Elevating privilege is pretty important and the code supporting it has to be right. Yes, sudo had a glaring vulnerability in it, but do I think I should install some git code into PureOS, the company I trust to de-blob the Intel Management Engine? I think I will trust Purism and not jump into some random code like doas. Offer me an open Bluetooth driver and I might git that into my laptop …
Just offering a point of view as to why not to.