No, it's totally overblown. As discussed in the comments on that issue as an example, the failure was in whoever wrote Flutter's `uuid` feature.
It's simply incorrect for them to have naively used a PRNG there, regardless of whether it has a static seed or not. They should have used Random.secure all along, and anyone working in a cryptographically sensitive module, like `uuid` should be familiar enough with the distinction to make the right choice.
There's nothing especially harmful about having that static seed and there are even some diagnostic and debugging advantages offered by it. Shuffling the seed on init is a generous convenience for people who want to make sure there's more per-run variety in their randomness without setting a seed themselves, but (when using in a non-secure context) it quickly doesn't matter since anything but toy programs tend to have enough complexity, branching, and data-dependency that the sequence of invocations isn't consistent anyway.
Oops indeed. I like using FIXME for such to make it stand out it's a deficiency that should be fixed asap (usually before merging the change altogether) compared to TODOs that are improvements that can be implemented in a more leisurely fashion.
