Even if they have the source, they may not have all the build tools anymore.
Or they have the build tools but the wizard that set up the build system back in the day no longer works there.
Or they have the build system archived and documented but it doesn't run because some license expired, and the tool vender doesn't sell that version anymore.
In the near future, there will be another possibility - SaaS cloud tools that are impossible to preserve so they are forever lost.
Let's wait for per-user instance filters to be implemented, then everyone can block instances to taste. As long as their users don't cause trouble in our communities, there's no need for our instance to act as a moral guardians and decide what our users can and cannot see. Defederation is a nuclear option that should only be done if their instance is disrupting our instance's operation (spamming and breaking rules while in our communities).
I like that sh.itjust.works currently federates with almost everyone, and I can see a big part of the fediverse from here. It would suck having to visit multiple instance to see the whole fediverse.
This is the real damage. China is establishing a surveillance culture in the west. By threatening to hack our computers, they hacked our culture instead.
I work at a company that is doing more and more security controls and it's sad to see the culture of openness get chipped away little by little by this.