zlacker

[return to "Debian Statement on the Cyber Resilience Act"]
1. candid+Eo[view] [source] 2023-12-28 00:23:55
>>diyftw+(OP)
What about the CRA is so bad? The requirements seem like common sense. Can anyone point out something specific that seems overly onourous? Debian couldn't...

Our industry desperately needs better regulations, IMO.

◧◩
2. ManBea+jq[view] [source] 2023-12-28 00:39:37
>>candid+Eo
Big parts of the legislation are good and long overdue. The big problem is that this effectively also includes many free/open-source software projects, as the definition for what constitutes "commercial" or "commercial-grade" is very broad. You host a FOSS library on Github that can/is used by others? Congrats, you now have to fulfil all requirements. Look for "Update on the European Cyber Resilience Act" by the Eclipse Foundation on YouTube for infos.
◧◩◪
3. shadow+ru[view] [source] 2023-12-28 01:20:57
>>ManBea+jq
But if they don't include free/OSS projects, then commercial companies sponsoring FLOSS is an obvious way to launder liability, is it not?
[go to top]