pull down to refresh

The recently finalized EU "Cyber Resilience Act" (CRA), set for approval in early 2024, introduces stringent security certifications and reporting mandates for manufacturers and importers of “products with digital elements” (PDEs). Notably, the legislation encompasses open source “developers” and “output,” potentially holding volunteers legally liable for security flaws in codebases used across various software products.
This move marks a paradigm shift, as even contributors to open source projects may now face fines up to €15 million or 2.5% of global turnover for security defects. The implications for the open source community are profound, demanding a closer look at legal protections and potential repercussions.
People gonna go anon and use btc then, EU, which will mean missing out on any value from that work. Policy like this astounds me, ngmi as fk
reply
Developers should all go anonymous so nobody can be held liable.
reply