@acsawdey it's complicated... if you squint, pointing out bugs is a form of help, but the P0 disclosure process (designed to incentivize other large corps) doesn't seem to work with highly popular, but underfunded OSS.
I don't know the solution, but shiting on individual developers code is probably not it.