The EU Cyber Resilience Act (CRA) is set to become a landmark regulation for software security in Europe. With its planned enforcement starting in September 2026, companies developing software or embedded devices must prepare to meet its requirements or risk losing access to the EU market. While this sounds daunting at first, it might not be as overwhelming as it seems. This post provides a practical overview of what the CRA entails, what companies need to establish, and how to get started to meet the requirements.
How to handle errors in C++ has been a constant point of debate. Do you use exceptions, error code, out-parameters or return nullptrs on failure? And how do you convey information on the nature of the failure? With C++17 we got std::optional for “value or nothing” semantics, but it lacks error context. C++23 - finally - introduces std::expected, a type that encapsulates either a value or an error, making error handling explicit and composable. Let’s explore how std::expected can improve your C++ code.
