AWS developer tools like CodeCommit are just horrible. Seems like they crank out something with just the minimal amount of features to say they are competitive.
+1 the amazon model of pushing out an MVP is not something I enjoy working with, especially when other dev shops put so much effort into the experience
I believe there's a term for that in the context of very large organizations evaluating competing offerings / bids. Checklist something? I can't remember.
The idea is that a huge - say - government organization has a set of requirements, and bidding organizations will create MVPs only functional enough so that the line items in the requirements can be checked off by the bid evaluator.
It's not meant to have 100% feature parity with things like GitHub, it's meant to have better integration with their other services that need a basic repo.
And that is generally the AWS MO - the first version or 2 of most of their services are super basic but will provide capabilities for customers that don't already have that capability from another vendor. If it gets traction or other customers start to say "we'd use it if it had feature X" they'll start to build it out more.
It's horrible, but it serves a purpose. I've worked on projects where qualifying a vendor is a ton of work. CodeCommit is.... adequate, if you just need hosted git.
AWS and Azure tend to be easy to work with, if you're dealing with anything with regulatory requirements. I have projects which can't go on github, hosted gitlab, or bitbucket. We host our own gitlab, but if we were doing this in 2022, we might use CodeCommit since AWS is qualified.
It makes sense too. Each vendor expands your security perimeter. This isn't just dumb bureaucracy (but that doesn't make it less annoying either).
I wonder what "billions" of lines of code CodeWhisperer is trained on? I somewhat doubt that they are training on the private code hosted in CodeCommit and capital B billions seems rather high for internal code, even for Amazon.
It'd be pretty funny if they were also indexing into Github to train their models.
> "As I mentioned earlier, we trained (and continue to train) CodeWhisperer on billions of lines of code drawn from open source repositories, internal Amazon repositories, API documentation, and forums."
The really interesting thing about this is the implication that Amazon's beefy legal department has come to the same conclusion as Microsoft's similarly beefy legal department: that using publicly accessible but not necessarily permissively licensed code to train Codewhisperer/CoPilot to spit out code is defensible in court.
A) "they" don't use your code. individual Copilot users might.
B) the first setting in Copilot is whether or not to use code snippets verbatim. if a user turns that off, they won't be copying anything directly, even if it is a single-line function.
C) I seriously doubt that you care enough about code you put in a repo on GitHub being used by someone else to go all the way to court.
D) in the unlikely event that someone does steal your code, you would need to find out about that.
E) you don't need to use Copilot to steal code.
F) you would be going up against Microsoft's lawyers, after they have vetted the legality of this tool and let the product go to market.
>>A) "they" don't use your code. individual Copilot users might.
They are selling a product, that was trained on:
"... It has been trained on natural language text and source code from publicly available sources, including code in public repositories on GitHub..."
No mention from their part what licenses that "publicly available" code is now using, including about usage for other purposes.
>>B) the first setting in Copilot is whether or not to use code snippets verbatim. if a user turns that off, they won't be copying anything directly, even if it is a single-line function.
The scenario where a user/company did NOT use my code...Is NOT one I will be suing for.
>>C) I seriously doubt that you care enough about code you put in a repo on GitHub being used by someone else to go all the way to court.
Redis, Linux Kernel code are on GitHub. Does that mean they don't care
how the code is used?
>>D) in the unlikely event that someone does steal your code, you would need to find out about that.
Yeap. We only hear about criminals that get caught...Technically, you did not commit a crime until evidence comes up. Who knows, maybe the stolen
code gets fed up into CoPilot making my lawyers job easier...
>>E) you don't need to use Copilot to steal code.
Yes. The lawsuit for stealing code using Copilot will be one, the lawsuit for stealing code via other means would be another one. Somehow the first one might make it easier to find lawyers willing to work on it. Just when they hear
it's a Microsoft emporium gold pot, they have the chance to raid :-)
>>F) you would be going up against Microsoft's lawyers, after they have vetted the legality of this tool and let the product go to market.
"Your honor, we have very rich and smart lawyers. Our lawyers are so good, that if something is vetted by our legal department cannot possibly be illegal...'
_> SAID no lawyer in court ever...
The Wikipedia page, for criminal and patent litigation Microsoft has been involved and lost in the last years, is 22 pages long...Microsoft supposedly top legal department loses lawsuits all the time.
