The EU Cyber Resilience Act (CRA) is fully in place by the end of 2027.
While open-source projects in general are not covered and affected by the CRA, the CRA affects or may affect freelancers and companies in our customer relationships and customer projects.
Has anyone of you (from the Plone/Python provider space) taken any measure or spend thoughts if and how the CRA affects your business and your projects and which measure are appropriate for being compliant with the CRA? I insinuate that we all are acting in good faith, following the best practices regarding security etc.