🎊 Happy New Year from the Open Regulatory Compliance! 2025 was a year of learning, sharing, and steady progress for the Open Regulatory Compliance community. 👏 Thank you to everyone who participated, shared insights, and helped make these conversations clearer and more constructive.

📣 “The weight of compliance falls primarily on manufacturers, not on the open source community.” Adrian O’Sullivan explains what this means in practice and how the ORC Working Group supports shared understanding across the ecosystem. Read the article to learn more: orcwg.org/blog/manufac...

9 months left to get ahead! 📉 The #CyberResilience demands security by design across all digital products. But 27% of companies haven’t even started engaging with CRA requirements (ONEKEY). 🔗 Start today! orcwg.org/cra

In this ORC article, Adrian O’Sullivan, Huawei, shares why the Cyber Resilience Act’s (CRA) impact is global for manufacturers and how early community engagement helped strengthen the regulation. Learn more: orcwg.org/blog/manufac...

📣 Registration is now open for Code & Compliance 2026! Join us on 29 January in Brussels, ahead of FOSDEM, for the next edition of Code & Compliance. Be part of the conversations advancing open source governance, policy, and practical security solutions. Register now: hubs.la/Q03WGtF40

📣 The FOSDEM 2026 Freedom, Sovereignty & Regulation Devroom is accepting proposals! Share your perspective on how regulation shapes digital freedom and open ecosystems. CfP details ➜ softwarefreedom.net/fosdem-2026-... ⏰ Deadline: 1 December #FOSDEM #FOSDEM2026

🔐 OC for Compliance at #OCX26 will bring together developers, maintainers, and legal experts to share approaches bridging the gap between legislation and implementation. 👉 If you want to stay ahead of evolving regulations, #OCX26 is the place for you. 📆 Register! www.ocxconf.org/event/2026/r...

Help shape how the #CRA impacts open source. Not sure where to start? Begin with our Deliverables Plan. In a new blog and video, we explain what’s included, how to read the status indicators, and how to contribute. 🎥 www.youtube.com/watch?v=QamK... 📝 orcwg.org/blog/how-to-...

⏰ Final call! Our ORC has received some amazing name suggestions, but there’s still time to share yours! We’re collecting ideas until 28 November, so if you haven’t joined in yet, now’s your chance. 💚 Help us give our ORC the perfect name to represent the Open Regulatory Compliance community.

⏰ The call for proposals at Code & Compliance 2026 closes tomorrow! Share your expertise and experiences with a highly engaged audience in Brussels. 🔗 Submit your talk now: www-eur.cvent.com/c/abstracts/... #CodeCompliance #CFP #CRA #opensource

👋 Join our speaker lineup for Code & Compliance 2026! Following the success of our Code & Compliance Community Day, we’re building the next event to go even deeper into #CRA implementation and open source compliance. 📍 Brussels 🔗 Submit your talk by 25 November: www-eur.cvent.com/c/abstracts/...

🔐 OC for Compliance at #OCX26 will bring together developers, maintainers, and legal experts to share practical approaches bridging the gap between legislation and implementation. 📆 Lock in your #OCX26 ticket before prices go up! www.ocxconf.org/event/403bff...

📢 Present at Code & Compliance 2026! We’re looking for panels, presentations, roundtables, or workshops on topics such as tooling, attestations, stewardship, standardisation, or policy. 👉 Submit your talk before 25 November: www-eur.cvent.com/c/abstracts/...

New project! 🔐 The objective of the Cyber Resilience Attestations project is to propose a means to support the due diligence responsibilities of manufacturers who rely on F/OSS components. Learn more: projects.eclipse.org/projects/tec...

The countdown is on! Manufacturers have less than a year to comply with the #CyberResilienceAct’s vulnerability reporting requirements. 📘 Explore our resources to help your team prepare: orcwg.org/cra/ #CRA #CyberResilience #ORCWG

What is an #opensource software steward? 🌐 Open source software steward is a term defined in Article 3(14) of the CRA. However, the discussion on this topic is ongoing. Check our ongoing #CRAFAQ discussion on GitHub and share your thoughts and contributions! github.com/orcwg/cra-hu...

💻 Open source AI in automotive: legal & compliance implications Join us on 6 November 2025 at 3 PM CET for a practical briefing with Dr. Lina Böcker. 👉 Register now: www.crowdcast.io/c/ocx-day4-c...

