I'm not a software engineer so this criticism directed at them will probably get down voted. Why isn't security - and that includes secure code - one of the first priorities in design?
Thanks this is helpful. It's limited to 2013-2015 but links to the following U of Arizona study which references an archive of IRC channels between 09/2016 and 01/2018:
https://www.gwern.net/docs/sr/2018-du.pdf