I cannot believe that it is already a month after the third annual Open Source Congress (OSC), which took place in Brussels, Belgium, on the 16th and 17th of September 2025, hosted by the Eclipse Foundation. This event served as a key global summit for open source leaders.

The Congress was conducted under the Chatham House Rule to encourage open dialogue between attendees about the most pressing global forces that shape open collaboration, such as security, regulation, geopolitics, and long-term sustainability. 

My key takeaways from the two-day Open Source Congress 2025

Open Collaboration in a Multi-Polar World

One of the central themes of the Congress was how the global and multi-polar open source ecosystem (involving regions like the US, EU, and Asia) has the capacity to sustain collaboration despite the growing geopolitical tensions and the emerging "sovereign technology" strategies.
True technological resilience depends on global collaboration and not on fragmentation. For this reason, the biggest challenge for open source communities is about finding a proper way to provide contributions to policymaking (at the fundamental level), because regulation will inevitably influence dynamics at a global scale.

Cybersecurity and the Regulatory Tsunami

One of the hot topics of the Congress was cybersecurity and, what else if not, the so-called EU Cyber Resilience Act (CRA) and its impact. 
The regulatory environment, in its race to define cybersecurity standards, has become complex, despite the fact that communities have pioneered transparent security practices. New compliance demands seem threatening to small projects, individual contributors, and stewards who form the backbone of the ecosystem.

But are there ways to prevent them from damaging the backbone of the open source ecosystem, and, if yes, what are these ways? The consensus was that effective engagement requires working together to align international security standards, providing education, aiming to bridge the knowledge gap between policymakers and developers who manage open source projects, and acting collectively, adopting the role of a coordinating body, to ensure that the open source perspective is consistently represented in global policy debates.

The Sustainability Mandate

One of the critical matters that affects the health and longevity of the open source development model is sustainability. Open source is undoubtedly the cornerstone of the modern economy, but the funding models often do not take into consideration the needs of open source project contributors and maintainers.

Discussions included identifying obstacles and helping open source projects access funding and resources. Allocating existing funding resources to open source projects is crucial for the longevity of open source projects. This is evident in the creation and existence of the Sovereign Tech Fund, whose purpose is to help and support international open source projects.

Public Policy, Regulation and Standards

The core subject of policy discussions was about the challenge of engaging with increasing regulation while preserving the open source ecosystem's unique collaborative dynamic. The discussions revolved around the regulatory impact and dynamics, and around proposed collective actions and solutions.

The discussions were around the factors that will fundamentally reshape open collaboration, such as external forces and regulatory approaches. The discussions were also around the Cyber Resilience Act (CRA), which spurred significant engagement from the open source community. With this in mind, it is crucial to align future regulation with the reality of open development. Another subject of discussion was the realisation that smaller communities face greater difficulties in their efforts to navigate (and abide by) the complexities of the regulatory and compliance environment.

To address these challenges, many solutions and actions were proposed, such as maintaining a common open source voice in policy debates and a proposal for a Secretariat for the Open Source Congress, supporting foundations in engaging with regulation while ensuring consistent representation of open source perspectives.

Stakeholder Day: Expanding the Dialogue

During the second day, the conversation broadened, bringing in industry and public sector leaders for Stakeholder Day. The forum underlined the shared responsibility of companies and governments in sustaining the open source ecosystem through funding, tax incentives, and meaningful upstream contributions.
The idea that foundations themselves could play a more active role by providing trusted compliance and security attestations for projects, which could, in turn, provide a sustainable revenue stream to fund their critical work, was solidified through the dialogue.

Moving forward

The Open Source Congress 2025 concluded that a joint effort is essential. Given its heightened importance to the global economy, the open-source ecosystem should continue what it has long excelled at: working together to remain secure, resilient, and sustainable.  The community can thrive by bridging cultural divides, strengthening its policy-advocacy expertise, and adapting to an evolving regulatory landscape.