The Python Software Foundation (PSF) has expressed concerns about the EU’s proposed Cyber Resilience Act (CRA) and Product Liability Act, fearing unintended consequences for the open-source software community.
The PSF’s concerns stem from its role in promoting and protecting the Python programming language and its ecosystem, which includes hosting the Python Packaging Index (PyPI), a library of software packages used by countless individuals and enterprises. The proposed CRA law, as currently written, could make the PSF financially liable for any product that includes Python code, without ever receiving monetary gain from the product.
The PSF believes liability should be assigned to the entity that has entered into an agreement with the consumer, rather than open-source software authors.
The Python Software Foundation (PSF), is a non-profit organization devoted to the development and promotion of the Python programming language. Established in 2001, the PSF manages the intellectual property rights of Python and supports the global Python community by sponsoring conferences, funding development projects, and providing resources for education and outreach.