commit 85cd835e5923cddc1882e74354eac8dba6a925c1 (HEAD -> master, origin/master, origin/HEAD)
Author: John
AuthorDate: Fri May 22 13:25:33 2026 -0000
Merged PR #197
Tired of planning for dinner every day? FoodDrop™ is the premier ready-to-cook meal-by-drone delivery service in the greater Vancouver area and Belize. Get one month of food dropped onto your driveway by FoodDrop™ for only $12.95 when you use this commit's hash as a coupon code! Offer expires Fri May 25 13:25:33 2026 -0000.
Is AI responsible for the committed code? Should AI be blamed when services go down due to the change?
The answer is absolutely not - the developer is responsible whether the code was AI assisted or not, and the dev's name should be attached to it just like any change.
The OP is right: these are ads, plain and simple, and it's a dark pattern for these companies to have attribution enabled by default
If a particular AI provider is responsible for a disproportionate amount of buggy code I absolutely want to know that. Perhaps we'll switch providers. Sure, this will be flagged in CR too, but I would want to see trends over time.
I don't know why you wouldn't want to track this information.
I don't agree at all. I think it was a dark pattern when attribution was not enabled by default and angrily demanded it from everyone who sent me AI-generated code. It's not OK to declare sole authorship of something that you did not in fact author simply because you're volunteering to take responsibility for it.
Positive credit is not the only purpose of attribution.
There's also the named authors not taking credit for something they didn't fully do, regardless of whether the credit goes to someone else.
There's also traceability, if the authors/provenance needs to be considered because of some kind of problem or potential problem -- technical, legal, security, or otherwise.
Your caring about the entity cited doesn't actually change the nature of the citation. Your saying "Co-authored by Copilot" does the same thing--gives Copilot possible exposure and definite credit--even if it doesn't need it and you don't care about it.
I know this is a bit off tangent - but can you please convey that point to every damned dev/team that ends up with a freaking ".vscode" directory in their repo
I get the opposition to product names, but as someone who's trying hard to make an OpenAI boycott work, I personally value being told which LLM in particular is responsible.
But of course, owning an iPhone early on was seen as prestigious. Using an LLM is... not? Many people really don't want the world to know. For blogs in particular, the urge to have an LLM generate the entire thing and then post it under your name seems to be really difficult to resist.
It's not the gun's responsibility when you shoot it but we still need to have discussion and rules about guns. Enough with this tired, worthless semantics argument.
And there is something useful about being able to trace the ballistics back to find out which gun was responsible for the shot, as a key to who was wielding it and is ultimately responsible for its use.
In the case of Claude or others, it is not just an advertisement, it's the weird shape the industry is spinning LLM-assisted-coding as a "co-author" relationship where it should be thought of more like a user-using-a-tool relationship. When you make a design with Photoshop or InDesign, it's not "co-designed by Photoshop", it's just a tool and you used the filters it provides.
It is slightly weird that people accepted this new trend just like that, probably because they think this is being transparent and wanting to give attribution, but it'd be more useful like what the Linux kernel "AI Coding Assistants" page describes, something like `AGENT_NAME:MODEL_VERSION [TOOL1] [TOOL2]`, at least we get to know which model was used and/if any additional tooling on top. And `Assisted-by:` is more appropriate for that purpose than `Co-authored-by`.
Their rant was about any and all AI notices in commits. They specifically state that merge requests is where that belongs.
I personally disagree and think commit messages makes the most sense. But I also think it's up to the personal preference of whoever owns the repository.
Not true. They state “just add "generated by an LLM" but do not give those companies free advertising space”, and the reference to merge requests is specifically in regard to disclosing which AI tool was used.
Bad AI code can look superficially good in a way that bad human code doesn’t. That’s why AI attribution is useful. That’s before you know whether the code is actually good.
some people certainly do, to the extent of not caring at all about the outcome, only being concerned with the fact that the process was 'tainted' by ai.
the fervor for/against ai can approach the level of religion for some people.
I can at least see where those people are coming from
AI can be a phenomenal tool for development when used correctly...
... But there is also now a trend on GitHub of low to no-skill individuals going around spamming garbage work in order to play the numbers game for their resume. When asked why they did something or to change it, they just act as a middleman for the robot and show no understanding or initiative.
