the "current climate" is one where security defects lead to highly visible public witch hunts and shaming and then the forking of code (see: OpenSSL). OpenSSL only just today got funding and an additional two developers. Despite pretty much the entire world using and depending on it for years now. Despite the fact that it's open source and anyone anywhere could have taken the time to conduct an audit.