hard, yes, but they do die.
Microsoft has committed to open source. Maybe it’s self fulfilling reasons, but that doesn’t mean we should brush it off. If some higher up decided to go open source for PR reasons, who cares? We should be embracing it. Shunning it will just make other companies think twice about open sourcing.
Also, this was done by a bot. Microsoft is big enough to have their own in-house council, and I can’t imagine them being stupid enough to risk everything over a copyright lawsuit with evidence like this that the whole world can see.
Microsoft might have committed to open source for business reasons, to an extent ( see the recent .NET debacles), but they're still the same monopolist-abusing and anti-competitive company ( see the recent Edge debacles). They're an inherently bad and evil company, and even though they seemed to be improving, they've gone back to old tactics rather quickly.
Because it's a very stupid mistake. I have a hard time believing someone developed a bot to deal with repo normalisation on GitHub that doesn't know how GitHub functions, what forks are, and that you can't just change the LICENSE with a file of your own. I don't necessarily think it was done on purpose to steal copyrighted content ( that'd be too stupid even for Microsoft), but it's a weird mistake to make.
One can add their copyrights, relicense in some cases, but absolutely cannot remove existing copyrights. I don't think any FOSS license (save for the "public domain" ones) allow for that.
Correct. You don’t own the code just because you forked it. The original copyright holders retain ownership, and you must abide by their license. You can’t swap out the license unless they explicitly allow you to do so.
That’s not true. You can change the license if the license allows you to. It’s copyright you can’t change unless the author assigns the copyright to you.
This comment highlights the ignorance of a lot of people in this thread jumping to conclusion and view MS instantly as an aggressor and themselves as victims of the obvious and horrible crime of copyright infringement.
A) Do you know it was not an honest mistake?
B) Why a complete understanding of esoteric legal copyright laws created by non-programmers all of a sudden so important to a mainly programmer HN audience?
Are you joking? Programming is all about intellectual property. A complete understanding of copyright laws is important for anyone in the tech industry.
Jurisprudence is a specialty beyond the skill level of an average lawyer. It's like saying to be able to eat you need to have a complete understanding of how to raise a chicken.
EDIT: also if there are any forks of your project, you should ask people who forked it to restore the original copyright notice as well. If the original copyright holder sees your name instead of theirs, they'll know who to sue.
You (or possibly your employer) own the copyright to the code you produce. And you are fine to say something like "copyright $me $yearIMadeACommit". What you can't do is claim copyright on work you did not produce or remove existing copyright notices.
Free or open source licenses aren’t a lack of copyright. They are an exercise of copyright. All of that code that you didn’t write is still copyrighted by their original authors. You simply have permission to use it under the criteria outlined in the license.
It doesn’t matter that it was an accident; it’s still a serious issue that needs to be corrected and deserves an upvote. It’s also quite curious, and I appreciate hearing about the incident.
Incidents don’t need to be malicious to be newsworthy or intriguing.
How often did the bot make the same mistake? In how many of those cases does Microsoft now assume they have copyright and make their army of lawyers enforce it? Are you willing to go up against Microsoft in a court, rolling the dice?
Problem is in a world of moderation actions being taken by bots and not humans often the only way to get a human to review its decision is to raise awareness on social media like HN.
How often have we seen closed accounts getting resolved after complaining about it on HN/Twitter/Etc.
I’m not saying tha to how it should be, just what it’s become.
> Leave a message when you realize that forking a repo on GitHub is not the same as publishing a copy under your name.
First, you send me a message when you realize you can't just change an MIT License's copyright line as you see fit, then we can discuss the rest.
Also, milking knowledge from someone with an implicit promise of hiring, and re-implementing the software and tossing the original developer aside like an orange pulp is nowhere ethical.
The mistake is not harmless. Corporations don't get to hide behind their bots' mistakes. Microsoft needs to reverse the change, explain why it happened and implement precautions so it doesn't happen again.
You broke the site guidelines so badly and so repeatedly in this thread that I've banned the account. If it were just a question of a single thread, I'd put it down to going on tilt (which happens sometimes), but you've also been breaking the guidelines egregiously in other places too.
If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future. They're here: https://news.ycombinator.com/newsguidelines.html.
What is the point of using all caps? For me it makes legal texts like these really annoying to read. I'm not a native English speaker, is that really correct English writing? Aren't there clear rules when to use capitalization? Like, at the beginning of sentences. Feels like they are abusing the language.
Can they just lower case the paragraphs, to make things more convenient to read? Or does that change the legal meaning? For me it would feel like they would stop screaming :-)
Disclaimer: I am not a lawyer. The following is not legal advice and, in particular, has not been tested in court to the best of my knowledge.
You can't use a different typeface, font size or color in a plain text document. That does not mean you have no options. The criterion is that it is “written, displayed, or presented that a reasonable person [...] ought to have noticed it.”
Consider the following:
Nihil harum autem impedit commodi ut occaecati. Nihil
quisquam ab molestiae veritatis consectetur. Quis molestias
sunt facere tempore est. Eum quia quisquam veritatis illo
minus sint atque ipsa. Omnis optio ducimus minus nemo non
deleniti voluptas. Blanditiis nisi eum eum beatae fugit
delectus. Optio neque sed nostrum veniam eos. Culpa ut no‐
bis rem est dignissimos est eum sed. Occaecati dignissimos
eveniet odit aut est ipsum minus nisi.
!! IMPORTANT !!
DISCLAIMER OF WARRANTY
The software is provided "as is", without warran‐
ty of any kind, express or implied, including but
not limited to the warranties of merchantability,
fitness for a particular purpose and noninfringe‐
ment. In no event shall the authors or copyright
holders be liable for any claim, damages or other
liability, whether in an action of contract, tort
or otherwise, arising from, out of or in connec‐
tion with the software or the use or other deal‐
ings in the software.
Unde sint ab qui ut. Debitis qui deserunt fugiat aut nihil
impedit vel saepe. Et ad voluptas quia. Omnis libero ni‐
hil perferendis aut ab. Illo et neque voluptatibus. Et
animi consequatur enim eius aut at veritatis. Modi error a
ratione tempore velit inventore. Accusantium accusantium
et quam quis nemo id.
