A reminder for many I am sure about the perils of relying on so much 3rd-party, unaudited and single-handedly maintained software out there. Establishing a new fork that people can trust will not be easy if many realise at all to update their dependencies.
Yikes. I've always tried to avoid using third-party libraries when possible. However, tight timelines and the team's inexperience in areas leaves us no choice. We recently had to rip out PDFSharp since they betrayed the community with their pay model/license. We couldn't use the old version anymore because it broke as we upgraded our .NET version.