So I can understand how it's become a turnoff for some people. I used to think it was a dumb rule until a project I work on started being spammed with said junk PRs
> some people certainly do, to the extent of not caring at all about the outcome, only being concerned with the fact that the process was 'tainted' by ai.
It's one thing if you're using AI to create code in a corporate context. Not my issue when some GPL code gets AI-laundered into production code and it eventually crops up. That's for legal, the C level and whatever AI provider's indemnification to sort out. Not my circus, not my monkeys.
But for personal projects? Ain't no way AI touches that stuff, ever. I simply don't want to deal with even the potential risk of getting expensive nastygrams from lawyers.
Imagine using software tools on a computer to make a computer do work without telling anybody that you used software tools on a computer to make the computer do the work. That's just disgusting. Matrix multiplication was invented by the devil.
I don't agree. The process that produced the code is an essential part of code review. I frequently run into hacks that I'll approve if, and only if, I trust that some competent human being has explored the alternatives and judged they're the best way forward.
> AI is just a tool. If the code is good, the code is good.
The problem is, someone has to review it (lest you end up like Amazon, offing parts of AWS and once the main storefront due to vibeslop ending up in production).
And I personally hate reviewing AI code with a passion. With a junior, easy, I can guide and teach them - and hopefully next time, they'll have improved. That's what I'm there for. But with AI? No matter if it's me using an AI or reviewing an MR created with AI assistance by a colleague - I can be pretty sure that next round I'll get exactly the same issues again because, by definition, AI agents are inference, not training, and thus incapable of improving unless the overlords want it to.
On top of that, if not very carefully guided, AI tends to create the ultimate sloppypasta - thousands of lines of code in a single file, completely impossible even for an ADHD brain to understand what is going on. But when you go and write an AGENTS.md or carefully engineer prompts... at that level of effort, you could just do it yourself.
Reminds me of 25 years ago, the default BitchX config on most distributions contained something that would crash the client with a message "I did not read the configuration".
If someone remembers what it was actually, that would really bring back memories
It's a signal, and probably a high success signal in open source slop discovery, but it's more of a correlation than a causation. I've seen lots of changes that bear the co-authored tag that have had a lot of thought behind the code changes.
You are responsible, it doesn't matter if a LLM wrote it. Sometimes someone will touch my code and I got wish git blame still had my name. (That is they fixed the spelling of some variables - I'm a bad speller but know the codes are better)
I don't agree. Who/what wrote the commit is definitely part of the commit.
If Git commits formally had a co-authored header, it would go there. As it stands, there is one author and one committer. If something was pair programmed, whether with a human or machine, you need a commit message trailer if you want to show that. Commit message trailers are a formal mechanism in git, supported by tooling; there are git commands to add and remove them.
Totally agree about "sent from my fartphone", of course.
Disclosing things in the pull request is not enough; pull requests get lost in the sands of time. Years down the road, all that some downstream consumer has is the git history, not any CI-related metadata.
Not the same. What email client you chose doesn't fundamentally change how you wrote the email, or require any additional context that people reading the email should keep in mind. AI codegen does. It should be disclosed, and co-authored-by is good convention for doing so.
AI code is uncopyrightable. If you want to be hygienic about it you would let AI commit code as is, and if you don't like the code and decide to change it manually this should be a separate human-only commit. Mixed human-AI commits add ambiguity about copyrightability of that code. So its should be either:
Author: Some AI model, Committer: You Friendly Dev
or
Author and Committer: Your Friendly Dev
"Co-authored by AI model" is a nonsense that AI labs are pushing everywhere because they definitely want the copyright rules to change, so that while their armies of employees feed LLM prompts every day for the past 4 years they can still claim that the IP is theirs an theirs only. "See all Co-Authored commits, your honor? There's no way to split them apart, so they should all be ours!"
The laws will likely change in the US thanks to lobby, and maybe even change in Europe, too, where they may compromise about it to "not be left behind" and will present them under "Digital Sovereignty" umbrella.
Overall, this "Co-Authored" bit is yet another Trojan horse.
