The open-source ecosystem is converging on a hard question: when a commit is written with AI assistance, how do we know — and how do we enforce the disclosure policy?

Python's discourse, Linux kernel's Assisted-by trailer, Fedora's AI policy, Apache's disclosure guidelines — every major project is grappling with this. But until now, there has been no tool at the CI level to enforce whatever policy a project chooses.

Commit Check v2.11.0 introduces AI Attribution Governance — a new feature that detects known AI tool signatures in commit messages and lets projects decide whether to forbid them outright. To our knowledge, no existing tool enforces this kind of policy at the CI level.

The industry need

The conversation around AI disclosure is no longer theoretical: