Friend, I read the comment that you’re replying to that if hostile governments wanted to backdoor our software supply-chains, it wouldn’t cost that much to corrupt an open source maintainer.
Whereas, if it was the norm for well used OS projects to be sponsored, it’s far less likely to be tempted by relatively small bribes.
