Dear users, a new Joinup release will be deployed on Thursday 09/02/2023 between 13:00 and 13:30 CET. Within this time window, the site might experience outages. Please adjust your use of the platform accordingly during this time frame.

European Parliament increases…

European Parliament increases budget for EU-Fossa

Published on: 29/10/2016

On Wednesday, the European Parliament agreed to a follow-up to the European Commission’s ‘EU Free and Open Source Software Auditing’ project (EU-Fossa). The plan for the next phase is included in the EU 2017 budget agreed by the European Parliament.

EU-Fossa is a one-year, EUR 1 million pilot project by the European Commission and the European Parliament. The project, which ends in December, is creating a formal process to let the European institutions contribute the results of software security reviews back to the open source communities. As a pilot, the EU-Fossa project checked the code for two open source projects, the Apache HTTP server and KeePass, a password manager.

For the next phase, MEPs Julia Reda, Max Andersson (both Greens/EFA), and Marietje Schaake (ALDE) have asked for the budget to be doubled. They also want to create an EC/EP bug bounty programme. The exact budget for the new project will be decided in November by the Council and the Parliament, Reda explains on her website.



On her blog, Reda quotes Dirk-Willem van Gulik, founder of the Apache Software Foundation: “There is great value (and need!) in building both capacity and capability in society to maintain key open source infrastructure code while also training the next cadre of developers. We need support for these communities in the long term, and that also means devoting significant resources to this.”

Meeting earlier this week, the EU-Fossa project team discussed the feedback that it had received from the Apache and KeePass developers. Some of these comments will probably end up as changes to the ‘open source code review methodology’, a detailed description of the planning, the actual code review and reporting of the results. This methodology was published on the EU-Fossa project website in July.

More information:

Post by Julia Reda


Sat, 29/10/2016 - 11:30

Hello Gijs,


Very important info, and thank you very much for adding the link to the blog of Julia Reda and EU-Fossa that bring even more data for having a whole idea.