CPAN Security and Sustainability in light of the EU Cyber Resilience Act

by Salve J. Nilsen (‎sjn‎) (Oslo.pm)

CPAN Security and Sustainability in light of the EU Cyber Resilience Act aimed at Any and is held in English. This talk starts on 2025-05-12 at 16:40 for 40 minutes. It takes place at the Room 1.

The EU Cyber Resilience Act (CRA) is going into full effect in less than three years, and it contains new regulation that is likely to affect much of Open Source, including software published on CPAN and their projects and maintainers.

In this talk, Salve will be offering a short introduction to the CRA, covering aspects that affect users ("Manufacturers"), Open Source Maintainers and the new type of institution they introduced: The Open Source Software Steward.

We'll cover some of the new requirements around metadata, documentation and security, see what businesses can do to help themselves become compliant, and how this may affect Maintainers on CPAN and elsewhere.

Slides: https://security.metacpan.org/presentations/gpw2025-cpan-security-sustainability/

Tags: act cpan cra cyber perl resilience sbom security sustainability

Interest in attending:

• Salve J. Nilsen (‎sjn‎)
• Harald Jörg (‎haj‎)
• Sören Laird Sörries
• Lee Johnson
• Auralisha
• Wolfgang Schemmel (‎Perleone‎)
• Frank Seitz
• Paulo da Silva
• Stefan Härter
• Dave Lambley (‎davel‎)