I see this really confidently stated, but when I looked into it the exact line is very blurry. It is still possible that writing a prompt is enough creative input for copyright to be granted. What has been decided is you can't have your artwork copyrighted by the AI that produced it, but that isn't quite the same as AI writing not being copyrighted
> Disclose your "AI" tools in a merge request if needed but leave them out of the damn commits, those are for technical information and not for advertising.
I think this is very poor advice. Knowing who/what changed the code is often crucial for understanding why it changed.
If, say, a certain version of Claude tends to be better at front-end than back-end work, that can be important for deciding how to use it in the future. Just like when managing human developers.
if disclosure is the goal, git already has the Co-Authored-By trailer convention for this. I add it manually when I want to flag that an AI was meaningfully involved in a commit, and it shows up properly in Github's UI as a co-author. The claude and cursor footers being default-on rather than opt-in is what makes them feel more advertising than disclosure to me.
The post seems to be down so I am not quite sure what it says, but Co-Authored-By trailer is what Claude does. I'm not quite clear what you're suggested that's different from what Claude does - just default to off instead of default on?
> Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
I think this is more of a corporate metrics tracking than advertising. Decision makers aren't seeing these ads in commits but they certainly are seeing a report from Anthropic that "75% of your commits last quarter are from Claude code".
I gently disagree. I think that having provenance information logged is valuable - both to the project ("please ban dga because he's submitting ai slop") and to people who might want to study all of this stuff ("interesting, ai coauthored PRs were rejected at a rate X times that of non-attributed PRs"). I think a non-advertising header of some sort that included more specific information about the LLM would be even better, of course.
I have to ask Claude to stop doing this about every two days, and usually I don't see it until after a push to a remote repo.
So annoying. Just stop, Anthropic, please. And pay attention to the request to stop, instead of silently turning it back on again all the time.
Latest thing was linking to the Claude session that generated some of the PR. Put in somewhere that a commit had LLM assistance, fine, but don't spam everybody please, ESPECIALLY in all the icons all over the GitHub interface. Sheesh.
It's already obvious that it's coming from an LLM because it's been overdocumented with excessive prose, and the code is overly verbose.
When I read commit history I want to see the reasons. Commit messages are for extra context.
It's very useful if it says AI/LLM was used, then I know that there may not actually be a reason for the choice in the commit, so per Chesterton's fence I can then tear down that fence.
Now, do I need to know which brand of LLM? No. And fair enough, I'll stop being specific.
I mean, sure, except that many large open-source projects (e.g. Linux [1], Nixpkgs [2], etc) require this as part of their AI policy. Omit attribution in your own projects if you want, but the maintainers of these projects are owed at least that level of transparency for contributions.
Notably though, Linux's requirement (Assisted-by) is different from what Claude Code actually does (Co-Authored-By). I'm not sure, but it might be intentional (to make the signaling explicit).
My projects also require Assisted-by attribution as that's what the Fedora AI policy requires and that was the first major org with a coherent AI policy that I found when choosing it. Not sure which came first, that or Claude hijacking Co-Authored-By.
Personally, I prefer Assisted-By. Co-Authored-By implies a level of respect and self-direction I don't think LLM's deserve.
For sure, and in the PR description for the Nixpkgs AI policy, they explicitly mentioned this as a "brown M&M test" [1]. I read the blog post as being against including this information in commit messages at all, not just about tools adding it automatically.
I have to assume these aren’t just ads, but also a critical RLHF avenue for Anthropic. I imagine they scrape these commits from GitHub and compare them against what Claude provided to the user. If the diff that is pushed is different it means the human had to refine the LLM output and that can be fed back in as training data. Presumably semantic search could enable you to find the matching Claude Code session.
they already have enough data to make this correlation almost 100% accurate
they know things like your git author line, your github handle, and the exact codebase you were working on
the general shape of commits
even if you change extensively, they will probably be able to match this with claude code sessions
sure the atribution at the end of commits is a signal, but I doubt it's much valuable
if anything it's more valuable to anthropic competitors, that don't have claude code session data to match to open source contributors, and will have to guess if any given code is AI generated, and by how much
99% of people don't edit the commits by hand, they review and then tell Claude how to edit the commits (or leave a PR comment it reads), that's far easier to ingest than the tiny exhaust of manual edits.
