It would be exciting to see these sorts of initiatives grow. Imagine if the EU helped fund Debian or Gnome or LibreOffice to reduce their dependence on closed source software from the USA.
This could be frugal practice to follow in other public institutions that run parts of their infrastructure on FOSS, many larger corporations that rely on FOSS sometimes do contribute to the projects or have bug bounties because they know that when something breaks or worse, you are going to lose money. So why not do it by auditing the software and basically give back to the software you rely on, it works almost like insurance, when the shit hits the fan you are paying anyway so why not upfront it. This is an area public institutions could certainly follow since they can't lead.