This seems rather noticeable to me, gets to the point, and is considerably more readable.
By using the all-caps sparingly, we've made way to draw attention to the heading, then offset the passage with large amounts of whitespace to draw attention to the passage itself. At the same time, this keeps readability of the actual text that you want people to read.
BUT ALL - CAPS TEXT IS EASIEST AND AT LEAST TO ME SOUND RIGHTEOUS ENOUGH. I THINK THIS IS A CLASSIC CASE OF QUOTE IT AIN'T STUPID IF IT WORKS END QUOTE.
“Easy to read” is not part of the criteria. The definition is explicit.
> "Conspicuous", with reference to a term, means so written, displayed, or presented that a reasonable person against which it is to operate ought to have noticed it. Whether a term is "conspicuous" or not is a decision for the court. Conspicuous terms include the following: (A) a heading in capitals equal to or greater in size than the surrounding text, or in contrasting type, font, or color to the surrounding text of the same or lesser size; and (B) language in the body of a record or display in larger type than the surrounding text, or in contrasting type, font, or color to the surrounding text of the same size, or set off from surrounding text of the same size by symbols or other marks that call attention to the language.
Apparently it comes from commercial codes from the ‘50s, which says that important text must be conspicuous [1]
Conspicuous could mean all caps, contrasting text, or different colors. My guess is that CAPITALIZATION was used because most typewriters at the time could do caps, whereas doing different font sizes, colors, bold would have required a special expensive machine. When technology evolved, lawyers being process oriented creatures, stuck with all caps because it was the way things were always done, and therefore safe to do.
What? no, this goes entirely against the idea of laws.
Copyright laws have one major purpose: protect the right holders. It does so by giving them tools to mitigate their loses by deterring people from infringing.
If a right holder has to invest more time in complaining on people about infringement than actually having time to do other stuff, like creating, then we've got it all wrong.
If you treat copilot like a human, and you ask it a question ( like "#find median of list") that human either (A) will put together all the things they've learned over thousands of hours of simply looking at code in the programming language and how the syntax works, then provide a new code block, or (B) remember "oh, I remember this extract string of text and what comes after it. Here's the next 10 lines from that snippet". In that B scenario, would the human be infringing on the original's copyright? Arguably yes; but is situation (A) also copyright infringement, or is it like getting code help from a friend?
In these situations, whether it be originating from a human or robot, the knowledge comes from looking at public code on GitHub and it's always been a risk that your public code might not be used with proper attribution at some point. Think about how many OSS projects have core code and algorithms copied daily by companies with no public name and keep all of their source code private - it's surely caused more damage than CoPilot ever will.
the following is my personal opinion, unrelated to my work
>In that B scenario, would the human be infringing on the original's copyright? //
Depends on jurisdiction but in general I'd say no as quoting, particularly an insubstantial portion, is allowed (certainly under USA Fair Use, possibly under UK Fair Dealing).
However, and again depends on jurisdiction, copying a whole work to use for AI training or searching can be restricted (though it's on the GitHub license in this case). The snippet might be allowed but copying into a training corpus may be excluded (I think UK have an exception for AI training, but I may have misremembered, it might be a suggestion??).
I think the answer is:
we don't know the copyright consequences of copilot yet. It's certainly a legal gray area, and it has not been challenged in court yet.
There are quite a few companies where copilot and copoilot-like technologies seem radioactive at least for the moment.
As a human, if you memorize a book word-for-word and later reproduce whole passages of the book in your own writing then that is considered plagiarism and copyright infringement. It does not matter that you stored it in your human memory before reproducing it.
The test to use is to imagine you’re writing an essay in college. If your essay contains unattributed passages from another work then the professor will not care that you memorized them rather than just copying and pasting the text. In order to be in the clear you need to properly quote and cite the original author.
GitHub copilot does not provide attribution. All it does is obfuscate the original source to make attribution impossible. Copyright lawyers ought to have a field day with this one.
To be honest, can't humans go through various open source repositories and copy the bits they like?
If you don't like that,don't release your code as open source. I'm not going to host my open source projects on my own website. That's just hard, it's much more difficult to get people to check it out if it's on Broblog.net
I personally don't believe extremely short code snippets, like the ones copilot tends to copy are problematic.
I don't want to live in some dystopia where we have dozens of lawyers deciding who owns that above code snippet. If Amazon wants to use that snippet, fine, you can use it, etc.
All Co Pilot does is optimize taking code snippets from different sources.
> The writing is on the wall. You MUST host your own code on a stand-alone website.
How would self hosting your code prevent Microsoft/GitHub from using it in the Copilot training dataset? If using content from GitHub irrespective of their license to train Copilot is legal, so is training from code available on your website.
It's a question of handing it over and giving them a ToS shield to hide behind, versus making them work for it and risking license violations "in the wild".
Does their ToS give them additional rights to the code uploaded to GitHub? There are several unofficial copies of projects like glibc [1] uploaded by people who definitely do not have the authority to grant any additional rights to the code.
If it's legally sound to do that, then it's legally sound to scrape code from Stack overflow as well. No special license is granted to GitHub to train CoPilot; the hosting license in the ToS[0] specifically doesn't allow its use outside of GitHub itself[1], so i'd argue that applies to running copilot in VSCode for code not destined for GitHub - and i'm sure MS's lawyers reviewed such a product launch.
Because it isn’t in compliance with the terms of many popular licenses to create derivative works without attribution. Therefore the only possible claim Microsoft have to do so is via terms and conditions, which would not apply to code hosted on a stand-alone website.
It might be time for popular licenses to update themselves for this new-found threat.
> Therefore the only possible claim Microsoft have to do so is via terms and conditions
No, Microsoft's claim is fair use, not GitHub terms and conditions. You don't have to speculate on what you think their possible claims are, when they've publicly stated their actual claims.
> The larger issue is that anyone using Github is donating their work for re-use without attribution through Copilot.
I think this can only be valid of Github's terms of use clearly specify that or the chosen license allows it.
