VS Code Update Added Copilot As Default Co-Author To Git Commits (heise.de) 62
Longtime Slashdot reader UnknowingFool writes: On April 15, 2026, a Microsoft employee made a change to Visual Studio Code and pushed it within 8 hours without review, notification, or documentation. The change added "Co-authored-by: Copilot" by default to the end of commit messages in Git when Copilot was used in creating the code. However, the implementation was bugged, and the message was added to every commit regardless if Copilot was used or disabled. Since this message was automatically added to the end of commit messages, users were not aware of it as the UI does not show this addition when making commits. The change as been reverted as of May 3, but not before 1.4 million commits were made. Unfortunately, those messages cannot be cleansed and are permanent.
Isn't this fraud? (Score:1)
Re: (Score:1, Insightful)
Re: (Score:2)
An alternative explanation would be that Copilot itself was responsible.
Re: (Score:3)
An alternative explanation would be that Copilot itself was responsible.
Maybe it's bucking for a promotion to Pilot.
Re: (Score:2)
You mean Hanlon's Razor
Re: (Score:2)
Re: (Score:2)
"Hey, what's the big deal? We used to append 'P.S. I love you. Get your free email at Hotmail' to every outgoing email way back in the day, and no one ever had a problem with that..."
Re: (Score:3)
See the difference?
Mostly AI generated is not copyrightable .... (Score:1)
The "big deal" is that the Hotmail footer wasn't claiming authorship of a creative work. The addition to the commit comment is. See the difference?
In the USA "works created by AI without meaningful human creative involvement cannot be protected" [Google]
"meaningful human creative involvement" could be a godsend for lawyers. As in "there is no copyright infringement here as the code in question was mainly written by AI. Combined with "innocent until proven guilty", the copyright holder has the obligation to show the code was created with "meaningful human creative involvement"?
Personally, I don't think "generate code that implements [whatever]" w
Re: (Score:3)
Fraud for commercial gain. Microsoft is getting advertising and exposure for their product. That exposure surely would cost tens of thousands of dollars if you were to pay the developers to add that line. I seriously doubt an employee did this on their own "without review, notification, or documentation." I think jail time for corporate employees doing shit like this should be a last resort but at this point I don't really see any other good options.
I think jail time should be reserved for the marketing fuckwad that publishes a press release in a few months claiming every one of those commits as proof that Copilot has one the AI code wars.
Re: Isn't this fraud? (Score:4, Insightful)
It's even worse. LLM generated code can't be copyrighted.
Re: (Score:2)
Re: Isn't this fraud? (Score:2)
Which is a bit crazy since the llm probably trained on the open source code to begin with
Re: Isn't this fraud? (Score:2)
"US Copyright Office has recently decided that AI cannot be an author of a creative work"
https://www.copyright.gov/ai/ [copyright.gov]
Re: (Score:2)
"US Copyright Office has recently decided that AI cannot be an author of a creative work"
https://www.copyright.gov/ai/ [copyright.gov]
So if AI is a "co-author", but can't be an author, that just leaves the human as the sole author.
Re:Isn't this fraud? (Score:4, Interesting)
I think jail time for corporate employees doing shit like this should be a last resort but at this point I don't really see any other good options.
Let them go free, but jail literally everyone above them on the org chart.
I actually propose that every executive salary be capped at a percentage of the sum of their direct reports, and that they share responsibility for any act they take.
Re: (Score:3)
I actually propose that every executive salary be capped at a percentage of the sum of their direct reports, and that they share responsibility for any act they take.
Have you heard of the Wheat and Chessboard problem? https://en.wikipedia.org/wiki/... [wikipedia.org] Humans are bad judges of numbers, but let's run with it for a second. What's reasonable? 120% cap?
I make $50k as a programmer. There are 5 people in my team.
Our team leader's salary is now capped at $300k. There are 3 product teams in the department.
Our VP leader's salary is now capped at $1.08million. There's 3 departments under the Chief Product Officer.
Our CPO now makes $3.888million. A typical enterprise has 15 C-suite
Re: (Score:2)
Have you heard of the Wheat and Chessboard problem? https://en.wikipedia.org/wiki/ [wikipedia.org]... Humans are bad judges of numbers, but let's run with it for a second. What's reasonable? 120% cap?
That's a good question, and I suspect it could be argued over all day; I don't have a proposed cap as I've put no thought into what the exact number should be. My proposal is long on support for personal responsibility but short on details, sorry.
Short of a fixed cap you literally can't make a rule that won't somehow be worked around.
In order to keep my proposal compatible with capitalism I haven't proposed a fixed cap, just that in order to have a higher salary you must also take on more responsibility.
Re: (Score:1)
Microsoft is above the law, as they've proven countless times already.
Not fraud because it's consensual; user opted in (Score:1)
People made the conscious decision to use proprietary software in spite of the FACT that they can never be sure what it's going to do. They knew, before they ever launched Copilot, that Copilot is written to serve Microsoft's interests above the user's interests, and the user decided to run it anyway. In the event of a conflict, Microsoft wins and the user can go fuck themselves.
The software is your agent. You opted in to whatever it happens to do today. You know for sure that the toy will sometimes do dumb
Re: (Score:2)
VS Code is open source, MIT licensed. It's on Github.
Re: (Score:3)
I seriously doubt an employee did this on their own "without review, notification, or documentation."
