I for one am going through quite a culture shock. I always assumed the nature of FOSS software made it immune to be confined within the policies of nations; I guess if one day the government of USA starts to think that its a security concers for china to use and contribute to core opensource software created by its citizens or based in their boundaries, they might strongarm FOSS communities and projects to make their software exclude them in someway or worse declare GPL software a threat to national security.
It’s basically the same as me not installing that Flappy Bird copy because the dev is Russian. I don’t trust it, even if the code is available to review.
We also learned a lot about trust with that file zip software a year or so ago. I don’t remember the details of that, but open source doesn’t automatically mean secure.
One of the big weaknesses of open source is the same as democracy. Nobody has time to review every piece of code (or research and hold accountable every politician) which leads to risks.