I actually see copilot benefiting GPL projects: suppose a programmer uses copilot to develop a proprietary software and copilot regurgitates GPL'ed code: now the proprietary software is a derivative work and must be GPL'ed too.
Unless copilot serves as a legally effective "laundering" of gpl code. Which sounds silly, but we're now in a situation where that outcome is super desirable to GitHub/Microsoft.
Another potential outcome is that so many projects could now end up unknowingly using gpl code that enforcement becomes an impractical whack-a-mole, far more so than today. Being told to rework or relicense your project because of copiloted gpl code could easily end up with hobbyists wholesale begrudging the gpl license rather than copilot itself.
> Unless copilot serves as a legally effective "laundering" of gpl code.
It's quite interesting how it seems to have come full circle, at least according to this stackoverflow comment about Stallman releasing a paper in 1992 on how to effectively launder AT&T code via textual changes (I have no idea if he did, I just remembered the comment):
https://unix.stackexchange.com/a/591221
How does your license prevent someone redistributing source code over GitHub? What does copilot claim as far as licensing rights beyond fair use?
You may be practically limiting copilots use of your code but I don't see any licensing difference if Microsoft hosts Copyright code or scrapes copyright code.
I have good memory. I always stood one mile from anything that MS does. The new generation that is easily scammed by flashy stuff like VS code is in for a treat.
> The larger issue is that anyone using GitHub is donating their work for re-use without attribution through Copilot.
Wrong. Lets say a GPL project is not hosted on GitHub officially. I can easily setup a mirror for it though on GitHub as the GPL doesn't prevent me from doing it...
Point is that anyone can put my work on GitHub, even if I don't want to.Assuming the project is under a free license though.
I wonder what kind of language you would need to add to your license in order to explicitly forbid the ingestion of your code by Copilot and/or like projects.
IANAL, but I have written licenses for that purpose. [1] (I'm trying to get them reviewed by a lawyer, but can't afford to; maybe I'll do a GoFundMe.)
What I did is say that if you feed copyrighted software to an algorithm that itself outputs software, then the license applies to the output. This covers the output of compilers and such, but it would also cover Copilot in my opinion. We'll see what a lawyer says.
However, even with a license, I wouldn't doubt that Microsoft would just put it through GitHub anyway because finding them out would be extraordinarily hard.
The “Yzena Copyleft License” states that it's a copyleft license, but it also states that it's not a viral license. According to Wikipedia, a viral license and a copyleft license are the same thing.
There is a difference between "strong" copyleft and "weak" copyleft. An example of "weak" (non-viral) copyleft is the CDDL. In fact, the CDDL's Wikipedia page talks about strong and weak copyleft.
You can read [1] for a breakdown of copyleft by an actual lawyer. Suffice it to say that Wikipedia's Copyleft page is woefully inadequate.
> I wonder what kind of language you would need to add to your license in order to explicitly forbid the ingestion of your code by Copilot and/or like projects.
If Microsoft's theory is correct, under US law it is impossible to forbid this with a license, because a license is just an offer of additional permissions beyond what is available automatically under law, and Microsoft's theory is that ingesting code into GitHub is fair use and therefore permitted under law as an exception to copyright without any license from the copyright owner.
If Microsoft's theory is not correct, pretty much any license with an attribution requirement (among others, for other reasons) would work.
The idea that a special license is needed or of any use doesn't seem to have any justification, even in theory. (As is the idea that hosting publicly but not on GitHub changes the legal parameters.)
There's a part that I don't understand. If some software is mirrored on github by someone that isn't the copyright owner, it seems like github shouldn't be able to use it. Yet they said nothing about that specifically. In that case, is the only option to put code somewhere else than github under a license that forbids reuploading to github, and issue DMCAs when/if people reupload your code? It also sounds like when code is removed through DMCA, it should be removed from the training set and they should retrain copilot.
> If some software is mirrored on github by someone that isn't the copyright owner, it seems like github shouldn't be able to use it.
If they don't need permission from the copyright owner, either via license of GitHub T&C, because it's fair use, which is their overt legal theory, then why would it matter legally whether the code was posted to GitHub at all, much less by whom? Ingesting only code form GitHub is a practical convenience that has nothing to do with their legal theory of the right to do it.
> Yet they said nothing about that specifically
Their theory of fair use means they have the right to ingest any code, irrespective of who owns it and what conditions (if any) it is licensed under or where (or even if) it is hosted online. They don't need a separate justification for your scenario if the theory they’ve cited is correct.
> In that case, is the only option to put code somewhere else than github under a license that forbids reuploading to github, and issue DMCAs when/if people reupload your code
Nope, that doesn't help at all, legally; it may help practically as long as they are just using GitHub hosted code and not consuming code from other public hosting platforms, but it has no bearing on their legal theory of why they can ingest code without additional permissions.
Thanks for the clarification. So according to their theory, I could train a model on any code, even private Microsoft code, and that would be okay? That sounds surprising to me.
It is wrong as a specific statement about GitHub, because regardless of current practice, the legal theory for Copilot applies to any code anywhere, so anything that is publicly accessible would involve the same risk. It's not dependent on use of GitHub even if Microsoft has initially started their because it's easier for them.
Also, I don’t see how this is true. Code on my website is publicly accessible, but not in the public domain, nor licensed for re-use, unless I say that it is.
Licensing matters for things that would be forbidden without permission by copyright law. Fair use is an exception to copyright law. Microsoft's explicit legal theory around Copilot is that ingesting code for it (and ingesting content to train ML models more generally) is fair use. If there theory is correct, license is irrelevant, there is no legal (at least copyright-based) barrier to them using any source code they can get their hands on to train Copilot.
That "issue" is unrelated. You've just hijacked the thread to talk about it.
Also the point you're making is controversial, and definitely isn't widely agreed on. As a human, I can read public code on Github, and use my internal neural network (brain) to regurgitate sections of code, and don't need to attribute anyone (who can say which codebase I'm recalling code from? I certainly can't). So a neural network doing the same thing, but external to a human, is certainly questionanble, but it isn't a cut-and-dry case of copying without attribution.
