←back to thread

The Deletion of Docker.io/Bitnami

(community.broadcom.com)
329 points zdkaster | 1 comments | 28 Aug 25 04:37 UTC | HN request time: 0.393s | source
Show context
niemandhier ◴[28 Aug 25 07:29 UTC] No.45049453[source]
In the end, they have to do it because of the CSR, and they can do it because of the CSR.

The European Union Cyber Residence Act has the potential to drastically change the open source ecosystem.

The new regulation pushes the due diligence for security according to the Act towards any entity making a commercial offer based on open source software.

Caveat emptor!

For any enterprise, that means that they either do extensive documentation and security on open source components they use or they use foundation or enterprise-backed products.

Note that pure uncommercial open source projects are exempt from the Act.

I see this as a chance; we can still create open and free software, and those of us who desire financial compensation from those who make money with their work can offer as a necessary compliance framework as a service via a different entity.

replies(2): >>45049966 #>>45050011 #
1. sofixa ◴[28 Aug 25 08:56 UTC] No.45049966[source]
I don't agree, they have to do all the CSR due diligence for the commercial offerings based on those open source projects, so there is no difference. The effort has to be done regardless if there's part of it that is open source and free, or not.