Open source represents 70% to 90% of modern software codebases and this is today seen as as a crucial global public infrastructure by many players. Given its ubiquity, this is increasingly part of geopolitical discussions and national-security agendas. This presentation will analyze the risks and governance challenges at the intersection of open source and global politics, with a focus on the recent European discourse on digital sovereignty and supply-chain security.

The core dilemma is that open source's power lies in the mutualization of risk (collective maintenance and faster vulnerability detection), but this is being undermined by fragmentation along national and corporate lines. We will explore:

1. The Weaponization of Open Source: How jurisdictional control over key platforms (like GitHub and PyPI, largely hosted by US entities) translates into geopolitical tools (the "Panopticon" and "Chokepoint" effects), as seen in the 2019 GitHub sanctions.

2. Lack of Investment: The crisis of critical components being maintained by small, under-resourced teams, creating an ecosystem that powers the global economy but lacks the resources to secure itself (e.g., the Log4j incident, XZ, and others).

3. The Fragmentation Trend: The response from nations like China, which are building domestic repositories (Gitee, OpenAtom Foundation) as part of a plan for technological self-sufficiency. This fragmentation reduces interoperability and shared visibility. This makes open source more weak and less resilient.

The presentation will conclude by openly discussing a shared call to action for the FOSS community: How can we forge a stronger shared responsibility between developers, policymakers, and industry to mitigate these losses and keep open source secure, interoperable, and globally accessible?.