Another reason for being open source is that, you will never know a close source client will send your private key to somewhere or not. Open source cannot guarentee a total safe behaviour but at least programmers all around the world are watching
nostr:npub1t9a59hjk48svr8hz6rx727ta6kx53n5d6fw8x26vsua0zytpl87sa6h4uw certainly was competent and churned out quality work in no time. It was the most promising for some time apart from being closed source. And what happened then is kind of the reason why I hated to help him debug it. I had sent numerous bug reports his way for what?
Discussion
Nostrgram uses nip07, so key exfiltration wasn't the concern. The assumption that open source projects magically get "programmers all around the world watching" isn't right neither. Sadly most open source projects have only their core team watching. Watching a quickly evolving software project is a full time job that people don't do lightly. Only projects that are used by many teams get good scrutiny.