You're making a false equivalence between copilot and a human brain. Neural networks are programs, programs don't have the same rights as humans. Implying the opposite is even more controversial than saying that copilot should respect licenses.
Also, humans sometimes have limitations on what code they should have seen. It's common in the emulator community to forbid anyone that has seen proprietary code from working on black-box implementations to avoid legal issues.
> Here is an example. This Go program (a compiler) generates and serves its own website: https://NN-512.com
Not a very good one - clicking the link produces a download dialog on Firefox (I'm guessing because the website neglects to indicate a Content-Type).
Ironically this is an argument against trying to do everything yourself - you might waste time chasing the long tail of thousands of little details that had been solved many times over elsewhere.
Edit: looks like this bug is triggered by the absence of Accept-Encoding in the request. When the server compresses the response, it neglects to include the Content-Type of the compressed content.
> You defend Microsoft, here and in other parts of this thread, as they sell the work of open source authors without attribution and in violation of explicit license statements in the code.
Anyone who puts anything on the web is at the same risk. For example, ask Google how old Queen Elizabeth is [1]. Google tells you the answer in a big font at the top of the result page. Google sourced the answer apparently from usnews.com but you didn't even have to click the usnews link. Google "took" the answer from them and deprived that website of a click.
So yeah, you are donating your work to Google when you put it on a publicly accessible web site.
If all of the useful information in a web page is mined and given away by a third party in an automated fashion, such that the copyright holder is deprived of revenue, then that's not the intention of 'right to quote'.
I'm pretty sure Google pays these types of content publishers (like Reuters) very handsomely. In this case, the content distributor (USNews) also went out of their way to SEO their site with microdata[1], so I'm going to guess a lot of their inbound traffic also comes from Google searches.
The following is pure conjecture with zero evidence:
I think that’s on purpose, not to “steal” code from GPL’ed softwares’ authors, but to get GPL’ed code into commercial projects. Then Microsoft can say “oops, we were right all along! The GPL is so dangerously viral that you can’t even host your software on the same server!”
I know that sounds stupid, unless you were there for the Halloween Documents. After all these years, it seems to me that Microsoft hasn’t done the 180 they portray.
> The writing is on the wall. You MUST host your own code on a stand-alone website.
Even if Microsoft currently only uses GitHub-hosted code as an input to Copilot, their theory of the legality does not depend on code being hosted there and applies to any code they can get their hands on. The idea that hosting code publicly at some non-GitHub location is going to keep it out of Copilot is not well justified.
I observe some confused comments on this page that seem to argue that the MIT license doesn't come with a requirement to keep the copyright line intact (which is demonstrably false, you don't get two paragraphs into the license without finding the attribution requirement).
The part that caught my interest is: How many people consciously picked the MIT license when they actually meant a non-attribution license?
If you're attached to your copyright: 0-clause BSD is a thing that exists[0]. Toybox uses it.
If you want to throw your copyright out the window: The commonly accepted solution seems to be CC-0[1], which tries very hard to disclaim rights and limit liability in as many jurisdictions as possible, complete with a fallback license grant for failed public domain dedications. Because CC-0 makes some people uncomfortable despite the lengths it goes to reach its goals, some projects work with dual-licensing to cover the other side, such as Monocypher.
Neither of them address patents. If patents are something you want to/need to address, you could perhaps paste the patent clause from BSD-2-Clause-Patent onto 0-clause BSD.
I wondered why more FOSS projects aren't using CC0 instead of "permissive" licenses like MIT, considering a lot of folks who work in FOSS are against copyright/software patents system in general, and most of them don't really seem to care about attribution.
People who release code under MIT not only won't/can't take legal action but they probably won't even bother writing an email to the person who they believe violated the attribution part.
I think most people explicitly choose MIT for this. It's a very very free license, allowing you to do pretty much anything you want with the code. Among the opensource developers I know the one thing they consistently care about is attribution for the work they've done for free.
This is a clear violation of the MIT License. MSFT can and should get in hot water over this. The copyright doesn’t belong to them, just a license to use the software.
It looks like Jeff Wilcox who seems to be in a decision making position about this has addressed this (on Christmas no less), and I think whilst this is bad and definitely violating, I don’t think there was any ill intent, and I hope we can all put the pitchforks down for a while.
Seems like a mistake to me. Microsoft recently adopted one of my Open Source projects and part of the agreement was they would keep the original license. This was a request on their part, I had no choice in the matter. They know what they're doing, I don't think they would do this deliberately. (Licence here: https://github.com/microsoft/vscode-gradle/blob/main/LICENSE...)
So sure, this is far from a good look. But the verdict is still out on if it is an unfortunate mistake or malicious.
It's far from the first time I see this kind of reaction and, IMO, rather than everyone spending time on piling on the flamewar, how about opening the door for MS to set this straight and do the right thing? Assume good faith even if you personally don't sincerely believe it? Give them an easy way to save face and present a plausible narrative rather than having everyone dig their trenches deeper? If you'd prefer MS not to screw people over, it helps no one to solidify them in doing just that.
Already so many people shouting "YOU ARE THE DEVIL", not one going "hey, looks like this is a mistake, let's sort it out". IMO the latter is more constructive. It's almost as if people want Microsoft to do bad things. Remember it's a huge organization with all kinds of people and ideologies internally. It's too early to tell which way the individual behind this particular change is leaning.
It took me all of 1-2 minutes to make this PR[0], probably less than any of the meme pictures in that commit thread. Let's see how it goes. Last time it went through[1].
EDIT: ...And, it's merged. I'm assuming the rest of the affected repos will be fixed as well and an apologetic blog post issued by Monday. Anyone who feels that's too long time can always open corresponding PRs instead of wasting their time by replying to this with how that's not our job. Happy holidays.
Another aspect of this: Rejecting such a change, or indefinitely leaving it hanging as open, is a much worse look than simply ignoring all the complaints (which is already bad enough but has more plausible deniability). Providing a ready-to-merge PR is effectively pushing them to take a public stance.
This is a perfect example of a huge company using the cover of bullshit to do whatever they want.
"Oops. We f*d up? Well, you can't talk with a human unless you pay us lots of money. Oh - you don't have money for a lawyer? Tough. Good luck getting through our layers of trained monkeys."
