alt Hacker NewsThe problem is lots of open source is unmaintained/insecure, and there aren't any security engineers on those open source libraries.
For the library to be secure, there needs to be funding, not by magic and expecting maintainers will do stuff on there free will.
The person needing a feature can do implement it themselves or pay for it. They may even share it, in the spirit of open source, but they probably don't have to (depending on license conditions).