[dontupvoteme]

Have there already been cases where a project switched part of their codebase to protest something(whatever it may be) and it resulted in lower quality/security issues, or is that something we'll see in the future?

Seems like an interesting attack vector. LibFoo was made by BadGroup, use LibBar instead, it's GoodGroup approved!

Meanwhile LibBar has security flaws, known or unknown, intentional or unintentional, which quickly get absorbed into other projects in a political frenzy to expel LibFoo at all costs (and said actions also are incentivized given that they drive publicity, engagement, etc).

I would have thought this completely nuts, prior to the whole node-ipc malware debacle. I would expect state actors to make the most of this expanded Overton window.