I don't think that just because some "bot" did this Microsoft is to be excused. Someone decided that using a piece of software to automatically alter license files. This is a genuinely stupid idea. And they already fucked up in the same way with the CUPS project. Will they learn without someone taking them to court over this? I don't think so.
I think people should be as forgiving as Microsoft would be if someone “accidentally” changed the licence of Microsoft software and started distributing it.
I don't know what point you're trying to prove here, since I don't think I've ever heard of Microsoft suing individuals for illegal Windows keys and certainly not in the past 10 years. If you start an LLC and attempt to commercialize on piracy then you'll probably get sued, but regardless they are a lot more lax than, say, Oracle on this issue.
FWIW it does look like a bug in a bit and not company policy to me. But having said that the equivalent situation would be some larger than Microsoft copying their work. For example the US Federal government distributing Windows under the MIT license.
The bot's job was to get MS-originated repos onto the correct standard license for MS open source code. That forked repos got their license changed is an unintentional bug, not something anyone "decided" to do.
People on HN are completly crazy and uneducated... Whenever there is something like this you can be sure you will find hundreds of insulting or mean comments on the commit or PR... It gives a really bad image of the community.
This sort of name-calling breaks the site guidelines badly, regardless of how right you are, or how superior you feel to the rest of the community. If you'd please review https://news.ycombinator.com/newsguidelines.html and stick to the rules when posting here, we'd appreciate it.
This sort of attack will get you banned here, regardless of how right you are or feel you are. If you'd please review https://news.ycombinator.com/newsguidelines.html and stick to the rules when posting here, we'd appreciate it. Note this one:
"When disagreeing, please reply to the argument instead of calling names. 'That is idiotic; 1 + 1 is 2, not 3' can be shortened to '1 + 1 is 2, not 3."
and this one:
"Please don't sneer, including at the rest of the community."
> Someone decided that using a piece of software to automatically alter license files.
That doesn’t seem to be the purpose of the bot. It’s supposed to add them to new repos, not alter existing. This ensures that all their projects have an explicit license rather than ambiguously public.
Crikey - surprised by the downvotes. I mentioned “Dismiss” because I remembered it as being a significant part of the process - attempting to “Take the wind out of the sails” of something innovative, to slow market adoption and to buy time to plan the Embrace, and decide how to best Extend to eventually win the competition.
625 comments
[ 0.15 ms ] story [ 407 ms ] thread2) Assuming it's even true, what should this person do instead?
3) What do you think the outcome would be if this person did contact Microsoft? Since it's a mistake, I assume something bad?
Since this is copyright infringement, the copyright holder could file a DMCA takedown notice.
https://github.com/microsoft/cups/commit/ad69bcc78bdea3fea3f...
Edit: To give a bit more nuance, I would guess that the actual bot changing the LICENSE files is not a mistake, but working as intended. What could, however, be a mistake is thinking that licenses can be legally overwritten. It wouldn't be a "rogue engineer" kind of mistake. Certainly several people at Microsoft have signed off on this.
That's not a bot.
https://github.com/microsoft/cups/commit/8100595a3a3a6d5c7d0...
https://en.wikipedia.org/wiki/AACS_encryption_key_controvers...
> The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
Also, I'm not sure you can just change the copyright information, and change the history of the code like that.
However, this is typical of Microsoft. Like DOS, like Windows App Store / Packaging ripoff (they asked the guy some questions, sherlocked his software, even didn't thank him later), etc.
Here you go:
https://github.com/microsoft/TypeScript
Just fork TypeScript, change the copyright holder to yourself, and do what you want with it. I sure Microsoft won't mind.
Only the copyright owner can license the work to others, or issue under a different license if they like.
> This repo has been populated by an initial template to help get you started. Please make sure to update the content to build a great experience for community-building.
Perhaps this is "updating content"?
[0] https://www.reddit.com/r/opensource/comments/roa9xz/microsof...
For some reason I doubt they've bought the copyright to CUPS.
> This is the open source management service account used for performing key GitHub operations on behalf of Microsoft employees and users.
Combined with the nonsense README change, this looks like a bot mis-use accident.
Edit: to clarify, in no way am I saying that this is a "honest mistake" which does not deserve scrutiny.
> The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
MS would be in the wrong to redistribute this code without the notice that includes '(c) 2020 LesnyRumcajs' - however, just changing the line doesn't constitute copyright infringement or fraud if MS reverses the change and/or simply appends the original MIT license above their MIT license (since MS does indeed have '5 commits ahead' of the origin repo, all of those changes are copyright MS but still MIT licensed). They could even simply have a file called 'LICENSE2' with the original notice, if they can't easily exclude this repo from the bot.
Given that this change was committed to the main branch, if I download the code right now, haven't Microsoft redistributed it?
There’s a whole philosophical debate we can have where we quibble over the definitions of words as they deal with technology, but the (US) courts generally don’t care about technicalities. An analogy is stolen property. If you purchase something that is stolen property, you have (almost) no legal right to it; the courts will often order its seizure for return to the original owner. By “hacking” (according to the CFAA), you “stole” the EXE.
But you cant make that argument here, as its a public repo, as such Microsoft did have the intent to redistribute.
Your argument is that a misconfigured FTP server isn't intent to distribute.
What if this was a misconfigured fork that was meant to be private but was set public? Not intent to distribute either.
But if you're one of the largest corporations in USA, the law tends to go easy on you for making accidental mistakes.
> Permission is hereby granted [...] subject to the following conditions:
> The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
Changing the name in the copyright is a clear license violation.
Yes. Additionally, the way such actions are performed is not great because the mechanism used does not provide any way to provide feedback - if the change was done by a user account, then they would have received notifications about the comments posted under the commit, but the ones received by the service account probably go nowhere.
People who were around before MS decided to open-source-wash their brand KNOW what Microsoft’s DNA is. They had a literal playbook to crush Linux.
Microsoft has committed to open source. Maybe it’s self fulfilling reasons, but that doesn’t mean we should brush it off. If some higher up decided to go open source for PR reasons, who cares? We should be embracing it. Shunning it will just make other companies think twice about open sourcing.
