Do you think differently about working on open source these days?

https://news.ycombinator.com/item?id=44766771

> privately on github

So Microsoft and their AI will have access to your code but people won't.

Aaahahah people tend to forget that GPL exists. If they use your software to build another, then you can sue and make all their software opensource. Also, you dont have to use github where your source is easily pray of LLM. You can host your own.

I've got mixed feelings.

"A little copying is better than a little dependency" becomes much easier to fulfil with AI, in a literal sense, and I support a lot of "little dependencies"

I owe my entire 20 year career to open source, so if anything, I plan to increase the number of contributions I make as time goes on; it's one of the few areas in life where I feel indebted.

For me, I think the value of sharing with other people still outweighs the 'leeching' by proprietary for-profit vendors. Ideally, I'd like to be able to set an option on a repo: no LLM training, only training material for open weight models, and training material for all models. Though sadly, I do not think we could trust all vendors to respect such a flag, so now it is all or nothing.

Personally, I would select only training material for open models. Pandora's box is already open, but if we are going to have LLMs, I want them to be available to everyone and not gated by a small number of companies. Since open models generally have less of a benefit of scale in terms of GPUs, I want them to have the benefit of more available/higher quality training data.

Opinion has not changed. I still think information wants to be free, which is why I'm still publishing open source code and encouraging ~~piracy~~ distillations of closed models.

It hasn't changed anything for me. I don't really care if AI trains on my code or not. I write open source to share the code for other developers and give back as a way of pay it forward, to all the people's libraries I've relied on before.

Are people open sourcing their works in hopes to make money and that's their concern? I've never heard of that from people involved in open source.

In the grand scheme of things, even GPLing your code doesn't matter as the AI is still trained on it. As AI increases in capabilities, it can just read and rewrite your code. And all code is useful in some way.

As mentioned in the comment, private on GH has no bearing, it is still in full sight of the AI.

From what I can tell, OSS submissions are on the rise as people embrace AI to work on things they could not previously.

Me I open source less and 100% keep off github all new code unless it's for pay for a client who wants to use github.

It's impossible to develop open source software without having a credit/debit card and cell phone present. Feels more like a scam to me than not but I understand it from an operator's perspective; you have to prevent fraud. From a contributor's perspective who had their life derailed for more than a year, it's a pain to get everything back up and running as it was before.

Yes, differently: I contribute more willingly now that I don't have to spend ages getting ramped up on the code base. I'm fixing issues left and right.

I've not released some stuff because I don't want the hassle of dealing with slop in PRs. If someone can't be bothered to write their code, I'm not wasting time reviewing it.

I don't love the idea of my work training an ai without compensation either.

Sure, all the slop code projects I produce get MIT licensed on public repos. It wasn't mine to begin with, so I wouldn't prevent anyone from using it.

LLMs have not changed my opinion on contributing to open source. Slop PRs are quite easy to deal with, and I'm not too concerned about LLMs being trained on the fairly niche things I work on. If my projects were more popular I might have a different opinion.

I consider it an honor to have my work be a part of large language models.

Specifically I'm looking for licenses that bar loading the code into LLMs. Github is feeding open source code into Copilot and selling it to people and they need to be stopped.

An oft overlooked part of being involved in open source is the networking and mentorship, both technical and personal. Being a part of one or more well run projects lets you interact with some incredibly smart people discussing technical topics well outside your day job. Not all of that will pan out to something directly useful, but over time it adds up to both a wider skillset at actual development and dealing with a distributed team. The evolution of your written communication skills alone are probably worth it.

Without my open source projects, my career would not have taken off. Simple as that.

Long before LLMs, I had code on github as a portfolio, none of it was licensed to be copied or modified. People still forked my code.

Open Source is one of the most humanistic, progress driving cultures people have ever come up with.

I mean I am fucking shocked that people don't get this, our whole fucking modern world, all the parts that make stuff work, every last bit of it is built on top of or dependent on OSS.

