zlacker

[return to "Debian Statement on the Cyber Resilience Act"]
1. candid+Eo[view] [source] 2023-12-28 00:23:55
>>diyftw+(OP)
What about the CRA is so bad? The requirements seem like common sense. Can anyone point out something specific that seems overly onourous? Debian couldn't...

Our industry desperately needs better regulations, IMO.

◧◩
2. ManBea+jq[view] [source] 2023-12-28 00:39:37
>>candid+Eo
Big parts of the legislation are good and long overdue. The big problem is that this effectively also includes many free/open-source software projects, as the definition for what constitutes "commercial" or "commercial-grade" is very broad. You host a FOSS library on Github that can/is used by others? Congrats, you now have to fulfil all requirements. Look for "Update on the European Cyber Resilience Act" by the Eclipse Foundation on YouTube for infos.
◧◩◪
3. jahav+iu[view] [source] 2023-12-28 01:19:46
>>ManBea+jq
There is some hope for individual developers in EP amended version https://www.europarl.europa.eu/meetdocs/2014_2019/plmrep/COM... article 10c: > Developers contributing individually to free and open-source projects should not be subject to obligations pursuant to this Regulation.

Actually it’s an improved version. Hopefully it will make it through consolidation with EC version.

[go to top]