I didn't think it could be so difficult to separate legal contracts from social ones.
If you have voluntarily assumed the role of maintaining an open source project, it's perfectly reasonable for people to expect you to address merge requests and issues on the issue tracker. It's reasonable to expect a maintainer to process technical arguments and justify their technical decisions.
The maintainer of course has no legal or moral obligation to perform any of these tasks. If he should ignore these assumed responsibilities, the users of the software can react in multiple ways. They can fork the project or use something else. In both cases they are also completely and utterly within their right to put into question the reliability and credibility of the aforementioned maintainer. Especially where it concerns software that people rely on for critical processes.
All the "as is" clause means for security concerns (apart from its legal implications) is that the burden of making these guarantees lies on the community, and not the emitter of the software. It does not mean you should have no expectations of it at all and to suggest so is, frankly, nonsense.
Lastly, I think if anyone is "entitled" to anything, it's respect. If the developer of actix truly felt like he was not getting the respect he deserved then his reaction is completely justified.
However, that disclaimer exists in all major open-source licenses, including all such software explicitly marketed such that a Reasonable Person (in the legal sense) would interpret it as a statement of fitness for purpose.
Thus, the disclaimer in the license cannot double as a disclaimer in the social arena.
If you have voluntarily assumed the role of maintaining an open source project, it's perfectly reasonable for people to expect you to address merge requests and issues on the issue tracker. It's reasonable to expect a maintainer to process technical arguments and justify their technical decisions.
The maintainer of course has no legal or moral obligation to perform any of these tasks. If he should ignore these assumed responsibilities, the users of the software can react in multiple ways. They can fork the project or use something else. In both cases they are also completely and utterly within their right to put into question the reliability and credibility of the aforementioned maintainer. Especially where it concerns software that people rely on for critical processes.
All the "as is" clause means for security concerns (apart from its legal implications) is that the burden of making these guarantees lies on the community, and not the emitter of the software. It does not mean you should have no expectations of it at all and to suggest so is, frankly, nonsense.
Lastly, I think if anyone is "entitled" to anything, it's respect. If the developer of actix truly felt like he was not getting the respect he deserved then his reaction is completely justified.