How about making a distinction
If it's open source, and for free - apply no/lesser rules
If one is taking money for it - apply rules
If it needs to be super-safe - require third-party audit, apply rules for super-safely
If it's open source, and for free - apply no/lesser rules
If one is taking money for it - apply rules
If it needs to be super-safe - require third-party audit, apply rules for super-safely