I mean, we should probably care at least enough to make sure they’re not smuggling in any backdoors that would allow them take over the entire Lemmyverse.
I know it’s open source so that’s somewhat difficult to accomplish but not impossible (see the recent stealth attack on SSH/OpenSSL). At the very least, it requires people from outside their echo chamber to regularly review commits being made made before admins begin rolling out new updates.