• Rogue@feddit.uk
    link
    fedilink
    arrow-up
    13
    ·
    4 days ago

    What a terribly written article. I got half way through and just gave up.

    • triplenadir@lemmygrad.ml
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      3 days ago

      I saw it was from Microsoft and bailed before it even loaded… the only thing those clowns know about open source is how to try (and fail) to kill it

      • logging_strict@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        3 days ago

        Listen here Stallman, pedo associate Gates is my hero!

        Thank you github for not banning me … hopefully not maybe … yet

        That big bold Thank you didn’t hurt one bit

        Try it on for a change!

      • logging_strict@lemmy.ml
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        3 days ago

        Going to come out swinging for MSFT

        github provides it’s runners generously for free!

        They have not banned me, which is a charm point

        Gitlab, on the other hand! Going to whine about that forever

        Gitlab deletes your account suddenly without recourse or offers a means to communicate with them to resolve issues civilly.

  • undu@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    3 days ago

    I’m so surprised to read a Microsoft article written by a former member of the European Parliament from the Pirate Party, even moreso as the president of the lobbying arm of Microsoft.

    I was interested in knowing what are the duties of the software providers under the regulation, more than hiw they don’t apply to hobbyists, I keep searching for other articles that explain it.

  • souperk@reddthat.com
    link
    fedilink
    arrow-up
    11
    arrow-down
    1
    ·
    5 days ago

    I would really appreciate an ELI5, or some examples. For example, would lemmy be regulated by CRA? What about lemmy instances? Is there a difference if there is a fee or a recurrent donations?

    • Mora@pawb.social
      link
      fedilink
      arrow-up
      13
      ·
      4 days ago

      First: IANAL, EU law is complicated. This is my understanding as of now:

      TL;DR: The EU Cyber Resilience Act (CRA) aims to enhance cybersecurity standards for products with digital elements. It introduces mandatory requirements for manufacturers and retailers to ensure cybersecurity throughout a product’s lifecycle. The CRA excludes open-source software developers unless their software is used commercially as part of a “product with digital elements”.

      would lemmy be regulated by CRA?

      Lemmy, as an open-source project, would likely not be directly regulated by the CRA. The Act specifically excludes open-source developers from its scope unless their software is used commercially.

      Whaz about lemmy instances?

      Lemmy instances might be regulated by the CRA if they are operated commercially as part of a “product with digital Elements”. (Is there a pay for access instance or hosting as a service for lemmy? I am not aware of one.) However, since most instances are run non-commercially or for personal use, they would likely fall outside the CRA’s scope.

      Is there a difference if there is a fee or a recurrent donations?

      Yes:

      • A fee is typically a mandatory payment for a service or product, e.g. a feature locked behind a paywall.
      • A recurring donation is a voluntary, regular contribution to support an organization or cause, often without receiving goods or services in return.

      The key distinction lies in the obligation attached to the payment. Fees come with an expectation of receiving something in return, while donations are given freely without such expectations.

      • vrighter@discuss.tchncs.de
        link
        fedilink
        arrow-up
        7
        ·
        4 days ago

        so, if a company decides to, for example, start using some MIT licensed software, does that suddenly materialize extra responsibilities for that software’s dev?

        • souperk@reddthat.com
          link
          fedilink
          arrow-up
          8
          ·
          4 days ago

          My understanding is that the company would be regulated by CRA and not the developer. However, that does not stop the company from pushing the developer for CRA compliance.

          • Rogue@feddit.uk
            link
            fedilink
            arrow-up
            5
            ·
            3 days ago

            That’s actually pretty reasonable. I’d be happy to make my open source projects compliant for a company - but they can damn well pay me for the effort.

              • phase@lemmy.8th.world
                link
                fedilink
                arrow-up
                2
                ·
                3 days ago

                Well, if I understand things correctly, it may address a part of this issue indirectly: corps are responsible of what they use. If a part is open source they also have the opportunity to fix the problem themselves.

                Looks very nice to me.

              • Rogue@feddit.uk
                link
                fedilink
                arrow-up
                2
                ·
                3 days ago

                Indeed, that’s why I use the AGPL license. Corporations hate it because it forces them to give back.

                • logging_strict@lemmy.ml
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  3 days ago

                  it's free as in go pound sand if you aren't going to fund maintainers

                  it doesn’t force them to do anything until devs refuse to work for any company that doesn’t.

                  i’m with you on agplv3+. The copyright recognition document comes before the resume.

          • logging_strict@lemmy.ml
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            3 days ago

            Wait? Are we pretending the corps are actually the FOSS devs?

            A Corp dev, aka a FOSS dev forced into societal job creation servitude making throw away smartphone apps, web sites, and now AI models.

            Gets paid to not be a productive person. Is essential what a societal job creation program is. Actually accomplishing anything is a random flaw and not the intent of employing devs.

            The alternative would be to fund the dev to concentrate on maintenance efforts of their repos which the entire world depends on.

            And if you don’t believe me, just explain one thing. What’s the pip-tools maintainer up to? Cuz it’s definitely not focused on pip-tools maintenance

            Would definitely be interested to check in daily to watch what he’s doing. Can throw parties to watch some of the most influential and important people on the planet do the equivalent of digging ditches, refilling them, then doing it again.

            • ZeroOne@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              3 days ago

              I tried talking to them about the notion of breaking the monopoly of GIT & was talking about Fossil They literally went don’t care “Git is good enough” they’re literally talentless monkeys

                • ZeroOne@lemmy.world
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  edit-2
                  2 days ago

                  I wasn’t talking about Github, I was talking about GIT itself; <u>Look at these Three</u>:

                  1. Fossil
                  2. Pijul
                  3. Darcs

                  The last 2 are Patch-Based & 2 is basically a modernized-version of 3, eventhough 3 is still being maintained to this day & 1 is a fully-fledged Github-in-a-box

                  Oh boy I can’t wait for the negative comments about it’s obviois flaws, so let’s hear it

        • logging_strict@lemmy.ml
          link
          fedilink
          arrow-up
          3
          arrow-down
          5
          ·
          3 days ago

          No. The FOSS dev would turn around and tell the entire world to go pound sand

          The devs are under no obligations to do squat. Which includes responding to any EU requests.

          If anyone has a problem with a FOSS project, they are welcome to fork the repo and maintain it themselves. And then send love letters back and forth to the EU.

          If anyone is sent a request by the EU, i’m here to help. Some ideas to include in a response.

          Shouldn’t EU be focusing on Ukraine and throwing their males into a meat grinder?

          EU does not have free speech. Why take them seriously? Why have any expectations of them?

  • logging_strict@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    3 days ago

    MSFT please send all that love and support by all the bitcoin you are not buying

    thank you

    – package maintainers