EU CRA (Cyber Resilience Act)
EU CRA (Cyber Resilience Act)
Posted Jan 3, 2026 10:04 UTC (Sat) by lynxlynxlynx (guest, #90121)In reply to: EU CRA (Cyber Resilience Act) by hailfinger
Parent article: Kroah-Hartman: Linux kernel security work
Yes and no. Consider the definition of a steward:
> (14) ‘open-source software steward’ means a legal person, other than a manufacturer, that has the purpose or objective of systematically providing support on a sustained basis for the development of specific products with digital elements, qualifying as free and open-source software and intended for commercial activities, and that ensures the viability of those products;
It's a long list of conditions that all have to be true for the article to come into play. For the vast majority of small projects using stewards to just host their secrets, a donation account and similar, the criteria won't be met.