The main problem is that it’s just not battle tested like GNU coreutils are. And Canonical has only tested this in one cycle, 25.10, before introducing it in an LTS. Would’ve made more sense to wait until 26.10.

Other find problem with it being MIT licensed.

I don’t use openSUSE, but seeing their security reviews tempts me…

It could be improved. Sebastian Wick and Lennart Poettering made comments on how hard POSIX makes it hard to be secure. There are better APIs that try to be safer.

• https://blog.sebastianwick.net/posts/how-hard-is-it-to-open-a-file/
• https://mastodon.social/@pid_eins/116459585811044061

And since uutils is not Linux only, it can’t use these safer APIs directly, or at least not without writing more platform-specific code.