Meaning well and blasting the rsync maintainer with absolutist anti-LLM messages are very different things.

…Which is why I specified those who only mean well. Obviously that doesn’t include the less pleasant crowd.

We're mixing up two things here. There's valid criticism. And there's the people who want to unleash some social-media style shitstorm. The latter show up in large groups and add some unsubstantiated comments, lots of emojis and drown any kind of conversation. But that doesn't really take away from the valid criticism. For example a maintainer shouldn't tag a version and release it, when it's not ready to be released. That's the 101 of software development. You can expect as much. Because the "bleeding" thing isn't really how it works. Once there's a new minor release tagged by the devs, it's supposed to be picked up by the distro maintainers and get into any distro's repositories. Doesn't matter if it's Arch unstable or Debian stable. They don't want bugs and security vulnerabilities in their distro, either. Especially not when it's 6(!) CVEs! And the Debian dev's in fact reacted to this. And they even backported stuff to oldstable so the people who run the rock-stable stuff from 3 years ago get the patches! So it really doesn't matter... Run a bleeding edge distro, or a stable one and don't update it for 2 years, you'll be affected by this both ways.