It's time for Europeans to start writing to their MEPs about the Cyber Resilience Act. It has recently been modified in a way that will be very harmful to #OpenSource projects.
This article from Github does a good job explaining the issues. Those first two issues are the ones that have been recently and intentionally introduced. Your MEP probably doesn't know and still thinks open source has been excluded from the scope.
https://github.blog/2023-07-12-no-cyber-resilience-without-open-source-sustainability/