I think I will try for a jurisdiction with a Jury :-) and start by reminding the Jury of the time Microsoft stole the domain from a teenager called Mike Rowe, with his own software business, because his domain was:
www.MikeRoweSoft.com
Drop the domain on your browser, and see
where it redirects...
The point of the program is for it to write its own code. You have seen code in your life, but not everything you write is copying what you have seen. It gets more problematic when the AI model is just regurgitating code from the training set which is when you may need to be concerned about the license of the code it is copying.
The other concern, is that will be a paid product. It's users decide to pay or not, based on the quality of the code suggestions.
The quality of the code suggestions are tied to the quality of the training corpus. The manufacturer of the product needs to get permission, explicitly, or implicitly via a license associated with the code corpus, to use the training
set on the building of the commercial product.
Speaking exclusively for US jurisdictions, so far courts seem to have been accommodating to the so called discriminative algorithms, but the jury is still out, for the so called generative algorithms. [1]
Instead of examples like Copilot or Codewhisper producing code, let's think of examples like some of recent advances using Convolutional Neural Networks [2]
What will the Music Industry or Cinema Industry do, if a company uses the Corpus of Music or Movies without asking for further permission? For example, to produce a commercial product, that would allow a user, to create music on the style of Pat Metheny, AC/DC, Abba, or a Cinematic experience on the style of Lord of the Rings?
Surely both the user and the product vendor would be called upon it?
>What will the Music Industry or Cinema Industry do, if a company uses the Corpus of Music or Movies without asking for further permission?
As a composer or cinematographer you don't have to ask for permission to learn from other people's work, so why should a computer? (rhetorical question)
[1] "...You cannot sample music without permission, no matter how short or long the sample is. Copyright is copyright. And if the sample is recognizable (hell, even if it isn’t recognizable), you’re using another person’s intellectual property in order to construct or enhance your own. You control the copyright to songs you write – and you’d expect the same for your work..."
> while most of the code that the system generates is novel, every time it generates code that is close to an existing snippet in its training data, it will note that and highlight the license of that original function. It’s then up to the developer to decide whether to use it or not. This should alleviate some (though maybe not all) of the copyright concerns that maybe come with using a tool like this.
The reason they announced this is specifically to capitalise on GitHub CoPilot becoming paid.
Some significant fraction of developers worldwide are right now deciding whether to pay. So they have rushed out essentially a landing page for some of the "like it but not quite willing to pay" folks
These tools are already based on language models that were trained on regular text, you can basically use Copilot already to write an essay for you. Just start writing an essay in a *.c file and Copilot will happily continue it for you.
33 comments
[ 2.9 ms ] story [ 78.2 ms ] threadTheir Java example isn't even legal Java as `string` isn't a type (it's `String`)
The idea is that a huge - say - government organization has a set of requirements, and bidding organizations will create MVPs only functional enough so that the line items in the requirements can be checked off by the bid evaluator.
And that is generally the AWS MO - the first version or 2 of most of their services are super basic but will provide capabilities for customers that don't already have that capability from another vendor. If it gets traction or other customers start to say "we'd use it if it had feature X" they'll start to build it out more.
AWS and Azure tend to be easy to work with, if you're dealing with anything with regulatory requirements. I have projects which can't go on github, hosted gitlab, or bitbucket. We host our own gitlab, but if we were doing this in 2022, we might use CodeCommit since AWS is qualified.
It makes sense too. Each vendor expands your security perimeter. This isn't just dumb bureaucracy (but that doesn't make it less annoying either).
It'd be pretty funny if they were also indexing into Github to train their models.
The average node_modules directory, most likely.
The really interesting thing about this is the implication that Amazon's beefy legal department has come to the same conclusion as Microsoft's similarly beefy legal department: that using publicly accessible but not necessarily permissively licensed code to train Codewhisperer/CoPilot to spit out code is defensible in court.
neither company would do this if it put them at extraordinary risk.
B) the first setting in Copilot is whether or not to use code snippets verbatim. if a user turns that off, they won't be copying anything directly, even if it is a single-line function.
C) I seriously doubt that you care enough about code you put in a repo on GitHub being used by someone else to go all the way to court.
D) in the unlikely event that someone does steal your code, you would need to find out about that.
E) you don't need to use Copilot to steal code.
F) you would be going up against Microsoft's lawyers, after they have vetted the legality of this tool and let the product go to market.
