CRA

The “Open Source Stewards and the Cyber Resilience Act” white paper explores a new role introduced by the EU Cyber Resilience Act (CRA): the open source steward. This is a newly introduced actor that doesn’t fit neatly into the existing categories of manufacturers or distributors but still carries specific obligations...

Last month we teamed up with GitHub to host “ The Cyber Resilience Act and Open Source: What Maintainers Really Need to Know .” The one-hour panel zeroed in on the top worries we hear from open source project maintainers and contributors. Below is a recap—and, more importantly, where you’ll...

We’re pleased to share that we’ve moved from planning to execution. The Cyber Resilience SIG’s deliverables plan has been expanded with clear, actionable projects, which will each be supported by a dedicated task force. This marks a significant milestone in our collective efforts to operationalise our goals. We invite all...

On 27 May, Open Regulatory Compliance (ORC) is hosting a panel in support of Maintainer Month with GitHub, a month dedicated for open source maintainers to gather, share, and be celebrated. Daniel Stenberg is one of the speakers in the ORC’s panel, “ The Cyber Resilience Act and Open Source...

On 27 May, Open Regulatory Compliance is hosting a panel, “ The Cyber Resilience Act and Open Source: What Maintainers Really Need to Know ,” which will be live-streamed by GitHub as part of Maintainer Month. Maintainer Month is a month dedicated for open source maintainers to gather and share...

The working group for open source regulatory compliance and CRA implementation for the open source community.

The working group for open source regulatory compliance

Today marks an important milestone for the open source community. As open source software continues to drive innovation across industries, ensuring its relevance and compliance with emerging regulations has never been more critical.  To address these challenges, the Eclipse Foundation is proud to announce the formal launch of the Open...

tl;dr – Apache Software Foundation, Blender Foundation, OpenSSL Software Foundation, PHP Foundation, Python Software Foundation, Rust Foundation, and Eclipse Foundation are jointly announcing our intention to collaborate on the establishment of common specifications for secure software development based on existing open source best practices. In an effort to meet the...

Europe has proposed new legislation intended to improve the state of cybersecurity for software and hardware products made available in Europe. The Cyber Resilience Act (“CRA”) will mandate that all manufacturers take security into account across both their development processes and the lifecycle of their products once in the hands...