The point is there should be a normal process. There should be a review process. There should have been notification about changes. And of course such changes should have been documented. The change was approved and pushed. Later MS admitted they did not thoroughly test the ramifications while also admitting testing found issues with the change . . . yet they pushed the change anyway.
I want to be a co-author (Score:3, Insightful)
Since Copilot was trained using my code, I want to be added as co-author to all code done using Copilot. Thank you.
This is why (Score:2)
Microsoft pays its employees so well.
Just like all those other programmers people say deserve their rich salaries.
And are permanent? (Score:2)
"The change as been reverted as of May 3, but not before 1.4 million commits were made. Unfortunately, those messages cannot be cleansed and are permanent."
Nonsense. It's just ones and zeros. They can be changed. Microsoft just doesn't want to.
Re: (Score:2)
Git creates a hash to track information. Removing the comment would result in a different hash.
Re: (Score:2)
Restore the repo from backup at the filesystem level, and the hash will be valid because it was valid at the time you backed up.
Re: (Score:2)
Idiotic. Git has this built in. You can git rewrite history but all of the hashes will be different and tags wrong.
Re: (Score:1)
That is not how hashs work .... facepalm.
Re: (Score:2)
Yes, so?
You can't change a comment with a commit. You have to go back to the first change you want to make and rebuild from there. It's not that big a deal. You have to do the same thing if you, for example, accidentally commit a key, password or something else that shouldn't be in the repository.
This whole crytpo OMG it's IMMUTABLE thing is just silly.
Re: (Score:2)
This whole crytpo OMG it's IMMUTABLE thing is just silly.
The messages are immutable. The situation can be fixed. Those are two different things. Those Copilot authorship messages always be in repository for those projects.
Re: (Score:2)
No. Not unless the maintainers want them to be. They can be expunged simply by filtering out the offending text and rebuilding the tree from the first change forward. Git has tools to do just that because it happens quite a bit, although usually with sensitive files being committed and not commit messages.
It's a pain in the ass and might take a few hours for repos with lots of commits but it's not even particularly rare, never mind
Re: (Score:2)
git commit --amend -m "New commit message"
Why can't folks just run that?
Re: (Score:3)
git commit --amend -m "New commit message"
Why can't folks just run that?
My understanding is that change can easily be done before the code has been pushed. Once it is pushed, then it creates all sorts of problems downstream. A version control system would be of less value if version history could be changed later whenever someone wanted. To me it seems the easiest way would be to abandon those branches and fork new ones. That does not erase the messages but remain in a different branch thus they are permanent. The new fork would be without these Copilot authorship messages.
Re: (Score:1)
The fork still has the messages of the original commits. ...
Why would they go away just because one makes a fork or a branch?
I guess "in theory" you could make a kind of fork and forget all previous commit messages during forking
Re: (Score:2)
Re: (Score:2)
git commit --amend -m "CoPilot needs to die in a fire"
Re: (Score:1)
I had a similar problem with Claude last year. Here's people on Github discussing... in some cases it cannot be fixed without moving the data to a new repo
https://github.com/orgs/commun... [github.com]
https://github.com/orgs/commun... [github.com]
Re: (Score:2)
Re: (Score:2)
Anyone who has force push permission can make changes. Period. That's how git works.
Why am I seeing so many totally clueless posts in /. now?
Re: (Score:2)
Re: (Score:2)
You go through the tree one commit at a time, modify the message if you need to, calculate the new hash, then go on to the next commit. Or rather, git's tools do it while you have sword fights or play Diablo or whatever it is software developers do while their code is "compiling" these days.
I've never done it for a commit message, but if you accidentally commit your porn folder (or ssh key) you might want to do something like this:
git filter-repo --path path/to/your/whoopsie_file.txt --invert-paths
git push
Re: (Score:2)
The average developer these days just knows the right button in VS Code to push and has been raised on a steady diet of crypto bullshit proclaiming that hash trees are unchangeable.
Was the VS Code change (Score:2)
Co-authored-by: Copilot
Microsoft being sloppy (Score:2)
A little slop for you, and you. Oh, hey there, some slop for you too. Some slop here, some slop there. Hell, let's put slop everywhere! Slop, slop, slop, mmm... mmm... good!
I'll say it again (Score:5, Funny)
If there's one thing that comes to my mind when I think about Microsoft developers, it's quality software.
Re: (Score:3)
poor quality software?
Rewriting history? (Score:2)
I found some of them in my little hobby project. How can I remove those from my git history
Re: (Score:2)
git-filter-branch, or https://github.com/newren/git-... [github.com] I don't remember the specifics, it's been years since I needed this.
Re: (Score:2)
https://github.com/newren/git-... [github.com]
Copyright issue? (Score:2)
Wouldn't this make it difficult (Copyright office review) to impossible to Copyright any code committed with this message? AI authored content can't be copyrighted (unless the CR office deems enough human intervention was included,) so any protections would be void for that commit, regardless of license applied? This seems problematic.
"AI without meaningful human creative involvement" (Score:1)
Re: (Score:2)
Posting a commit message is not a legally binding authoring attribution and doesn't magically change things.
It's just like if I published a git tutorial site that had "coauthor: my_actual_name_here" hidden in an automation file. That would not magically give me copyright of every piece of code submitted by anyone who followed my git tutorial.
Brilliant simplicity (Score:2)
Missed opportunity! (Score:2)
I could have said some very very naughty things in a git commit and blamed copilot.
I have a colleague whos code I was *fixing* and I could have let loose...
(You can interpret naughty however you like, rude, mean, kinky, whatever.)