jungekatz
joined 2 years ago
Coz what ? GDPR? If they have good intentions they need to see the web integrity api !
Basically A foss product is not exempted if an employee ( does not need to be a tech employee) contributes to a foss prod , or if a company donates to them ! So even npm packages by individual coders who are employed say.by dominos need to take audit and deliver vulnerability free code .
Just read the act then ! It keeps it vague enough to consider a person working in free time will be considered a commercial product
Please watch the video above !
Well if i am developing a product and I work for a corp or if my project is getting donation from a corp , it will be considered as a commerical project , it does not need me to be working on that product as part of my work !!
Not really most apps I have on my phone are now fdroid apps !
They consider foss products out of this requirement , only when the contributors are volunteers who are not working or are employed by a company !! Or get a corporate donation, if even one person contributing to the project is a corporate employee they need to go with the crazy rules they have laid !!
Well the attemps they made are more like drop in the ocean ! I still dont understand how FOSS in eu at least will survive this disaster , while most corps , just use foss software anyway will flourish !
I wonder if I am developing an app for lemmy and I am based in EU , am I obligated to get an external vulnerability audit done , or pay a 15.million euro fine , since I am working for a corporate with a full time job?
They prepared a list of software that need mandatory audit , like browsers and all !