We had a bad merge last month. The change was generated by a model from a one-line prompt, the engineer skimmed it, it looked reasonable, the reviewer approved it in the usual two minutes, and it shipped a wrong filter that quietly dropped a slice of rows from a report finance actually used. Nobody could honestly say they had read the logic. The engineer trusted the model, the reviewer trusted the engineer, and the model does not get added to a postmortem.
The clean answer is that nothing changed. The person who merged it owns it, the reviewer who approved it shares it, and the tool is just a faster keyboard. I mostly believe this. Accountability should sit with the humans who had the authority to stop it, and "the AI did it" is exactly the diffusion of responsibility that lets a real failure have no owner.
Here is where I get stuck. The review process we kept was designed around an assumption that is now false. Code review evolved to catch the mistakes a human author makes, the typos, the off-by-one, the misunderstanding of the ticket, and it worked partly because reading someone's code told you how they were thinking, so you could spot where the thinking went wrong. A model's diff has no thinking to read. It is fluent, plausible, and uniformly confident whether it is right or catastrophically wrong, which strips out the main signal a reviewer used to triage where to look hard. We are running a human-author ritual against non-human output and calling the green checkmark accountability.
So the question is sharper than "who is liable." It is whether the answer "the approver owns it" is fair when the thing we ask the approver to do, read the diff and judge the author's reasoning, no longer maps to what is in front of them. If you tell me the reviewer owns a confidently-wrong model diff exactly as they would own a human's, you are also telling me review has to become something heavier than reading, because reading a fluent diff teaches you almost nothing about whether it is correct.
Where I currently land: ownership stays with the humans, but pretending the old review process still discharges that ownership is the dangerous part. Either the approver actually re-derives the logic, which is slower than writing it themselves and defeats the point, or we admit the checkmark now means "looked plausible" and stop treating it as a correctness gate. What I cannot resolve is which of those two we are actually choosing, because every team I know is quietly choosing the second while still talking like it is the first. Tell me where you draw the line.