It's not about license. It's about stolen valor.
TrueBlame is a community network that tracks open-source code misappropriation. This is not a compliance scanner and certainly not a legal tool. Instead, this serves as a public registry of individuals who fork projects and then scrub or otherwise misrepresent attribution of the original work.
The Legal Problem
Technically, many open-source licenses allow anyone to fork a project, change the name, and use it however they please. That's fine, because that's what the legal system is for. This is for the social system, the one that's attached to how the developer community actually works.
The Social Crisis
The open-source community runs on reputation. When someone forks a library, erases its history, and launches it on HackerNews as their "ground-up rewrite" to solicit GitHub Sponsors, that is stolen valor. They are hijacking the social currency that the original maintainers worked to create.
The Playbook
The bad actors in our registry don't need to be creative about it. They execute a highly predictable, systematic exploit of the open-source social contract:
01. The Attribution Scrub
They erase the project's history and the log of every person who contributed code, and replace it with a clean slate that makes it look like they built the whole thing. They slap on their own license and move on.
02. The Clout Farm
They actively market the stolen code on sites like Reddit, X, and ProductHunt. They use the performance and stability of the original code to sell paid support, boost their resume, or build a following.
03. The Paywall Pivot
They put the stolen code behind a pricing page, a "Pro" tier, or a closed-source download, monetizing years of unpaid open-source labor as if the business model itself is the innovation.
04. The Rebrand
They rename the project, change the logo, rewrite the description, and rearrange just enough of the surface to make it look like their own. The code underneath is identical—but the packaging tells a different story.
Protect the Commons.
Add an open-source bad actor today, and help maintain the spirit of open-source.
Report a bad actor