> ## Documentation Index
> Fetch the complete documentation index at: https://docs.law4devs.eu/llms.txt
> Use this file to discover all available pages before exploring further.

# Cyber Resilience Act (CRA)

> Regulation (EU) 2024/2847 on horizontal cybersecurity requirements for products with digital elements.

## Overview

| Field        | Value                                                                                          |
| ------------ | ---------------------------------------------------------------------------------------------- |
| **CELEX**    | 32024R2847                                                                                     |
| **Status**   | Active                                                                                         |
| **Articles** | 71                                                                                             |
| **Recitals** | 130                                                                                            |
| **EUR-Lex**  | [View Official Text](https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32024R2847) |

## Compliance Deadlines

| Date       | Type                | Description                                |
| ---------- | ------------------- | ------------------------------------------ |
| 2024-12-10 | Entry into force    | Regulation enters into force               |
| 2026-06-11 | Partial application | Chapter IV applies (Reporting obligations) |
| 2026-09-11 | Partial application | Article 14 applies (Delegated acts)        |
| 2027-12-11 | Full application    | Full application of all requirements       |

## Stakeholder Roles

The CRA defines obligations for the following stakeholder roles:

* **manufacturer** - Places products with digital elements on the EU market
* **importer** - Imports products from third countries into the EU
* **distributor** - Makes products available in the EU supply chain
* **authorized\_representative** - Acts on behalf of manufacturers
* **open\_source\_steward** - Manages open source components
* **notified\_body** - Conformity assessment bodies
* **market\_surveillance** - National authorities overseeing compliance
* **consumer** - End users of products with digital elements

## Requirement Types

Requirements in the CRA are classified as:

* **obligation** - Mandatory actions that must be taken
* **prohibition** - Actions that are forbidden
* **right** - Entitlements granted to stakeholders
* **procedure** - Processes that must be followed
* **general** - General provisions and definitions

## API Usage

```bash theme={null}
# Get all CRA articles
curl https://api.law4devs.eu/v1/frameworks/cra/articles

# Get CRA framework details
curl https://api.law4devs.eu/v1/frameworks/cra

# Get CRA requirements
curl https://api.law4devs.eu/v1/frameworks/cra/requirements

# Get CRA recitals
curl https://api.law4devs.eu/v1/frameworks/cra/recitals
```

```python theme={null}
# Python SDK
from law4devs import Law4Devs

client = Law4Devs(api_key="your-api-key")

# List all CRA articles
articles = client.articles.list("cra")

# Get CRA requirements by stakeholder role
requirements = client.requirements.list("cra", role="manufacturer")

# Search CRA articles by tag
articles = client.articles.search("cra", query="vulnerability")
```

```typescript theme={null}
// TypeScript SDK
import { Law4Devs } from '@law4devs/sdk';

const client = new Law4Devs({ apiKey: 'your-api-key' });

// List all CRA articles
const articles = await client.articles.list('cra');

// Get CRA requirements by stakeholder role
const requirements = await client.requirements.list('cra', { role: 'manufacturer' });
```

## Key Topics

* Essential requirements for products with digital elements
* Vulnerability handling and disclosure
* CE marking and conformity assessment
* Market surveillance and enforcement
* Supply chain security obligations
