Hi all, I wanted to share the outcome of today’s Council meeting regarding this proposal. After several weeks of discussion and incorporating feedback from our community into better revisions of the initial proposal, the Fedora Council has approved the latest version of the AI-Assisted Contributions policy formally. The agreed-upon version can be read in this ticket. You can read the full meeting transcript in the meeting log. So what happens next? Firstly, on behalf of the Fedora Council I...
From my (admittedly, limited) experience, sign-offs are often relatively shallow sanity checks. Nothing about this patch looks egregious? It solves a known problem? It makes it though the CI pipeline? Approved. When dealing with languages like C, where very subtle mistakes can introduce defects and vulnerabilities, I would not trust a LLM to do the brunt of the due diligence which would ordinarily be coming from the contributor (who typically spends a lot more time thinking about the problem than the person signing off on the patch). I’ll admit this isn’t a novel problem, but the amount of scrutiny applied to submissions will definitely need to increase if this becomes a standard process.
From my (admittedly, limited) experience, sign-offs are often relatively shallow sanity checks. Nothing about this patch looks egregious? It solves a known problem? It makes it though the CI pipeline? Approved. When dealing with languages like C, where very subtle mistakes can introduce defects and vulnerabilities, I would not trust a LLM to do the brunt of the due diligence which would ordinarily be coming from the contributor (who typically spends a lot more time thinking about the problem than the person signing off on the patch). I’ll admit this isn’t a novel problem, but the amount of scrutiny applied to submissions will definitely need to increase if this becomes a standard process.