Also, this was done by a bot. Microsoft is big enough to have their own in-house council, and I can’t imagine them being stupid enough to risk everything over a copyright lawsuit with evidence like this that the whole world can see.
They may have "committed" to open source (I think "committed" may be the wrong word there), but they never stopped hating free software.
The KKK has a long and dark history. MS is a business that at times has had slightly sharper business practices than some of its competition.
PUBLICLY changing Copyright notice in MIT software and keeping the history online is another thing.
A) Do you know it was not an honest mistake?
B) Why a complete understanding of esoteric legal copyright laws created by non-programmers all of a sudden so important to a mainly programmer HN audience?
EDIT: also if there are any forks of your project, you should ask people who forked it to restore the original copyright notice as well. If the original copyright holder sees your name instead of theirs, they'll know who to sue.
I see it as a honest question.
Instead of voting down, vote up so more people can read replies and see that it is not something that should be done.
I'd advise you to fixup any forks on GitHub, e.g. https://github.com/fiatjaf/jiq/blob/master/LICENSE, which are currently in breach of license.
You'll need to inform anyone who forked your code, too.
This is something you agreed to in the following part of the license:
> The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
Incidents don’t need to be malicious to be newsworthy or intriguing.
How often have we seen closed accounts getting resolved after complaining about it on HN/Twitter/Etc.
I’m not saying tha to how it should be, just what it’s become.
It's the latter action that's being addressed here.
e.g.: Anyone remembering AppGet? [0][1]
[0]: https://www.theverge.com/2020/5/28/21272964/microsoft-winget...
[1]: https://www.theverge.com/2020/6/2/21277863/microsoft-winget-...
Just tapped to my head, looks like there's one.
> Leave a message when you realize that forking a repo on GitHub is not the same as publishing a copy under your name.
First, you send me a message when you realize you can't just change an MIT License's copyright line as you see fit, then we can discuss the rest.
Also, milking knowledge from someone with an implicit promise of hiring, and re-implementing the software and tossing the original developer aside like an orange pulp is nowhere ethical.
- You find one with an MIT license and use it.
- Oops! It was really GPL and now you have some undesirable options to face.
Microsoft’s had a few “accidents” lately that remind me too much of their old war on the GPL.
Intentional, manual or not, projects are now attributed to Microsoft when they should not.
If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future. They're here: https://news.ycombinator.com/newsguidelines.html.
We detached this subthread from https://news.ycombinator.com/item?id=29683556.
What is the point of using all caps? For me it makes legal texts like these really annoying to read. I'm not a native English speaker, is that really correct English writing? Aren't there clear rules when to use capitalization? Like, at the beginning of sentences. Feels like they are abusing the language.
Can they just lower case the paragraphs, to make things more convenient to read? Or does that change the legal meaning? For me it would feel like they would stop screaming :-)
It’s legally important
Using all-caps is one way of achieving this, but there are other options, such as using a different typeface, font size or colour.
You can't use a different typeface, font size or color in a plain text document. That does not mean you have no options. The criterion is that it is “written, displayed, or presented that a reasonable person [...] ought to have noticed it.”
Consider the following:
This seems rather noticeable to me, gets to the point, and is considerably more readable.By using the all-caps sparingly, we've made way to draw attention to the heading, then offset the passage with large amounts of whitespace to draw attention to the passage itself. At the same time, this keeps readability of the actual text that you want people to read.
> "Conspicuous", with reference to a term, means so written, displayed, or presented that a reasonable person against which it is to operate ought to have noticed it. Whether a term is "conspicuous" or not is a decision for the court. Conspicuous terms include the following: (A) a heading in capitals equal to or greater in size than the surrounding text, or in contrasting type, font, or color to the surrounding text of the same or lesser size; and (B) language in the body of a record or display in larger type than the surrounding text, or in contrasting type, font, or color to the surrounding text of the same size, or set off from surrounding text of the same size by symbols or other marks that call attention to the language.
Conspicuous could mean all caps, contrasting text, or different colors. My guess is that CAPITALIZATION was used because most typewriters at the time could do caps, whereas doing different font sizes, colors, bold would have required a special expensive machine. When technology evolved, lawyers being process oriented creatures, stuck with all caps because it was the way things were always done, and therefore safe to do.
[1] https://www.termsfeed.com/blog/all-caps-legal-agreements/
Original author could send a DMCA, or they could simply enjoy Christmas and assume a ticket will undo this sometime in January.
Copyright laws have one major purpose: protect the right holders. It does so by giving them tools to mitigate their loses by deterring people from infringing.
If a right holder has to invest more time in complaining on people about infringement than actually having time to do other stuff, like creating, then we've got it all wrong.
In return, you receive hosting from GitHub.
The writing is on the wall. You MUST host your own code on a stand-alone website.
Here is an example. This Go program (a compiler) generates and serves its own website: https://NN-512.com
It runs on a Linode shared CPU cloud instance that costs $5 per month: https://www.linode.com/pricing
Another example, look at what Fabrice Bellard does: https://bellard.org
In these situations, whether it be originating from a human or robot, the knowledge comes from looking at public code on GitHub and it's always been a risk that your public code might not be used with proper attribution at some point. Think about how many OSS projects have core code and algorithms copied daily by companies with no public name and keep all of their source code private - it's surely caused more damage than CoPilot ever will.
>In that B scenario, would the human be infringing on the original's copyright? //
Depends on jurisdiction but in general I'd say no as quoting, particularly an insubstantial portion, is allowed (certainly under USA Fair Use, possibly under UK Fair Dealing).
However, and again depends on jurisdiction, copying a whole work to use for AI training or searching can be restricted (though it's on the GitHub license in this case). The snippet might be allowed but copying into a training corpus may be excluded (I think UK have an exception for AI training, but I may have misremembered, it might be a suggestion??).
There are quite a few companies where copilot and copoilot-like technologies seem radioactive at least for the moment.
The test to use is to imagine you’re writing an essay in college. If your essay contains unattributed passages from another work then the professor will not care that you memorized them rather than just copying and pasting the text. In order to be in the clear you need to properly quote and cite the original author.
