Open Source software "under their responsibility" #151
Comments
|
I think this is somehow related to the control of the project that I mentioned here: #16 (comment) . I think this is something that would be good to get some clarification on. |
|
I think that this is a very important question and it has a link with some other subjects. For example, an organization that supports an open source project (i.e. close to an open source steward) that could not enforce their decisions, are they "in" or not? This case actually applies to a number of organizations supporting open source projects that only handle administrative and as is today, they can't enforce a vulnerability reporting policy, for example. |
|
If two persons from a company gets selected to a project steering group with three persons or an Open Source project - does the project end up in the company's control? If there are ten developers with merge rights on a GitHub-based project and six are employed by the same company - does the project end up in the company's control? We really need clarification of what this means and how a company needs to manage this. |
Recital 18 says:
"This Regulation does not apply to natural or legal persons who contribute with source code to products with digital elements qualifying as free and open-source software that are not under their responsibility."
What is the definition of "under their responsibility" ?
When does a person become responsible for open source code and products?
The text was updated successfully, but these errors were encountered: