As an open source maintainer myself, I don’t think it’s an insulting position at all.

I think you’re being overly simplistic with your position because there is a sane middle ground where maintainers are honest about their projects (eg so often pet projects have readme’s that describe POC code as if it’s production ready, and that’s not ok)

I’m not suggesting that users of open source packages don’t also have responsibility to vet the packages they import. But so often I’ve wasted time vetting a package that has made bold claims in the README only to discover it’s basically beta software. And that can be hours of my free time wasted just because the author wanted their CV to sound more impressive.

On my open source projects, I very clearly list when things are going to be beta quality, where experimental code lives, and where stuff is tested and considered safe for production use. I do that because I value people’s time. Just like I value my own time. And it only takes me 2 minutes to add that detail to the readme.