GitHub copilot does not provide attribution. All it does is obfuscate the original source to make attribution impossible. Copyright lawyers ought to have a field day with this one.
If you don't like that,don't release your code as open source. I'm not going to host my open source projects on my own website. That's just hard, it's much more difficult to get people to check it out if it's on Broblog.net
I personally don't believe extremely short code snippets, like the ones copilot tends to copy are problematic.
Here.
def add( x, y): return x + y
I don't want to live in some dystopia where we have dozens of lawyers deciding who owns that above code snippet. If Amazon wants to use that snippet, fine, you can use it, etc.
All Co Pilot does is optimize taking code snippets from different sources.
How would self hosting your code prevent Microsoft/GitHub from using it in the Copilot training dataset? If using content from GitHub irrespective of their license to train Copilot is legal, so is training from code available on your website.
[1]: https://github.com/bminor/glibc
Copilot is trained on public GitHub repositories of any license: https://en.m.wikipedia.org/wiki/GitHub_Copilot#Technology
If they scrape your website, that's different.
0: https://docs.github.com/en/github/site-policy/github-terms-o...
1: > This license does not grant GitHub the right to .. otherwise distribute or use Your Content outside of our provision of the Service
It might be time for popular licenses to update themselves for this new-found threat.
I’d be interested to know if code subject to DCMA takedown would be removed from the copilot training set…
Did you click the link for this article? Did you see that MS removed the author’s name in the license header and replaced it with their own?
No, Microsoft's claim is fair use, not GitHub terms and conditions. You don't have to speculate on what you think their possible claims are, when they've publicly stated their actual claims.
I think this can only be valid of Github's terms of use clearly specify that or the chosen license allows it.
I actually see copilot benefiting GPL projects: suppose a programmer uses copilot to develop a proprietary software and copilot regurgitates GPL'ed code: now the proprietary software is a derivative work and must be GPL'ed too.
Another potential outcome is that so many projects could now end up unknowingly using gpl code that enforcement becomes an impractical whack-a-mole, far more so than today. Being told to rework or relicense your project because of copiloted gpl code could easily end up with hobbyists wholesale begrudging the gpl license rather than copilot itself.
It's quite interesting how it seems to have come full circle, at least according to this stackoverflow comment about Stallman releasing a paper in 1992 on how to effectively launder AT&T code via textual changes (I have no idea if he did, I just remembered the comment): https://unix.stackexchange.com/a/591221
I am a happy Sourcehut customer. Roughly the same cost as a VPS, but comes with tech support.
You may be practically limiting copilots use of your code but I don't see any licensing difference if Microsoft hosts Copyright code or scrapes copyright code.
Wrong. Lets say a GPL project is not hosted on GitHub officially. I can easily setup a mirror for it though on GitHub as the GPL doesn't prevent me from doing it...
Point is that anyone can put my work on GitHub, even if I don't want to.Assuming the project is under a free license though.
You can do it, but it's WRONG.
Copilot is trained on public GitHub repositories of any license: https://en.m.wikipedia.org/wiki/GitHub_Copilot#Technology
We must all stop using GitHub.
What I did is say that if you feed copyrighted software to an algorithm that itself outputs software, then the license applies to the output. This covers the output of compilers and such, but it would also cover Copilot in my opinion. We'll see what a lawyer says.
However, even with a license, I wouldn't doubt that Microsoft would just put it through GitHub anyway because finding them out would be extraordinarily hard.
[1]: https://yzena.com/licenses/
There is a difference between "strong" copyleft and "weak" copyleft. An example of "weak" (non-viral) copyleft is the CDDL. In fact, the CDDL's Wikipedia page talks about strong and weak copyleft.
You can read [1] for a breakdown of copyleft by an actual lawyer. Suffice it to say that Wikipedia's Copyleft page is woefully inadequate.
[1]: https://writing.kemitchell.com/2018/10/24/How-to-Speak-Copyl...
If Microsoft's theory is correct, under US law it is impossible to forbid this with a license, because a license is just an offer of additional permissions beyond what is available automatically under law, and Microsoft's theory is that ingesting code into GitHub is fair use and therefore permitted under law as an exception to copyright without any license from the copyright owner.
If Microsoft's theory is not correct, pretty much any license with an attribution requirement (among others, for other reasons) would work.
The idea that a special license is needed or of any use doesn't seem to have any justification, even in theory. (As is the idea that hosting publicly but not on GitHub changes the legal parameters.)
I just want to say that I believe the fair use argument only applies for training, but not for distribution. I make the case for that in [1].
[1]: https://gavinhoward.com/uploads/copilot.pdf
If they don't need permission from the copyright owner, either via license of GitHub T&C, because it's fair use, which is their overt legal theory, then why would it matter legally whether the code was posted to GitHub at all, much less by whom? Ingesting only code form GitHub is a practical convenience that has nothing to do with their legal theory of the right to do it.
> Yet they said nothing about that specifically
Their theory of fair use means they have the right to ingest any code, irrespective of who owns it and what conditions (if any) it is licensed under or where (or even if) it is hosted online. They don't need a separate justification for your scenario if the theory they’ve cited is correct.
> In that case, is the only option to put code somewhere else than github under a license that forbids reuploading to github, and issue DMCAs when/if people reupload your code
Nope, that doesn't help at all, legally; it may help practically as long as they are just using GitHub hosted code and not consuming code from other public hosting platforms, but it has no bearing on their legal theory of why they can ingest code without additional permissions.
Because this does not prevent having the code to land on GitHub at the of the day assuming it is published under a free license.
Now it depends on how you interpret the "MUST". My logic only makes sense if you consider it to a dogmatic-like prevention.
> The larger issue is that anyone using GitHub is donating their work for re-use without attribution through Copilot.
Why is this wrong?
Also, I don’t see how this is true. Code on my website is publicly accessible, but not in the public domain, nor licensed for re-use, unless I say that it is.