🤔 Can a solo maintainer be considered to be an #opensource software steward? What do you think? Share your feedback on our CRA FAQ document: github.com/orcwg/cra-hu...

✅ Compliance isn’t about ticking boxes; it’s about building trust in open source. At #OCX26, the Open Community for Compliance invites proposals on regulatory requirements, the CRA, certification, and standardisation. Send your proposal before 13 November! www.ocxconf.org/event/403bff...

I am NOT subject to the CRA, and want to make this clear to downstream users. What should I say? Help answer this question in our CRA FAQ document. Contribute to the discussion 👇 github.com/orcwg/cra-hu...

Francisco Carneiro will introduce the @eclipse.org Open Regulatory Compliance WG at #SFSCON in Bolzano. Join his session on 7 November to explore how the working group brings together key stakeholders to co-develop reusable tools. Don’t miss it 👉 pretix.eu/noi-digital/...

📢 Contribute to the FAQ on the Cyber Resilience Act (#CRA) and have an impact! Some questions around open source projects, maintainers, stewards, or CRA standards are still being discussed. We need your input. 👉 Check out the CRA FAQ and share your feedback with us! github.com/orcwg/cra-hu...

Discover the ORC’s Cyber Resilience SIG deliverables plan: ✅ Navigate the deliverables plan and see CRA-related projects ✅ Understand the scope of each deliverable ✅ Find ways to get involved and contribute 🎥 Watch video: www.youtube.com/watch?v=QamK... 📝 Read the blog: orcwg.org/blog/how-to-...

🎤 It’s #CRA time at The Things Conference! @j-rico.bsky.social, Senior Program Manager @orcwg.org at @eclipse.org is on stage in Amsterdam delivering the keynote “Will the CRA Break Open Source in #IoT, or Make It Stronger?” #EclipseFdn #opensource #CyberResilienceAct

Why attend the Code & Compliance Community Day? 1️⃣ Deepen your understanding of the #CRA 2️⃣ Be part of the discussions shaping CRA compliance 3️⃣ Attend the OpenForum Europe's roundtable “Solving the Standardisation Dilemma” orcwg.org/blog/code-co... www.eclipse-foundation.events/event/Code-a...

🔐 Are you interested in the #CRA? September is packed with events! 1️⃣ Comply.Land – Malta, 11-12 September 2️⃣ Bitkom Open Source Forum – Erfurt, 18 September 3️⃣ The Things Conference – Amsterdam, 23–24 September 👋 Connect with Juan Rico, from the ORC, at Bitkom & The Things Conference.

With more than 600 videos relevant to the #Java community, #JakartaEE's YouTube channel has something for everyone. Check it out and be sure to subscribe. www.youtube.com/channel/UC4M...

🔐 Why attend Comply.Land 2025? Because regulatory frameworks are shaping the future of technology, and this is your chance to be part of the conversation. The #ORC community will be there, sharing our work on aligning open source practices with evolving compliance requirements. 👉 hubs.la/Q03FqKSK0

In this #CRAMondays session, we’ll hear directly from leaders shaping software transparency standards: Steve Springett, Olle E Johansson, Philippe Ombredanne Find out how Ecma and OWASP are creating practical solutions for secure, transparent supply chains. 🗓 calendar.google.com/calendar/eve...

3 reasons to join Code & Compliance Community Day! 1️⃣ Understand how the #CRA is being implemented. 2️⃣ Learn how the ORCWG is translating policy into practice. 3️⃣ Access resources and connect with others, navigating CRA compliance. See you in October! www.eclipse-foundation.events/event/Code-a...

The #CRA is facing mounting criticism from industry stakeholders, with some describing the situation as a “five‑alarm fire": redmonk.com/sogrady/2025... Many unresolved questions raised by the CRA are being addressed at the ORC's FAQ: github.com/orcwg/cra-hu...

💬 There are still many unanswered questions in the #CRAFAQ, and your input can help shape the conversation. 📢 Join the discussion: 1️⃣ Review the FAQ on GitHub: github.com/orcwg/cra-hu... 2️⃣ Share your perspectives and contribute directly to the conversations.

#ORCWG is gaining momentum with the creation of our inventory of #CRA resources and the addition of several new members. Read our news release: newsroom.eclipse.org/news/announc... #CyberResilienceAct

We’re pleased to share that Open Forum Europe will have a co-located workshop “Solving the Standardisation Dilemma” at the Code & Compliance Community Day, bringing fresh perspectives to one of the sector’s most pressing challenges. 🔗 Register now! www.eclipse-foundation.events/event/Code-a...

