Or it's important, but nobody has the skills/time/familiarity/acceptance from upstream maintainers combo.

Compared to the FOSS origin myths, many huge projects, with tons of end users, including very foundational ones, like GTK+ and OpenSSL and such, are understuffed (or just 1-2 base maintainers heavily overworked, who do 99% of the work and can't take it anymore), and nobody cares or has the time to dive in and fix anything.

Other projects that might have some person interested to bugfix, have maintainers that don't like contributions outside a clique, and ignore bugfixes submitted for years or forever.

So, "any user can fix it" is sometimes just in principle, while actual users than can fix and do fix it are thin on the ground, and othertimes it's just an option for external patches, that will not be merged upstream.

Proton-bridge is a premium product you only get by being a paid subscriber. If it is open source, they should not be expecting contributions. One pays to make sure issues like this can be fixed, they don't pay to fix the issue themselves.