bert hubert πŸ‡ΊπŸ‡¦πŸ‡ͺπŸ‡ΊπŸ‡ΊπŸ‡¦Dec 30, 2023
New post! The EU Cyber Resilience Act is now (almost) final, but what does it ACTUALLY mean for open source? It is mostly good news, and there are real opportunities to use the #CRA to our advantage: https://berthub.eu/articles/posts/eu-cra-what-does-it-mean-for-open-source/
EU CRA: What does it mean for open source? - Bert Hubert's writings

The final compromise text of the EU Cyber Resilience Act is now officially available, and various open source voices are currently opining on it. This is a complex act and other parts of the open source world (like the Eclipse Foundation and NLNet Labs) have been hard at work to advocate with the EU and member states to get a CRA that is good for open source. I’ve also been highly critical.

Bert Hubert's writings
Show threadAlexandre NetoDec 31, 2023
@bert_hubert What would you think are the implications for individuals/ companies which services are providing implementation, support, training for open source software usage? Or even plugins or core implementations development?
Show threadbert hubert πŸ‡ΊπŸ‡¦πŸ‡ͺπŸ‡ΊπŸ‡ΊπŸ‡¦Dec 31, 2023
@alexnetogeo if the open source software they support is not theirs, the CRA has no handle on them. If you contribute to an open source project you are "not responsible for", the CRA also has no handle on you. If you however publish the module yourself AND sell support on it for profit (and not to recoup support costs), then the CRA might apply to you and your module. Might.
Show threadAlexandre Neto
@bert_hubert thanks!
Dec 31, 2023 at 3:32pmWeb