📢 New on the ORC website! Stay informed with the latest insights on #opensource and regulatory #compliance. The ORC blog features updates, perspectives, and practical guidance from across the community, helping you navigate compliance in a fast-evolving landscape. 🔍 orcwg.org/blog/

👀 Are you interested in the CRA? Here are 4 events you can’t miss! 1️⃣ Comply.Land | 11-12 Sept: comply.land 2️⃣ The Things Conference | 23-24 Sept: www.thethingsconference.com 3️⃣ NSSS | 1-3 Oct: nsss.se/y2025/ 4️⃣ Code & Compliance | 22-23 Oct: www.eclipse-foundation.events/event/Code-a...

🔍 Do you need guidance navigating the Cyber Resilience Act (#CRA)? Join us for the Code & Compliance Community Day on 22–23 October in Brussels! 🔗 www.eclipse-foundation.events/event/Code-a...

#ORCWG is currently developing a series of white papers focused on key aspects of cybersecurity and open source. 📢 If you're interested in contributing your expertise or reviewing drafts, we welcome your participation. Learn more and get involved on GitHub: github.com/orcwg/orcwg/...

💫 We know you love our #CRAMondays series - but we’re taking a break over the summer. No worries, you can catch up on the recordings, and stay informed on the latest CRA-related topics. Check out our full playlist to gain a deeper understanding of #CRA issues: www.youtube.com/playlist?lis...

🌟 Our latest #ORCMonthly is packed with updates and upcoming events! Don't miss it! Read it now: blogs.eclipse.org/post/juan-ri...

Are you concerned about the #CRA and how it impacts #opensource? 📅 Join the Code & Compliance Community Day on 22–23 October 2025 in Brussels! 🌐 We’ll bring together developers, maintainers, users and regulators to discuss the future of compliance. www.eclipse-foundation.events/event/Code-a...

Save the Date for the Code & Compliance Community Day! 🗓️ 22–23 October 2025 📍 Maison de la Poste, Brussels, Belgium Join us to reflect on the Cyber Resilience Act’s (#CRA) first year and shape what’s next for open source and compliance: www.eclipse-foundation.events/event/Code-a...

✨ Curious about the #CRA? Why should open source maintainers care? 💻 Check this video from the maintainers month webinar to learn how it affects open source software and the importance for those monetising it. Participate in this conversation: hubs.la/Q03wcZ_x0

💻 The Cyber Resilience Act (#CRA) applies to hardware, software, and remote services that support digital products. If you’re working with open source, there’s a good chance you’re in scope. Learn more about what kinds of products are regulated by the CRA: github.com/orcwg/cra-hu...

Timo Perala (Nokia) will discuss #ORCWG during his #CRA talk at Open Source Summit Europe. Learn more about Timo's session: osseu2025.sched.com/event/25VmN/... #opensource #opensourcecompliance

The #EclipseDataspace and #orc participated in the Global Digital Collaboration Conference on 1-2 July in Geneva, where we organised a series of sessions under the theme “Sovereign by Design.” These discussions addressed topics at the intersection of trust, digital infrastructure, and regulation.

🛡️ The #CRA is changing how digital products are developed, distributed and maintained. To learn more about what the CRA is and more, read the ORC's CRA FAQ: utm_campaign=8591748-CRA%20FAQ&utm_content=336237727&utm_medium=social&utm_source=linkedin&hss_channel=lcp-34093#faq-tmp-154

Are you hoping to learn more about the EU’s Cyber Resilience Act (CRA)? 🎥 Explore our playlist of webinar and community call recordings, featuring insights, updates, and discussions from the #ORCWG community: bit.ly/42mJm4x #CRA #CyberResilienceAct

🛡️ The EU’s Cyber Resilience Act (#CRA) is changing how digital products, including #OSS, are developed, distributed, and maintained. Whether you’re a developer, maintainer, or vendor, this regulation will impact your work. Read the ORC’s #CRAFAQ to learn more: github.com/orcwg/cra-hu...

🇪🇺 The EU’s Cyber Resilience Act (#CRA) is reshaping how open source projects approach risk and compliance. 📌 Join our webinar on 24 June to learn about the resource the ORC community is developing to support the open source projects and users with CRA compliance. www.crowdcast.io/c/cra2506