daniel:// stenberg://
bagder@mastodon.social
The "good" people at Emerson for some reason couldn't think for themselves when I responded to them on behalf of #curl and instead continue and send the same questions to the #libssh2 project with the same "demands".
"This is a gentle reminder regarding our earlier request for your input on the cybersecurity risk assessment of the software component βlibssh2β version 1.11.0, as part of our compliance efforts with the EU Cyber Resilience Act (CRA)."
3
4
1
daniel:// stenberg://
bagder@mastodon.socialI have also offered them a contract to help them answer these questions for curl, but they have not yet taken me up on that. As time passes, it seems more and more unlikely that they will.
1
0
0
I just think it is so funny of them to use "gentle reminder" to "request" others to save their bacon for free.
Their internal reasoning and strategizing to come up with that would be interesting to know.
1
0
0
2
0
0
0
0
1
@bagder But, butβ¦ their deadlines!? π€£
0
0
0
Even Rouault
EvenRouault@mastodon.social@bagder The libtiff project also got the same request from Emerson (sent to the listserv owner) for libtiff, mentionning a totally antiquated libtiff version (3.6.1). I didn't bother answering them
0
0
1
Julian Andres Klode π³οΈβπ
juliank@mastodon.social@bagder Today they sent one for APT.
https://lists.debian.org/deity/2025/08/msg00010.html
Oh I see they even have HTML, neither Thunderbird nor Neomutt (duh) rendered that :D
Attached is my reply...
1
0
0
daniel:// stenberg://
bagder@mastodon.social@juliank just to nitpick: it is "subject to the CRA" for them
1
0
0
Julian Andres Klode π³οΈβπ
juliank@mastodon.social@bagder oh I guess should have said the APT project as opposed to the APT code they got from somewhere :D
0
0
0