> ongoing obligation. We would need to provide patches and do CVE reporting on discovered security flaws. We would need to track bugs. We would need to respond to user and developer queries. We would need to maintain the code and periodically come out with new releases.
I'm guessing that there is probably legitimate disagreement on that point, there are many instances of code dumps where a dead project is released without any obligation for ongoing maintenance. The quicker that is done the quicker that others can pick over the corpse for juicy tidbits.