Also the point you're making is controversial, and definitely isn't widely agreed on. As a human, I can read public code on Github, and use my internal neural network (brain) to regurgitate sections of code, and don't need to attribute anyone (who can say which codebase I'm recalling code from? I certainly can't). So a neural network doing the same thing, but external to a human, is certainly questionanble, but it isn't a cut-and-dry case of copying without attribution.
Microsoft's automated violation of "no use without attribution" licenses?
You can't see the connection?
Please. Surely it's obvious to everyone but you.
Also, humans sometimes have limitations on what code they should have seen. It's common in the emulator community to forbid anyone that has seen proprietary code from working on black-box implementations to avoid legal issues.
Not a very good one - clicking the link produces a download dialog on Firefox (I'm guessing because the website neglects to indicate a Content-Type).
Ironically this is an argument against trying to do everything yourself - you might waste time chasing the long tail of thousands of little details that had been solved many times over elsewhere.
Also hosting it yourself doesn't mean that you do everything yourself.
It would definitely spawn build plugins that do most of what you need if this practice actually establishes itself.
I don't know what to tell you. It's not there.
https://dump.cy.md/9b2a31fa5184397159fe42a85c197242/16404476...
It is there if I check with cURL, though.
Edit: looks like this bug is triggered by the absence of Accept-Encoding in the request. When the server compresses the response, it neglects to include the Content-Type of the compressed content.
> You defend Microsoft, here and in other parts of this thread, as they sell the work of open source authors without attribution and in violation of explicit license statements in the code.
I did no such thing. Please stop.
You can search online for my name / username to find my open-source contribution history, if you would like.
I hope that sufficiently answers your query.
This is my last reply in this subthread; feel free to assume the same answer for all questions along the same line.
I also invite you to review the HN comment guidelines: https://news.ycombinator.com/newsguidelines.html
Please review https://news.ycombinator.com/newsguidelines.html and don't do anything like this on HN again.
Works fine for me (v90/Linux).
I might put this in my public ones as well.
So yeah, you are donating your work to Google when you put it on a publicly accessible web site.
[1] https://www.google.com/search?q=how+old+is+queen+elizabeth
[1] https://developer.mozilla.org/en-US/docs/Web/HTML/Microdata
I think that’s on purpose, not to “steal” code from GPL’ed softwares’ authors, but to get GPL’ed code into commercial projects. Then Microsoft can say “oops, we were right all along! The GPL is so dangerously viral that you can’t even host your software on the same server!”
I know that sounds stupid, unless you were there for the Halloween Documents. After all these years, it seems to me that Microsoft hasn’t done the 180 they portray.
Even if Microsoft currently only uses GitHub-hosted code as an input to Copilot, their theory of the legality does not depend on code being hosted there and applies to any code they can get their hands on. The idea that hosting code publicly at some non-GitHub location is going to keep it out of Copilot is not well justified.
The part that caught my interest is: How many people consciously picked the MIT license when they actually meant a non-attribution license?
If you want to throw your copyright out the window: The commonly accepted solution seems to be CC-0[1], which tries very hard to disclaim rights and limit liability in as many jurisdictions as possible, complete with a fallback license grant for failed public domain dedications. Because CC-0 makes some people uncomfortable despite the lengths it goes to reach its goals, some projects work with dual-licensing to cover the other side, such as Monocypher.
Neither of them address patents. If patents are something you want to/need to address, you could perhaps paste the patent clause from BSD-2-Clause-Patent onto 0-clause BSD.
See also the discussion on [2,3].
[0] https://spdx.org/licenses/0BSD.html
[1] https://spdx.org/licenses/CC0-1.0.html
[2] https://en.wikipedia.org/wiki/Public-domain-equivalent_licen...
[3] http://landley.net/toybox/license.html
People who release code under MIT not only won't/can't take legal action but they probably won't even bother writing an email to the person who they believe violated the attribution part.
I do (somewhat but not really) get why people use GPL but that's another story. Here we are only talking about people who use MIT instead of CC0.
https://github.com/microsoft/cups
You interacted with one part of Microsoft, maybe we are seeing the works of another part.
It's far from the first time I see this kind of reaction and, IMO, rather than everyone spending time on piling on the flamewar, how about opening the door for MS to set this straight and do the right thing? Assume good faith even if you personally don't sincerely believe it? Give them an easy way to save face and present a plausible narrative rather than having everyone dig their trenches deeper? If you'd prefer MS not to screw people over, it helps no one to solidify them in doing just that.
Already so many people shouting "YOU ARE THE DEVIL", not one going "hey, looks like this is a mistake, let's sort it out". IMO the latter is more constructive. It's almost as if people want Microsoft to do bad things. Remember it's a huge organization with all kinds of people and ideologies internally. It's too early to tell which way the individual behind this particular change is leaning.
It took me all of 1-2 minutes to make this PR[0], probably less than any of the meme pictures in that commit thread. Let's see how it goes. Last time it went through[1].
[0]: https://github.com/microsoft/grpc_bench/pull/1
[1]: https://github.com/dotnet/sdk/pull/22262
EDIT: ...And, it's merged. I'm assuming the rest of the affected repos will be fixed as well and an apologetic blog post issued by Monday. Anyone who feels that's too long time can always open corresponding PRs instead of wasting their time by replying to this with how that's not our job. Happy holidays.
"Oops. We f*d up? Well, you can't talk with a human unless you pay us lots of money. Oh - you don't have money for a lawyer? Tough. Good luck getting through our layers of trained monkeys."
It was just accidentally run in a script. No worries right?
Only on hackernews I see this level of crazyness. You need to reduce your caffein intake drastically.
"When disagreeing, please reply to the argument instead of calling names. 'That is idiotic; 1 + 1 is 2, not 3' can be shortened to '1 + 1 is 2, not 3."
and this one:
"Please don't sneer, including at the rest of the community."
2) bot2 takes data for copilot
3) we are "sorry" for bot 1
4) bot2 took data
That doesn’t seem to be the purpose of the bot. It’s supposed to add them to new repos, not alter existing. This ensures that all their projects have an explicit license rather than ambiguously public.
Embrace, Extend, and Extinguish
But now not even bothering with the extend. I’d guess this is a mistake of some kind.