Legally liable for what? Just being bad code? How are you going to enforce that against some kid in another country?

Real “these kids would be very upset if they could read” situation. Who bothers to pick through the whole EULA before submitting?

Like any open source mass contribution project that’s gained too much popularity, you need extra firebreaks in between the Open Submission and Final Product.

That means adding manpower to submission review, QA, etc, which public projects don’t often have.

Sort of the Achilles Heel of the open source community. AI is just making the vulnerability extra glaring.

That would be a closing a gate after the horses have escaped situation.

Letting unverifiable code in would damage to developers and users that wouldn’t be easy to disentangle and erode trust in the product, killing it.

It’s time to start putting maintainers’ attention behind a paywall. $50 refundable deposit to submit a PR, forfeited if it’s obvious AI slop