ORC Monthly: Celebrating a successful 2025!

As we wrap up 2025, it’s remarkable to look back at how far the ORC community has come since January. What started as a year shaped by uncertainty transformed into one defined by collaboration, expertise-sharing, and a rapidly growing ecosystem (we now have more than 60 members!). From engaging sessions at Code & Compliance to our community’s growing influence in EU policy discussions, 2025 has proven just how essential an open, collaborative approach to regulatory readiness truly is.

We close out the year with deep gratitude and strong momentum heading into 2026.

Timo Perala and Dirk-Willem van Gulik
ORC co-chairs

What’s New

• Registration is open for Code & Compliance FOSDEM edition: Join us in Brussels 29 January 2026 ahead of FOSDEM. The program is coming together nicely and will feature 4 key blocks:

  • ORC’s Compliance Materials: How the open source community is cooperating to build compliance
  • Compliance for Manufacturers
  • Simplifying Due Diligence: Attestations, Open Source, and Your Path to Faster, Safer Compliance
  • CRA & the AI Act for Manufacturers

  Register to join us!

• If you’ll be at FOSDEM, make sure to catch these two devrooms closely aligned with ORC’s work:

  • Saturday 31 January 2026: CRA in practice
  • Sunday 1 February 2026: Open Source & EU Policy

• Register for OCX 2026: OCX, the Eclipse Foundation’s annual flagship conference, is coming to Brussels 21–23 April 2026. This year includes Open Community for Compliance, developed by and for the ORC community, featuring talks on:

  • collaborative approaches to regulatory readiness
  • secure development practices
  • lessons from early CRA implementation
  • community-driven tooling and best practices

  Registration is open. We hope to see you there.

Overheard

Blogs you might have missed

• The CRA’s Global Impact: Why Manufacturers Hold the Key
  Huawei becomes the first of our strategic members to share their perspective in this ORC blog. Adrian O’Sullivan explores how manufacturers are preparing for CRA obligations and why open collaboration is key.
• Time to speak: Contributing to the CRA Standards feedback process
  Simon Phipps urges the open source community to more actively shape regulatory outcomes, advocating for unified engagement on policy that affects developers and open source sustainability.
• Moving Forward with Clear Technical Definitions Under the CRA
  The European Commission has just published the Implementing Regulation defining the technical description of “important” and “critical” products with digital elements under the Cyber Resilience Act (CRA). In this new blog, Juan Rico breaks down why this matters for open source and ORC’s role moving forward.

Upcoming Events

• Code & Compliance | 29 January 2026
• FOSDEM | 31 January - 1 February 2026
• FOSS Backstage 2026 | 16-17 March 2026
• Open Community Experience (OCX) 2026 | 21-23 April 2026

Recent Talks & Events

• CRA Mondays | When Disclosure Fails: Europe’s Struggle with CVD
• CRA Mondays | OSS provenance and code signing: how SignPath Foundation guarantees software integrity for its member projects

Welcome ORC Members

The following members joined in November 2025:

• SignPath Foundation
• OpenNebula Systems

How to Participate

• Learn
• Contribute
• Join the Working Group