Cyber Resilience Act Poses Risk to Open Source Projects

By

Learn how the proposed law could impact projects such as Python.

The Python Software Foundation (PSF) has issued a statement warning of potential impact of the proposed Cyber Resilience Act (CRA) on open source communities, reports FOSSlife. The PSF has “found issues that put the mission of our organization and the health of the open-source software community at risk,” says Deb Nicholson, Executive Director of the PSF.

Nicholson writes: Under the current language, the PSF could potentially be financially liable for any product that includes Python code, while never having received any monetary gain from any of these products. The risk of huge potential costs would make it impossible in practice for us to continue to provide Python and PyPI to the European public.

The Eclipse Foundation and NLnet Labs have also issued statements warning of the effects that the CRA could have on global open source projects.

Read more at FOSSlife.

 
 

 
 

04/20/2023

Related content

  • OpenSSF Offers Free Course to Help Navigate EU Cyber Resilience Act
    more »
  • Security Recommendations from Cyber Safety Review Board
    more »
  • Lead Image © Tjefferson, Fotolia.com
    Security and automation with SBOMs
    Already mandatory in the United States and recently approved in Europe thanks to new legislation, a software bill of materials provides information about software components, enabling IT managers to respond better to attacks and vulnerabilities.
    more »
  • News for Admins
    In the news: IBM and AMD Partner on Quantum-Centric Supercomputing Initiative; Python Documentary; NVIDIA Announces Spectrum-XGS Ethernet; Rackspace Adds AI Security Engine to Its Cyber Defense Center; Microsoft Contributes DocumentDB to the Linux Foundation; OCCTET Project Created to Simplify CRA Compliance; Debian Announces Version 13 "Trixie"; CIQ Announces General Availability of Warewulf Pro; TuxCare Radar Vulnerability Scanner; CISA Releases Thorium for Automated Malware Analysis; Stack Overflow Survey: 66% of Developers Frustrated by AI Inaccuracy; and Intel Shuts Down Clear Linux OS.
    more »
  • News for Admins
    In the news: US Agencies Issue Quantum-Readiness Recommendations; Bitwarden Secrets Manager; IBM X-Force Releases Detection and Response Framework for Managed File Transfers; National Strategy to Expand US Cyber Workforce; SEC Adopts New Rules for Disclosure of Cybersecurity Incidents; Canonical Announces Real-Time Ubuntu for Intel Core; EU-US Data Privacy Framework Ensures Safe Data Transfers; IEEE Releases New Standard for LiFi Communications; EU Health Sector Security Risks; and JupyterLab 4.0.
    more »
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=