AI policy

[oskardotglobal]

Sadly, AI is a thing we can no longer ignore now. But aside from slop machines like the recently unveiled Sora LLMs can sometimes be useful when working with code. I think we should get our ideas straight about this so we can make a policy to act after in the future.

So, I'm just gonna start with some of my ideas:

• We should disallow any sort of AI art, whether it's icons or anything else. We do have an icon for WinApps, but I'd rather have no icon than something that's AI.
• Use of "coding" tools shouldn't be disallowed, but somewhat regulated. For example, "vibe coding" entire PRs should be a no-go, but using it as a tool where you as the human write the majority of the code is okay.
• AI generating minor things like commit messages or using it as a spell checker should be okay (as long as you check the work)

A thing I'd like to discuss further specifically is the use of AI review tooling like https://www.coderabbit.ai/. You have probably seen this all over Github by now, generating titles and entire PR bodies for newly created pull requests. While this is too intrusive for my taste by default, it can be configured to only review or even only review when asked too, as you can see in #308. Currently, I've taken the liberty to set it up on this repository, so any pull request can get this kind of review by commenting @coderabbitai review

What do you think?

(cc @LDprg @KernelGhost @AkechiShiro @eylenburg)

[KernelGhost]

@oskardotglobal My thoughts largely mirror yours, these are all sensible suggestions.

[LDprg]

I agree, to all points.

We should definitely formalise this as part of the contribution guidelines (or new ai guidelines).

Form time to time we should check whether Coderabbit is still safe to use (it seems fine for now). Ai industry is full of broken promises and security flaws (I have seen exploits to gain repo access from similar ais).

[oskardotglobal]

Yes, I think the contribution guidelines are the right place to start; maybe we can another project‘s guidelines we can base ours on?

[AkechiShiro]

I agree as well with this and your statement @oskardotglobal

We definitely need clear guidelines, I suggest we look at what the curl project has and other big project and then take what we think is relevant from them.

[oskardotglobal]

I‘ve gone ahead and created a draft PR, please share your thoughts once you can