98
Will the cyber resilience act kill open source ?
(en.m.wikipedia.org)
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Community icon from opensource.org, but we are not affiliated with them.
For all the people not reading the actual law, this is the actual language of the proposal:
IMO the problem OP mentions does not really exist. You can work for a corp while working on the product, your FOSS project can take donations even from corps, the only thing you can't do is monetize your FOSS product without caring for security.
Nick from The Linux Experiment youtube channel made a video recently talking about that, for him and for me it's clear that this quote:
means that any open source that gets any work from paid personnel from a company interested in the project in any commercial activity is covered by the regulation.
Here is the timestamp of his argument, I'm not from EU so I have no idea how this kind of idea could be implemented, but the text seems clear to me and seems bad.
If that is the case projects would be obligated to reject contributions from any companies.
Here is an alternative Piped link(s): https://piped.video/QK0rmOuzSVM?t=87
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source, check me out at GitHub.
The law also keeps it vague enough , that it says employed individual , so they could be waiting tables and this will still apply !!
Please add a link to the source in your comment
This is the actual proposal, it's available in all EU official languages on the EU's website. https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52022PC0454