[securesaml]

The problem is lots of open source is unmaintained/insecure, and there aren't any security engineers on those open source libraries.

For the library to be secure, there needs to be funding, not by magic and expecting maintainers will do stuff on there free will.

[overfeed]

The person needing a feature can do implement it themselves or pay for it. They may even share it, in the spirit of open source, but they probably don't have to (depending on license conditions).

[Dilettante_]

Is your perspective here "these things need to be useful/stable/secure, how do we make them/create incentive for them to be what we need them to be"? Because my view is more like "open source is a sprawling wild garden and occasionally a tree bears fruit, and anyone gets to have some for as long as it does."

The assumed base state we're looking to augment via open source software being: "Fully working software"(Augmented: free) vs "No software" (Augmented: yes software)?

Like, what you seem to want is business, plain and simple. Pay a guy, have your specs filled, get guarantees. That would be expecting open source to fill a role it just isn't made for.