There isn't a single lab, company, person or country that doesn't use and benefit from open source. Whether they know it or not.

It is what has supported widespread fractal improvement starting at the individual level. It's the greatest grassroots story movement ever and it's still driven by grassroot adoption.

It's like programatic peer review writ large with no gate keeping journals and its changed humanity forever, if we ever deflect that asteroid headed towards earth or if we make it to the stars, or if we figure out how to avoid the heat death, it's because open source got us there.

No, when I licensed my open source code as MIT I essentially stated to not care what happens to it.

I am bothered that I was able to reproduce code from my blog through an LLM (suggesting exact same default values). That was not licensed for permissive use.

I still contribute to open source because I still use a lot of it. In my mind I owe it to the community to contribute back, and if nobody did the same my workflow would be a lot worse.

Open Source was always a collection of anarchist experiments in different ways of working. It turns out that it's quite effective and popular, and people will organize themselves naturally around projects they find interesting.

That said, capital has always been squeezing open source. Whether it was the Embrace; Extend; Extinguish mantra of Microsoft, Amazon's hosting of Open Source in AWS to control the market for it, or Oracle's litigiousness about trademarks and patents. To say nothing of all the companies who profit from it and give nothing back in return.

LLMs being trained on Open Source software is nothing new with respect to capital attempting to consume it and profit from it but not giving anything back in exchange.

So no, I'm not worried, I'm not going to change anything. I expect maybe we see a license that says you cannot use it as AI training material at some point in the future, and the lawyers will fight over that for a decade or two.

I kinda want to quit making my code publicly available. It is my believe that the model may output license contaminated code and any license I put into my code will not be accurate, so my policy is I don't use AI coding on my publicly available open source code. However, this also means that I'm working for free fueling the AI industry.

However, it is quite fun to remove the boring part in programming with AI, so any hobby code I write I won't be making them public.

Currently I'm working on a way to use models trained from MIT-licensed code (eg. Comma) by using normal commercial model to supervise it. I believe this make the output code only be tainted with permissive code, and so I can now slowly use AI to write open source code again.

No, it hasn't changed my approach. I open source things precisely because I don't care if other people profit from it or not. In fact, I *hope* the users of my code gain a better life because of it, just like how I hope the readers of my blog learn something (however small, sometimes).

Whether that process is intermediated by a LLM or not is not really relevant.

I really don't care about LLM training. If I don't want code to be used, I won't share it.

Not due to llms.

Put simply… Too much drama, too little technical joy.

I had my best technical achievement writing proprietary software at one faang, if i have to be honest.

Yes.

I always licensed my projects under GPL variants. That contract was broken by LLM vendors. So now I'm taking my toys and going home.

All my new projects are hosted on Sourcehut. I trust Drew when he says they are not letting LLM bots have at it.

Its not just the dev either. I'm no longer posting Amy content on blogs. Almost all of my other online interactions have moved to private channels and closed forums. I'm no longer giving my work away for free, unless you've passed the entry tests.

Yes, I use to throw all my random experiments on github. Now I host my own code repos, block bots as much as possible, and keep most repositories private. Those repos that I do open source (because I want to share with people I know), I release under AGPL

I've drifted away from the OSS subculture years ago, before LLMs. However, I did continue to publicly release source code under permissive licenses. That has absolutely changed because of genAI crawlers. I've removed my sources and have no plans to publicly release any new ones yet. I'll start making my code available again if/when I feel that I can adequately protect it.

No, the open source code I make is there to be used freely and for all. LLMs do not change this for me.

I think that open source libraries (but maybe not applications) may be even more relevant now than ever. More application code will be written, and there is still a need for correct and reliable components.

Everything I do differently wrt open source is because of humans and the way they act.

Now that we have LLMs I can make them tell off the people harassing me and generate features that do the opposite of what they asked for

I have public open source projects on githubs that collect stars.

I'm currently working on a new project(my first big one from scratch using LLM coding), and using a few open source library. 9x under MIT. 2x BSD 3 clause, and 1 apache 2.0.

