compliance

What the EU’s new software legislation means for developers

Tuesday, December 10, 2024 - 17:58 by Juan Rico

The EU Cyber Resilience Act will introduce new cybersecurity requirements for software released in the EU. Learn what it means for your open source projects and what GitHub is doing to ensure the law will be a net win for open source maintainers.

Three years from today all obligations of the EU Cyber Resilience Act (CRA) will be fully applicable, with vulnerability reporting obligations applying already from September 2026. By that time, the CRA—from idea to implementation—will have been high on GitHub’s developer policy agenda for nearly six years.

Image for
<span>What the EU’s new software legislation means for developers</span>
News item.

ORC WG Workshop

Read more about ORC WG Workshop

Come join the Eclipse Foundation’s newly formed Open Regulatory Compliance Working Group for its first in-person meeting focused on the implementation of the EU Cyber Resilience Act (CRA). This hands-on workshop will address different topics throughout the day with sessions specifically focused on vulnerability management, the CRA’s attestation program and its potential to help make open source more sustainable, and the collaboration with the NSBs and ESOs on the development of the harmonized standards.

The EU Cyber Resilience Act is Here! Now What?

Read more about The EU Cyber Resilience Act is Here! Now What?

The publication of the EU Cyber Resilience Act (CRA) in the Official Journal of the European Union on November 20, 2024, has started a three year race for compliance for the global tech industry and the open source community. Join us to better understand how this upcoming legislation will impact you, how the Eclipse Foundation’s Open Regulatory Compliance Working Group (ORC WG) is collaborating with open source foundations, maintainers, SMEs, and industry to address this challenge, and how you too can get involved.

FOSS Backstage 2024

Read more about FOSS Backstage 2024

What makes an open source project flourish? We want to encourage more discourse about the non-coding aspects of successful open source projects. Join us to learn more about what goes on behind the stages of Free and Open Source Software!

FOSS Backstage 2023

Read more about FOSS Backstage 2023

The two day conference is dedicated to everything related to FOSS governance and open collaboration. The fifth edition of FOSS Backstage will take place as a hybrid conference both online and in Berlin at our venue TUECHTIG. Talk will be streamed live and virtual attendees will be able to ask speakers questions.

Subscribe to compliance