> The dependabot looks interesting, cli has more possibilities than a pure
> button on GUI.
> >> does anyone enabled it
> I am all the ear how it can be enabled.
> On Fri, Oct 18, 2019 at 3:32 PM Enrico Olivelli <[hidden email]>
> > Hey guys,
> > Did you see dependabot on our repos?
> > Like this automatic PR
> https://github.com/apache/maven-plugins/pull/147#pullrequestreview-303889692 > >
> > I feel this is very useful, but... does anyone enabled it?
> > Do we have to set a policy, this suggestions are security related fixes,
> > could give them some kind of high priority?
> > Enrico
On Sat, Oct 19, 2019 at 8:51 PM Enrico Olivelli <[hidden email]> wrote:
> I see value in it.
> But from a legal point of view....there is no human who sends the PR, so in
> theory we cannot accept such patches, can we?
I'm not a lawyer, nor a scientist, but this paper sounds like a
compelling read on this subject:
The conclusion of the paper itself is 3 pages (no paragraphs, so it
might be written by an AI ;-).
- Dutch (and international) copyright law don't require a copyright
holder to be human
- so the work itself needs to be evaluated, two criteria that factor
into this; requirement of reflecting an original expression and the
carrying of a personal imprint
- original expression is feasible for AIs (according to author)
The author lost me at the reasoning for "personal imprint".
On Tue, Oct 29, 2019 at 11:18 AM Paul Hammant <[hidden email]> wrote:
> Summary ?