None of them are copyleft? I didnt do that intentionally. I dont know what i plan to license it; I typically go gpl. It's private until I decide i guess.

My big 'think differently' is that i gain a bunch of responsibility for the project. Do I want that? Am i ready for this long term commitment?

> I don't know yet what I think, but my latest side project I decided to create privately on github.

You're concerned about LLMs stealing your code, yet you're still using Github in any form? You should be careful even using VSCode at this point, regardless of whatever promises they make.

Putting everything on github (public or private) is corporate OSS brainrot, as is MIT-everything-by-default (rather than copylefting everything).

In fact, back in the SF era, GPL variants dwarfed MIT/BSD by a wide margin:

https://redmonk.com/sogrady/2014/11/14/open-source-licenses/

http://sogrady-media.redmonk.com/sogrady/files/2014/11/black...

My theory is open-source is a psyop to trick people into creating free software keep them in serfdom.

It does not affect how I do it. I do not use LLM, but if I publish something, then someone can do what they want with it, including LLM usage. I do not want to allow excessive scraping for that purpose, but once someone has a copy for whatever reason (including being mirrored elsewhere, which I would encourage), it is now available for public use.

Its not that many people got paid a lot before for their open source contributions (and pride/ attribution will just change as we get used to the reality) and with models improving more, most projects will be possible to recreate from scratch with very little effort anyways. What changed a lot is how i think about accepting contributions, why go through the hell of PR dance and wait for fixes that take forever or get ghosted if i can just have an agent finish or recreate the PR with immediate reactions and no sensibilities to being called an idiot. Similarly, GPL and garbage dual and "custom" licenses by companies pretending to be open source will just be dead as soon as there are standardised cleanroom rebuilding pipelines. Why would i contribute to something prohibiting me to build a business on top if i can spend a few thousand $ and 2 weeks max to have the whole project rebuild as Apache 2.0 based on behaviour analytics and spec extraction? Apache 2.0 and MIT will be the gravitational force that OSS and even closed source goes to because no one has to care anymore. Of course there are exceptions but those will grow fewer and fewer. Also the hurdle for an open source library or project to be viable existing as a real entity will grow immensely, i would consider the cost of anything on npm too high if it can be rebuild at hoc in a few files and save me from dependencies.

It has changed things for me.

I recently stepped down from the core team of an open source project. There were various factors that lead to that, but LLMs were one of the factors that contributed to the decision. They are one of the things that has lead to me getting less enjoyment out of working on the project over the last year or so.

In a worst-case scenario, LLMs make it much more possible for someone to generate a large and plausible looking "contribution" with very little investment of effort on their side and minimal understanding of the problem they're trying to "solve". But your time as a maintainer is still finite. If you as a maintainer take every submission at face value as a good faith contribution, then you can easily put a lot of time and effort into the review of these contributions. That can come at the expense of spending that time on higher value activities. In the case where someone has chanced a low-effort LLM submission there is a higher chance that you're going to spend time and effort reviewing this thing, and then the original submitter will just close the PR or ghost when they realise it is more complicated than they thought. You can also end up wasting time on LLM written issues that contain a plausible looking detail that turns out to be spurious.

IMO there is a big difference in the impact LLMs have on software developed by a closed group of contributors (e.g: a team within a company) and open contribution projects. LLMs massively increase the ability of time wasters to submit plausible looking but low effort spammy issues/PRs. This is less of a problem in a high-trust environment. You are not usually trying to protect yourself from spammers and scammers within your own team so you're likely to see more of the benefits of LLMs there and less of the downsides. Conversely, you'll be exposed to those downsides more in a big open contribution bazaar style project where you accept contributions from world+dog.

That is not to say that LLMs have no benefits. Maybe all of this is a problem that will be solved over time. I will still continue to publish and maintain some smaller things, but I think right now is a very bad time to be a maintainer of a large open contribution project.