> This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. However where software is supplied in exchange for a price...
This says that publicly available open-source software that is not supplied in exchange of a price (as in, say, customised versions of software that are not available to general public) is exempt. It doesn't cite any other commercial activity (technical support, donations etc.) from EU Blue guide.
I seem to recall that the heartbeat bug was in a library where the author received (very little) monetary compensation for their work.
Who’s responsible for compliance in that case, the dev or the thousands of companies who used the library in a critical role?
I know this is supposed to fix such a situation but they aren’t going to be taking hundreds of thousands of website operators to court who used the freely provided library without auditing the code.
> This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. However where software is supplied in exchange for a price...
This says that publicly available open-source software that is not supplied in exchange of a price (as in, say, customised versions of software that are not available to general public) is exempt. It doesn't cite any other commercial activity (technical support, donations etc.) from EU Blue guide.