How is 'sponsorware' affected by the CRA?

Sponsorware is a model where sponsors receive early access to software that is later released as open source. Under the CRA, the regulatory treatment depends on which phase of the sponsorware model is being considered.

During the exclusive sponsor phase, when only paying sponsors can access the software, this arrangement might be considered as tailor-made development. As explained in When is a product "tailor-made"? What documentation is required in these cases?, the person publishing the software would be considered a manufacturer during that phase but could deviate from a small subset of the essential cybersecurity requirements provided they met the conditions outlined in Recital 64; the person publishing the software would be subject to the full obligations of a manufacturer otherwise.

Once the software is released as open source, it is treated like any other open source software under the CRA. At that point, the standard criteria for determining whether open source software is in scope apply; primarily whether the person publishing it is monetising it through that release. See Am I subject to the CRA if I earn a living from the open source project I maintain? for details on how monetisation affects CRA obligations.