開源政策 / Open Source Policy --- 什麼是政策？政策泛指某一團體組織為達到設定目標所採取的方法及策略，不只是政府的專有名詞——公司、社群，甚至小至專案組，都有各自的政策。 開源政策軌自 2024 年開辦以來已邁入第三年，累積近二十場議程分享，從國際法規動態、政府數位治理、企業開源策略到社群自治實踐，從不同角度探討開源世界中的政策議題。 今年，開源與政策的交會點持續擴大，許多值得關注的議題正在浮現： • AI 與開源：當 AI 模型走向開源，開源授權如何適用？各國 AI 法規對開源專案有何影響？開源社群如何參與 AI 治理的討論？ • 數位主權：政府採購如何納入開源方案？Public Code 運動如何推動公部門的數位自主？開源如何成為國家數位韌性的基石？ • 永續經營：開源專案如何建立健康的資金模式？維護者倦怠問題如何解決？社群的長期健康該如何維繫？ • 資安合規：軟體供應鏈安全為何成為焦點？SBOM 如何改變軟體交付的方式？漏洞揭露政策對開源專案有何意涵？ 這些議題，你覺得哪些最重要？哪些又與你的日常最相關？ 開源政策軌期望延續過去兩年的對話基礎，聚集不同領域的意見，共同探討如何將開源的優勢轉化為策略，融入政府、企業和社群的決策中。讓我們一起思考和行動，打造一個更加開放、透明、安全的數位世界！ What is policy? Policy refers to the methods and strategies adopted by an organization to achieve its goals—not exclusive to governments, but also applicable to companies, communities, and even small project teams. Since its launch in 2024, the Open Source Policy track has entered its third year, accumulating nearly twenty sessions covering international regulatory developments, government digital governance, corporate open source strategies, and community self-governance practices—exploring policy issues in the open source world from multiple perspectives. This year, the intersection of open source and policy continues to expand, with many noteworthy topics emerging: • AI and Open Source: As AI models go open source, how do open source licenses apply? How do AI regulations around the world affect open source projects? How can the open source community participate in AI governance discussions? • Digital Sovereignty: How can government procurement incorporate open source solutions? How does the Public Code movement promote digital autonomy in the public sector? How can open source become a cornerstone of national digital resilience? • Sustainability: How can open source projects establish healthy funding models? How can maintainer burnout be addressed? How can we ensure the long-term health of communities? • Security Compliance: Why has software supply chain security become a focal point? How is SBOM changing the way software is delivered? What are the implications of vulnerability disclosure policies for open source projects? Which of these topics do you find most important? Which are most relevant to your daily work? Building on the dialogue from the past two years, the Open Source Policy track aims to gather diverse perspectives to explore how the advantages of open source can be transformed into strategies and integrated into decision-making across governments, businesses, and communities. Let’s think and act together to create a more open, transparent, and secure digital world!