companies should be better and if not, criminally liable for their bad code.
does this also apply to individual developers?
should Linux Torvalds or the ffmpeg developers go to jail if they merge a RCE zero-day into the Linux kernel or into ffmpeg?
if you cannot differentiate the 2, :insert rude thing here:
glad you are consistent in your beliefs