I don't think simply paying maintainers will solve the problem - it may help (or may not) - after all, what happens when a maintainer is just ... well .... done - burned out - tired of maintaining it a particular package?
In any event, at the very least, this incident highlights a need at least for project survivability beyond individuals involved at some point - and I think that point has been reached for Hubzilla. It's an important enough project. Personally, I rather it NOT be co-opted by a single or small group of commercial interests who will woo us with the promise that they will "not be evil" - while they "Extend and Extinguish" the opensource version.
I watched a popular ad server almost succumb to this.... phpads --> openx --> revive ad server --- say what you want about online advertising, phpads/openx/revive COULD permit an ETHICAL ad service to arise (I think there is such a thing in theory - but never really seen it in practice) - but the project almost died. Hubzilla is in a bit of a more precarious position - being MIT licensed instead of GNU - (Now isn't the time for a licensing debate - just noting a difference between the projects).
As a community - we need to begin serious discussions about how we will organize and sustain the project. @h.ear.t | tobias
has alluded to this as well (thanks!!) - and it's been an ongoing topic. If nothing else, this article should lead us to consider that it's time to put some "meat" on the bones and figure out the HOW.
!!Hubzilla Support Forum Event-stream: 100 million downloads, unmaintained, hacked. Now can we pay the !@#$% maintainers?