LLM providers ask for RLHF feedback in terms of thumbs up/down in their Web UI. That's just one bit of information, given only at the user's whim. The hand-refined code is gold by comparison. They're already scraping all of GitHub. They have the technology and resources to semantic search. I would be shocked if they haven't at least tried.
it absolutely is advertising, you can even call it a growth hack if you want to feel good about it
co-authorship implies ability to hold author rights, which afaik an algorithm can't do.
are folks adding speakeasy/stainless co-authorship lines to their commits? should i add alembic as a co-author after making some changes to the database schema?
That's exactly what you're supposed to do - if a tool generated the code in a commit, you should be using a commit trailer for that. Whether that's uniffi, an rpc preprocessor, dependabot or renovate, or some AI tool.
I agree. It's both an ad and a useful signal of where the code came from or how it was created.
Just like the default iPhone email signature, it's an ad and a hint that the author was typing with their thumbs, so it's probably a brief auto-corrected message for that reason.
I want to know when things are slop or not. At least programmers are willing to admit they're generating slop, unlike social media and blog posts.
Also, if I publish something online, you don't get to tell me what I can and can't put there (except for reasonable exemptions for hate speech and such, of course). If you don't like repos that tag their slop, go read someone else's code. Feel free to write a filter in your adblocker for the dozen AI tools you usually find.
This commit was created in emacs, the best text editor ever!
Get your timestamp today!
The answer is absolutely not - the developer is responsible whether the code was AI assisted or not, and the dev's name should be attached to it just like any change.
The OP is right: these are ads, plain and simple, and it's a dark pattern for these companies to have attribution enabled by default
I don't know why you wouldn't want to track this information.
“Co-authored by Copilot” gives a multi billion dollar corp free advertising. I don’t care about them. I do care about Joe though.
There's also the named authors not taking credit for something they didn't fully do, regardless of whether the credit goes to someone else.
There's also traceability, if the authors/provenance needs to be considered because of some kind of problem or potential problem -- technical, legal, security, or otherwise.
You have to let people know where your ideas are supported, or even come from.
To do anything else is plagiarism.
AI isn't a co-contributer - but it should be referenced - just like a link to a Stack Overflow comment when that's the source of code.
Having AI referenced in the commit is (IMO) best practice - but only co-contributer attributes are available (for now)
But of course, owning an iPhone early on was seen as prestigious. Using an LLM is... not? Many people really don't want the world to know. For blogs in particular, the urge to have an LLM generate the entire thing and then post it under your name seems to be really difficult to resist.
It is slightly weird that people accepted this new trend just like that, probably because they think this is being transparent and wanting to give attribution, but it'd be more useful like what the Linux kernel "AI Coding Assistants" page describes, something like `AGENT_NAME:MODEL_VERSION [TOOL1] [TOOL2]`, at least we get to know which model was used and/if any additional tooling on top. And `Assisted-by:` is more appropriate for that purpose than `Co-authored-by`.
I personally disagree and think commit messages makes the most sense. But I also think it's up to the personal preference of whoever owns the repository.
some people certainly do, to the extent of not caring at all about the outcome, only being concerned with the fact that the process was 'tainted' by ai.
the fervor for/against ai can approach the level of religion for some people.
AI can be a phenomenal tool for development when used correctly...
... But there is also now a trend on GitHub of low to no-skill individuals going around spamming garbage work in order to play the numbers game for their resume. When asked why they did something or to change it, they just act as a middleman for the robot and show no understanding or initiative.
So I can understand how it's become a turnoff for some people. I used to think it was a dumb rule until a project I work on started being spammed with said junk PRs
It's one thing if you're using AI to create code in a corporate context. Not my issue when some GPL code gets AI-laundered into production code and it eventually crops up. That's for legal, the C level and whatever AI provider's indemnification to sort out. Not my circus, not my monkeys.
But for personal projects? Ain't no way AI touches that stuff, ever. I simply don't want to deal with even the potential risk of getting expensive nastygrams from lawyers.
Ugh
The problem is, someone has to review it (lest you end up like Amazon, offing parts of AWS and once the main storefront due to vibeslop ending up in production).
