This whole thread seems to be unaware about Debian.... so I'll give an actual answer.
Debian only actually updates their software packages every 2 years, this is for stability purposes. However you still need to fix some severe bugs so about every 2-3 months Debian does point releases that are only updating for security fixes. This is one of them.
When Debian 14 actually releases it will upgrade nearly all of the packages that are in your base system.
Chatgpt just cribs from stack overflow, which in turn just cribs their answers from documentation. Once you figure that out, they both become surprisingly useless.
The bizarre thing is that they are only analysing something like 40 programs/library. You could reach the same conclusion clicking through their gitlab for a few minutes.
The translation rate is the actually interesting part.
"Game dev... Just force Rust into it"
What's wrong with Rust for game dev? It seems similar to C++, and C# which are the dominant languages.
I can see arguments that the current projects have poor approaches, but not that the language itself is ill-suited.
You're correct in your assessment of the worst-case of distro maintainers, however many distro developers/maintainers do contribute to the upstream ( Debian policy explicitly encourages it, I only speak for Debian because that's the only project I've worked in) and do vet and understand the software.
"It can't be better". Except distro maintainers can block it from being included if they find errors. As noted above they also often file pull requests against the upstream. This happens a fair amount actually.
I think you are completely missing the point. Packages distributed by Debian are less likely to be insecure because Debian policy requires reviewing all source code to make sure it meets interoperability and open-source standards.
Regardless of how frequently this is actually done, if it's done at all is a point in favor of using Debian distribution. The fact that Debian has introduced errors themselves in a few cases is irrelevant, any developer can do that and crates.io is full of them with not even an attempt at additional review.
You need to balance whether or not the distributor is fixing or introducing more bugs, and in the case of Debian it seems to be overwhelmingly the former.
Your argument that crates.io is a known organization therefore we should trust the packages distributed is undermined by your acknowledgement that crates.io does not produce any code. Instead we are relying on the individual crate developers, who can be as anonymous as they want.
Debían developer is a specific position that you apply for. Anyone can be a maintainer. Well, I had to get approved but I don't know the qualifications, I already had code in Debían vía GNOME.
"just how many people are fucking terrible at their jobs".
Apparently so. When I review mathematics software it's clear that non-mathematicians have no clue what they are doing. Many of them are subtlely broken, they use either trivial algorithms or extremely inefficient implementations of sophisticated algorithms (e.g trial division tends to be the most efficient factorization algorithm because they can't implement anything else efficiently or correctly).
The only difference I've noticed with the rise of LLM coding is that more exotic functions tend to be implemented, completely ignoring it's applicability. e.g using the Riemann Zeta function to prove primality of an integer, even though this is both very inefficient and floating-point accuracy renders it useless for nearly all 64-bit integers.
bc can handle extended-precision integers, unlike bash which maps them to floats.
I don't know how to break this to people but the vast majority of coding is boilerplate projects to solve trivial problems. Those jobs are disappearing (and have for years), what still exists is applying rigourous methods of computer science to solve specialised problems.