Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

daniel:// stenberg:// @bagder@mastodon.social

7/11/2025, 3:35:34 PM

Public

Cybersecurity Risk Assessment Request

https://daniel.haxx.se/blog/2025/07/11/cybersecurity-risk-assessment-request/

#curl #CRA

Cybersecurity Risk Assessment Request

With the new EU legislation Cyber Resiliency Act (CRA), there are new responsibilities and requirements put on manufacturers of digital products and services in Europe. Going forward these manufacturers must be able to know and report the exact contents of their software, called a Software Bill of Material (SBOM) and they have requirements to check … Continue reading Cybersecurity Risk Assessment Request →

daniel.haxx.se · daniel.haxx.se

Bradley M. Kuhn @bkuhn@copyleft.org

7/11/2025, 8:33:05 PM

Public

@bagderdaniel:// stenberg:// Thanks for your post & your counter 😆

I'm curious: you characterize the EU #CRA as requiring #SBOM's *specifically*. I know the License Compliance Industrial Complex wants it to be true, but I researched this issue for my #FOSDEM 2025 talk…
https://fosdem.org/2025/schedule/event/fosdem-2025-6155-is-there-really-an-sbom-mandate-/
… & IIUC CRA *doesn't* specify SBOMs specifically.
IMO, if the vendor gives the customer complete, Corresponding Source & a 100% @reproducible_builds they've complied with CRA. No one has shown me anything that disproves that.

FOSDEM 2025 - Is There Really an SBOM Mandate?

fosdem.org

If you have a fediverse account, you can quote this note from your own instance. Search https://fedi.copyleft.org/users/bkuhn/statuses/114836503599175854 on your instance and quote it. (Note that quoting is not supported in Mastodon.)