I think it’s worth appreciating this move, especially right now. We are in an era where anyone—from junior to senior—can spin up a project and ship code in seconds using AI. While writing code has become 'cheap' and easy, ensuring it's actually secure has become the real challenge.
In this 'AI age' where the internet is being flooded with automated code, seeing a team double down on human-led research and actually putting a bounty on OSS security is a breath of fresh air. It’s exactly what the open-source ecosystem needs right now.