TMCnet News
The Eclipse Foundation and the ORC Working Group launch ORC Learning Hub to help open source developers, maintainers, and software teams prepare for the Cyber Resilience ActBRUSSELS, June 30, 2026 (GLOBE NEWSWIRE) -- The Eclipse Foundation, one of the world’s largest open source software foundations, in collaboration with the Open Regulatory Compliance (ORC) Working Group, today announced the launch of the ORC Learning Hub, a free global education initiative designed to help the people responsible for building, maintaining, securing, and governing open source software prepare for the European Union’s Cyber Resilience Act (CRA). The program provides practical, role-specific training for open source developers, maintainers, contributors, project stewards, product teams, security and compliance professionals, OSPO leaders, and legal teams. While the CRA is a European regulation, its impact is global. Any organisation that distributes or commercialises software-enabled products in the EU market, including those built on open source, must comply with its requirements. Open source is now nearly universal in modern software, with more than 96% of commercial codebases containing open source (OpenLogic 2026 State of Open Source Report). As a result, the need for clear, actionable guidance is urgent across the global software industry. “The CRA changes the rules for how software is developed and delivered globally,” said Mike Milinkovich, executive director of the Eclipse Foundation. “Because open source is part of almost every modern application and system, CRA readiness has to happen where software is actually built. The ORC Learning Hub helps developers, maintainers, project stewards, and software teams understand what the CRA requires and put that knowledge into practice.” Developed by the ORC Working Group and hosted by the Eclipse Foundation, the ORC Learning Hub brings together expertise from across the open source ecosystem, industry, and regulatory domains. It delivers open source–focused training to help organisations understand how the CRA applies in real-world scenarios and what actions they need to take. With the first CRA obligations set to take effect in September 2026, organisations face a narrowing window to prepare. Until now, guidance has been fragmened and largely high-level, particularly when it comes to open source software. The ORC Learning Hub addresses this gap by delivering clear, actionable, and role-specific education aligned with modern, open source–driven software development practices. The Cyber Resilience Act introduces mandatory cybersecurity requirements for products with digital elements sold in the EU, including those built with or dependent on open source software. It places new responsibilities on manufacturers and distributors of such products in the European market. The CRA also introduces a new actor, the open source software stewards, which must adopt secure development practices, ensure transparency, and manage vulnerabilities across the entire software supply chain. At the core of the ORC Learning Hub is a modular training program designed to guide organisations through CRA readiness step by step. The full program includes:
The Learning Hub launches with Modules 1 and 2 available today, providing tailored entry points for:
Additional modules covering SBOMs, due diligence, and vulnerability management will soon be released. The ORC Learning Hub is designed to:
The ORC Learning Hub is free and available globally. Organisations and open source stakeholders are encouraged to begin preparing now, ahead of the September 2026 deadline, and to stay engaged as new modules and guidance are released. The program is available at https://orcwg.org/training/ About the ORC Working Group About the Eclipse Foundation Media contacts: 514 Media Ltd (France, Italy, Spain) Nichols Communications (Global Press Contact)
|


