Yes, that's the status-quo. But OP is arguing, rightfully so, that we don't want to put additional responsibilities to already hand-full maintainers. If anything, we want to reduce that to make open source community more sustainable. We've seen too much that maintainers burnt out, shutdown repos, or beg for money to just keep the light on. Once they turned the project into commercial endeavor to "spread" the burden, then they have the dilemma of "open-core" dual license.
There must be a way to make the extra work minimal for maintainers even if their works are popular. For example, in the days people use apt / yum for distribution, both vetting and packaging are the responsibilities of the packagers, not the maintainers. (Not saying that's good, but just an alternative perspective, there is a reason why language-specific package registry wins today).
There must be a way to make the extra work minimal for maintainers even if their works are popular. For example, in the days people use apt / yum for distribution, both vetting and packaging are the responsibilities of the packagers, not the maintainers. (Not saying that's good, but just an alternative perspective, there is a reason why language-specific package registry wins today).