And I personally hate reviewing AI code with a passion. With a junior, easy, I can guide and teach them - and hopefully next time, they'll have improved. That's what I'm there for. But with AI? No matter if it's me using an AI or reviewing an MR created with AI assistance by a colleague - I can be pretty sure that next round I'll get exactly the same issues again because, by definition, AI agents are inference, not training, and thus incapable of improving unless the overlords want it to.
On top of that, if not very carefully guided, AI tends to create the ultimate sloppypasta - thousands of lines of code in a single file, completely impossible even for an ADHD brain to understand what is going on. But when you go and write an AGENTS.md or carefully engineer prompts... at that level of effort, you could just do it yourself.
If someone remembers what it was actually, that would really bring back memories
https://www.irchelp.org/clients/unix/bitchx.html
I use the ai as a tool, it helps me as an adhd autistic person to get things done. I still care about quality as much as before!!!
I’m so tired of bad actors fucking things up for the rest of us who do things right.
If Git commits formally had a co-authored header, it would go there. As it stands, there is one author and one committer. If something was pair programmed, whether with a human or machine, you need a commit message trailer if you want to show that. Commit message trailers are a formal mechanism in git, supported by tooling; there are git commands to add and remove them.
Totally agree about "sent from my fartphone", of course.
Disclosing things in the pull request is not enough; pull requests get lost in the sands of time. Years down the road, all that some downstream consumer has is the git history, not any CI-related metadata.
The laws will likely change in the US thanks to lobby, and maybe even change in Europe, too, where they may compromise about it to "not be left behind" and will present them under "Digital Sovereignty" umbrella.
Overall, this "Co-Authored" bit is yet another Trojan horse.
https://sites.usc.edu/iptls/2025/02/04/ai-copyright-and-the-...
I think this is very poor advice. Knowing who/what changed the code is often crucial for understanding why it changed.
> Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Last time I checked nobody was adding anything to my commits. Did I miss something?
So annoying. Just stop, Anthropic, please. And pay attention to the request to stop, instead of silently turning it back on again all the time.
Latest thing was linking to the Claude session that generated some of the PR. Put in somewhere that a commit had LLM assistance, fine, but don't spam everybody please, ESPECIALLY in all the icons all over the GitHub interface. Sheesh.
It's already obvious that it's coming from an LLM because it's been overdocumented with excessive prose, and the code is overly verbose.
It's very useful if it says AI/LLM was used, then I know that there may not actually be a reason for the choice in the commit, so per Chesterton's fence I can then tear down that fence.
Now, do I need to know which brand of LLM? No. And fair enough, I'll stop being specific.
[1] https://docs.kernel.org/process/coding-assistants.html
[2] https://github.com/NixOS/nixpkgs/commit/d18b8f3238abdb2cd878...
Personally, I prefer Assisted-By. Co-Authored-By implies a level of respect and self-direction I don't think LLM's deserve.
[1] https://en.wikipedia.org/wiki/Van_Halen_test
they know things like your git author line, your github handle, and the exact codebase you were working on
the general shape of commits
even if you change extensively, they will probably be able to match this with claude code sessions
sure the atribution at the end of commits is a signal, but I doubt it's much valuable
if anything it's more valuable to anthropic competitors, that don't have claude code session data to match to open source contributors, and will have to guess if any given code is AI generated, and by how much
99% of people don't edit the commits by hand, they review and then tell Claude how to edit the commits (or leave a PR comment it reads), that's far easier to ingest than the tiny exhaust of manual edits.
co-authorship implies ability to hold author rights, which afaik an algorithm can't do.
are folks adding speakeasy/stainless co-authorship lines to their commits? should i add alembic as a co-author after making some changes to the database schema?
I agree. It's both an ad and a useful signal of where the code came from or how it was created.
Just like the default iPhone email signature, it's an ad and a hint that the author was typing with their thumbs, so it's probably a brief auto-corrected message for that reason.
Which for my repositories means I want ~95% less of it in my commit history. I'm prepared to round up for simplicity. But to each their own.
Also, if I publish something online, you don't get to tell me what I can and can't put there (except for reasonable exemptions for hate speech and such, of course). If you don't like repos that tag their slop, go read someone else's code. Feel free to write a filter in your adblocker for the dozen AI tools you usually find.