Has anyone actually read the original report from HCSEC?
It turns out the report highlights issues with Huawei's engineering processes, use of old software here and there, code equivalency errors, etc.. this is at worst, sloppy. Some western companies have been found to be in a worse state in the past yet no-one cared. Huawei must get its house in order no doubt, but if anything these items represent risks which must be mitigated to the degree required by each end user/consumer/customer. No other company in the industry is remotely required to undergo the level of scrutiny these guys are. Is there a risk that a multi-billion dollar with double-digit growth YoY company would risk its entire future in exchange for spying for the Chinese gov? well yes, in the same way there's a risk a c*ck-shaped meteorite lands on my backyard right this instance and saves me from having to hear the USA contingent look stupid at MWC trying to dig out dirt on these guys.
Facebook has been found to allow companies to mass download and exploit user data, Purestorage settled a lawsuit with EMC for IP theft a few years back, US telcos have just been found guilty of selling location information to bounty hunters.. you get the picture, there are no saints.
Control the guys? yes. Keep a short leash on them? yes. Exclude from 5G overall? sounds stupid. Exclude from CNI/secret gov/GCHQ stuff? of course. IT's called common sense.