Comment by mitjam
3 hours ago
A challenge they forgot to mention is EU‘s very own new Product Lianility Directive.
Although the Directive exempts free and open-source software (OSS) from strict product liability, it does so only if the software is developed or provided outside the course of a commercial activity.
As soon as a company integrates OSS into its own commercial product or uses it for economic purposes, the company becomes liable for any potential defects in the open-source component.
Looks Like fun for freelancers and companies who get Clients thanks to their Open Source projects, for example.
Company sells product for profit - they are liable for the product and all its subcomponents - there is nothing unfair about this - it doesn't matter if you found the components in a hole in the ground or on github - if you are selling a product based off it, you are liable.
For freelancers / oss companies - you can still sell services such as consulting or support - without selling your oss project - then its a service - not a product.
Does this mean that you think a company should not be held liable for defects caused in a product they ship, if the defect is caused by an open source component?
Why not?