Then why not provide one yourself?

Forking is a good option for companies, but not a good option for sole developers: one doesn't have that much energy.

Switching to other libraries like requests and aiohttp and supporting them by contributing is clearly a better option.

_My_ supply chain is not a big deal, lol. But this is HTTPX. A network library that has a considerable number of users.

When I say _considerable_, I'm essentially saying _nearly every_ big tech. The one I can tell for sure is OpenAI (not a fan of them though).

Remember xz attack?

Why can nearly every big tech take care of their supply chain? :)

Clearly, the maintainer doesn't want to do this job anymore, and it's not a requirement when releasing your code to also do stuff unrelated to programming.