Cyber Resilience Act Poses Risk to Open Source Projects

By

Learn how the proposed law could impact projects such as Python.

The Python Software Foundation (PSF) has issued a statement warning of potential impact of the proposed Cyber Resilience Act (CRA) on open source communities, reports FOSSlife. The PSF has “found issues that put the mission of our organization and the health of the open-source software community at risk,” says Deb Nicholson, Executive Director of the PSF.

Nicholson writes: Under the current language, the PSF could potentially be financially liable for any product that includes Python code, while never having received any monetary gain from any of these products. The risk of huge potential costs would make it impossible in practice for us to continue to provide Python and PyPI to the European public.

The Eclipse Foundation and NLnet Labs have also issued statements warning of the effects that the CRA could have on global open source projects.

Read more at FOSSlife.

 
 

 
 

04/20/2023

Related content

  • Security Recommendations from Cyber Safety Review Board
    more »
  • News for Admins
    In the news: US Agencies Issue Quantum-Readiness Recommendations; Bitwarden Secrets Manager; IBM X-Force Releases Detection and Response Framework for Managed File Transfers; National Strategy to Expand US Cyber Workforce; SEC Adopts New Rules for Disclosure of Cybersecurity Incidents; Canonical Announces Real-Time Ubuntu for Intel Core; EU-US Data Privacy Framework Ensures Safe Data Transfers; IEEE Releases New Standard for LiFi Communications; EU Health Sector Security Risks; and JupyterLab 4.0.
    more »
  • US Agencies Issue Quantum-Readiness Recommendations
    more »
  • News for Admins
    The JUPITER supercomputer is set to become the first European exascale computing system, according to a recent agreement...
    more »
  • News for Admins
    OpenSSL has issued an advisory (https://www.openssl.org/news/secadv/20221101.txt) relating to two vulnerabilities (CVE-2022-3602 and CVE-2022-3786), which affect OpenSSL version 3.0.0.
    more »
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=