.. SPDX-License-Identifier: CC-BY-4.0
   Copyright 2026 The Linux Foundation

Cyber Resilience Act
====================

The EU's Cyber Resilience Act (CRA) includes requirements--and opportunities--for open source projects to level up their security practices.

.. toctree::
   :maxdepth: 1

   Introduction <introduction>
   Step 1: Categorize Your Project <step-1-categorize>
   Step 2: Written Security Policy <step-2-wsp>
   Step 3: Notification Process <step-3-notify>
   Step 4: Cooperation <step-4-cooperate>
   Step 5: Additional Actions <step-5-additional>
   Resources <resources>