TFA is just a bunch of FUD. Non-commercial open source developers will be liable for nothing, and commercial software developers will be liable, and that liability will include their use of external open source, so what? Pretty much every bit of commercial software uses some external open source, and so what, using external open source does mean that one has to be able to deal with issues arising from that use. For example, even w/o liability if there's some bug in some external open source library that you use, you may have to spend time chasing it down and upgrading or contributing a fix, or locally patching the issue, etc. -- you used that external open source because it saved you time and money (but I repeat myself) and you took on
some liability even before any jurisdictions might force you to take on even more liability. That's just normal. The calculus will almost certainly still be that using external open source is better and cheaper than writing your own bloat in-house, but you might need to do a bit more due diligence in picking better, safer external open source.
https://www.europarl.europa.eu/news/de/press-room/20231205IP...