[Beltalowda]

How would you define "faulty" and "harm"?

rm will unapologetically delete files instead of using the "trash bin" semantics that many people are used to. Some would define that as "faulty", and it can certainly cause "harm" (a "rm fuckup" is almost a rite of passage).

You can find many such almost banal examples, ranging from well-known tools to some project a student uploaded on GitHub that sees basically 0 traffic. Opening up Open Office to a lawsuit also means opening up countless GitHub projects from 15-year olds riddled with SQL injections and the like, but also things I put on my GitHub five years ago and don't really care about. Ignoring a PR would mean risking a lawsuit.

Plus, do we really want government involved in telling us what software we can and can't put on the internet? Because that's what this would mean.

"They should be sued for distributing outdated insecure software" is a fun one-liner, but the ramifications if it would actually happen are huge and almost entirely negative for the Open Source world.