policy

Policy makers in both the US and the EU are currently debating several efforts to improve the security of digital infrastructure, including broad new regulations such as SOSSA and the CRA. In light of high profile recent events, we are all aware that open source software is a critical part of software infrastructure as a whole. Security issues related to popular open source projects are in the news and in policy conversations. As open source professionals, we hope that policy makers carefully consider the distinction between open source projects and products.