They are selling a product, that was trained on:
"... It has been trained on natural language text and source code from publicly available sources, including code in public repositories on GitHub..."
No mention from their part what licenses that "publicly available" code is now using, including about usage for other purposes.
>>B) the first setting in Copilot is whether or not to use code snippets verbatim. if a user turns that off, they won't be copying anything directly, even if it is a single-line function.
The scenario where a user/company did NOT use my code...Is NOT one I will be suing for.
>>C) I seriously doubt that you care enough about code you put in a repo on GitHub being used by someone else to go all the way to court.
Redis, Linux Kernel code are on GitHub. Does that mean they don't care how the code is used?
>>D) in the unlikely event that someone does steal your code, you would need to find out about that.
Yeap. We only hear about criminals that get caught...Technically, you did not commit a crime until evidence comes up. Who knows, maybe the stolen code gets fed up into CoPilot making my lawyers job easier...
>>E) you don't need to use Copilot to steal code.
Yes. The lawsuit for stealing code using Copilot will be one, the lawsuit for stealing code via other means would be another one. Somehow the first one might make it easier to find lawyers willing to work on it. Just when they hear it's a Microsoft emporium gold pot, they have the chance to raid :-)
>>F) you would be going up against Microsoft's lawyers, after they have vetted the legality of this tool and let the product go to market.
"Your honor, we have very rich and smart lawyers. Our lawyers are so good, that if something is vetted by our legal department cannot possibly be illegal...' _> SAID no lawyer in court ever...
The Wikipedia page, for criminal and patent litigation Microsoft has been involved and lost in the last years, is 22 pages long...Microsoft supposedly top legal department loses lawsuits all the time.
"Microsoft Loses Lawsuit over Unwanted Windows 10 Upgrade": https://rcpmag.com/articles/2016/06/27/microsoft-loses-windo...
"Microsoft Loses Patent Lawsuit, Must Pay Rival $120 Million": https://www.latimes.com/archives/la-xpm-1994-02-24-fi-26671-...
I think I will try for a jurisdiction with a Jury :-) and start by reminding the Jury of the time Microsoft stole the domain from a teenager called Mike Rowe, with his own software business, because his domain was:
www.MikeRoweSoft.com
Drop the domain on your browser, and see where it redirects...
"Microsoft’s Ridiculous Settlement With a 17-Year-Old": https://tealfeed.com/microsofts-ridiculous-settlement-17-yea...
The other concern, is that will be a paid product. It's users decide to pay or not, based on the quality of the code suggestions.
The quality of the code suggestions are tied to the quality of the training corpus. The manufacturer of the product needs to get permission, explicitly, or implicitly via a license associated with the code corpus, to use the training set on the building of the commercial product.
Speaking exclusively for US jurisdictions, so far courts seem to have been accommodating to the so called discriminative algorithms, but the jury is still out, for the so called generative algorithms. [1]
Instead of examples like Copilot or Codewhisper producing code, let's think of examples like some of recent advances using Convolutional Neural Networks [2]
What will the Music Industry or Cinema Industry do, if a company uses the Corpus of Music or Movies without asking for further permission? For example, to produce a commercial product, that would allow a user, to create music on the style of Pat Metheny, AC/DC, Abba, or a Cinematic experience on the style of Lord of the Rings?
Surely both the user and the product vendor would be called upon it?
[1] "The Most Important Court Decision For Data Science and Machine Learning": https://towardsdatascience.com/the-most-important-supreme-co...
[2] https://arxiv.org/pdf/1508.06576v1.pdf
As a composer or cinematographer you don't have to ask for permission to learn from other people's work, so why should a computer? (rhetorical question)
[1] "...You cannot sample music without permission, no matter how short or long the sample is. Copyright is copyright. And if the sample is recognizable (hell, even if it isn’t recognizable), you’re using another person’s intellectual property in order to construct or enhance your own. You control the copyright to songs you write – and you’d expect the same for your work..."
[1] https://diymusician.cdbaby.com/music-rights/clear-samples-to...
From https://techcrunch.com/2022/06/23/amazon-launches-codewhispe...
This at least seems directly in response to concerns raised with CoPilot.
Some significant fraction of developers worldwide are right now deciding whether to pay. So they have rushed out essentially a landing page for some of the "like it but not quite willing to pay" folks