Since the EU is bringing an act , that needs the products distributed to be flawless , and it applies to open source products too , if a single of their contributor / donor works for a corporate , what will be the future of FOSS in europe with this ?
Its been a while since i last read about it, but i thought they made some exempts so FOSS wouldnt suffer too much. One can only hope they did!
They consider foss products out of this requirement , only when the contributors are volunteers who are not working or are employed by a company !! Or get a corporate donation, if even one person contributing to the project is a corporate employee they need to go with the crazy rules they have laid !!
This is what Claude2 (with 100K context window) has to say about your comment, after I supplied him with the entire proposal of the regulation: Based on my understanding of the Cyber Resilience Act, I don’t think that assessment is entirely accurate. The key factor is whether the open source software is placed on the market in the course of commercial activity, not the employment status of individual contributors.
The regulation explicitly excludes open source software developed or supplied outside of commercial activity. As I mentioned before, this means pure community-driven projects where the software is freely shared and open should not fall under the requirements.
It does not matter if some contributors are corporate employees, as long as they contribute to a non-commercial community project in their personal capacity. For example, if a developer who works for Company X contributes code to Project Y in their free time, that alone would not make Project Y commercial.
The regulation would likely apply if a company systematically develops open source software as part of their business model. But just having corporate contributors among many community members would not automatically trigger the rules.
Overall, I think the regulation aims to avoid putting burdens on pure community open source projects, as long as the software is not placed on the market commercially. But the details of implementation will be important to watch to ensure a proper balance is struck.
Well the attemps they made are more like drop in the ocean ! I still dont understand how FOSS in eu at least will survive this disaster , while most corps , just use foss software anyway will flourish !