I haven't even read this document fully yet, but all signs point to MAJOR TROUBLE AHEAD for open source projects:
https://www.trojansource.codes/trojan-source.pdf
My recommendation is to hold all patches/pull requests until solutions/defense/shields are found !
Bye for now,
Skybuck.