Cyber Resilience Attestations

Cyber Resilience Attestations provides a comprehensive set of recommendations regarding voluntary security attestations for open source projects, as described in CRA Article 25, including but not limited to:

the nature and structure of the contents of attestations
recommended procedures to create, disseminate, and authenticate attestations
comparative analysis of different approaches to addressing the objective

This project may include:

synchronous and asynchronous discussions on this topic, minutes and agendas of meetings, etc
descriptions of processes and reference templates that support the creation of voluntary security attestation documents
comparative review of existing 3rd party materials related to the topic
samples and document templates
automation for auto-publishing documents from markdown into other formats

Basics

Repositories

Repository	Commits	Reviews	Issues

This project has no activity.

The EMO oversees the lifecycle of Eclipse projects, trademark and IP management, and provides a governance framework and recommendations on open source best practices.

See the project’s PMI page at https://projects.eclipse.org/projects/technology.cra-attestations

Releases

Reviews

Creation (2025-10-01) – see review

IP Lab requests

Security related information is not yet available for this project. In order to gather such information automatically, Self Service of GitHub resources needs to be enabled for this project.