Open-Source-Software bildet heute das Fundament großer Teile der digitalen Infrastruktur – in Verwaltung, Wirtschaft, Forschung und im täglichen Leben. Selbst im aktuellen Koalitionsvertrag der Bundesregierung wird Open-Source-Software als elementarer Baustein zur Erreichung digitaler Souveränität genannt. Dennoch wird die Arbeit, die tausende Freiwillige dafür leisten, in Deutschland steuer- und förderrechtlich nicht als Ehrenamt anerkannt. Dieses Ungleichgewicht zwischen gesellschaftlicher Bed
a git history is easily fabricated. you can freely edit it, remove entries or write into it whatever you want, including impersonating other users and fabricating datetime
While true, a git history is also easily protected against fabrication. Require cryptographically signed commits and prevent contributors from force-pushing to the public repo and you should be good.
I mean, if you try to “scam” the gov, you can clone some codeberg repo to github, rename it, rewrite history to make the commits look like you did everything and then tell the gov “look at how much work I volunteered”. At least in germany, there are currently not enough public workers so many little things go unchecked.
Ah I see, yeah I guess something like that would be possible. On the other hand it would be trivial to prove this happened even in the future as long as the government keeps a unedited copy of this repo.
A Git history would be quite an easy way to show that you are doing something regularly.
Sadly these days people can just tell some LLM to make changes and waste everyone’s time, on top of being fraud in this case
There’s a million easier ways to claim the German unemployment money than that
Which would lead to them being excluded from the project in a short time, I’d wager.
I’m a bit sceptical, especially of governments lagging behind these things. I’m hopeful that this will solve itself or be solved soon though.
Open source orgs are usually NGO, and the big ones will spit garbage pretty quickly.
I don’t think the government has much to do here. It’s not like if other organizations would have an influence from the government’s side.
a git history is easily fabricated. you can freely edit it, remove entries or write into it whatever you want, including impersonating other users and fabricating datetime
https://github.com/Amog-OS/AmogOS/commit/4f503a0
While true, a git history is also easily protected against fabrication. Require cryptographically signed commits and prevent contributors from force-pushing to the public repo and you should be good.
I mean, if you try to “scam” the gov, you can clone some codeberg repo to github, rename it, rewrite history to make the commits look like you did everything and then tell the gov “look at how much work I volunteered”. At least in germany, there are currently not enough public workers so many little things go unchecked.
Ah I see, yeah I guess something like that would be possible. On the other hand it would be trivial to prove this happened even in the future as long as the government keeps a unedited copy of this repo.