alt Hacker NewsIn theory, the vulnerability was always there, and it's better to find out than not find out.
In practice, how much effort it is to find vulnerabilities matters a lot. We're in a time where things that used to be quite hard are now easy and the rate of discovery will change.
This rate of discovery matters a lot -- for OSS maintainer burnout if nothing else.
It matters in a positive sense; it's a thing that enables you to make some predictions about the state of the world tomorrow. It does not matter in a normative sense; OSS maintainer burnout is strictly a less important concern than software security, which is an externality of software development.