The Software is Provided “As Is”

A presentation at Upstream by Tobie Langel

With the push towards regulation around software supply chain security that’s happening both in the US and in the EU, I think it’s fundamental to anchor back to fundamentals: a shared definition of open source licenses (the OSI’s) and the liability clause of open source licenses to clarify, once and for all, that although it is essential to adopt “Shift Left” security practices, liability belongs in the contractual relationship between software providers and customers, not between maintainers and the people using that software.