What may a CPAN Steward organization look like?

by Salve J. Nilsen (‎sjn‎) (Oslo.pm)

What may a CPAN Steward organization look like? aimed at Familar with subject and is held in English. This talk starts on 2026-03-17 at 15:15 for 40 minutes. It takes place at the Room 1.

Starting in 2027, the Cyber Resilience Act (CRA) requires manufacturers of CE-marked products to ensure that these are cyber-secure - including any Open Source components used with these products.

To help Manufacturers to achieve this enormous task, they'll need help from maintainers, and to facilitate this, the EU Commission has envisioned a new type of organization that is meant to support maintainers who wish to participate –the "Open Source Software Steward".

In this talk, Salve J. Nilsen (CPANSec, Oslo.pm) presents his proposal for how such an organization might work, how it can be carefully structured to function well within the CPAN and Perl context we know, and how this can be used to improve both the long-term sustainability and the cybersecurity of the projects and ecosystems we rely on.

Please note, this talk assumes intermediate familiarity with the CRA, and is heavy on high-level policy, business and governance topics.

If this interests you, or you have a special interest in the long-term sustainability of all things Perl and CPAN, then this talk is for you.

And if you are directly involved in publishing well-used distributions on CPAN, organizing events, or managing community infrastructure and services, then this talk is extra relevant for you!

Tags: act attestation ce cra cyber cybersecurity eu resilience security steward sustainability

Interest in attending:

• Salve J. Nilsen (‎sjn‎)
• Salve J. Nilsen (‎sjn‎)
• Salve J. Nilsen (‎sjn‎)
• Paulo da Silva