I briefly looked into it (from the same NixOS issues), there's a GitHub issue somewhere about it [1]
Effectively as I recall it a large amount of Sublime Text plugins internally rely on an old version of Python (3.3) which in turn relies on OpenSSL 1.1.1, there is concern that forcing the python version to something newer will largely break their plugin ecosystem as a lot of the plugins are expecting Python 3.3 and may not be compatible with 3.8 or later versions with supported OpenSSL.
It's probably not a major security risk unless the plugins are making network connections, but it is an unfortunate situation.
The thing that frustrates me about Sublime’s position is this (from that link):
> With most packages being no longer maintained there's little chance to get that file into existing repos.
So you can’t break backwards compatibility because “most packages” aren’t maintained. But that means those packages are no longer receiving bug fixes.
As a new Sublime Text user (within the last year), the package situation is definitely frustrating. There seems to be a lot of pride within the Sublime staff and core volunteer group, some of which is deserved, Sublime is an amazing editor. But at some point they’re going to have to admit that the current set of packages isn’t perfect and deprecate a bunch of them.
Effectively as I recall it a large amount of Sublime Text plugins internally rely on an old version of Python (3.3) which in turn relies on OpenSSL 1.1.1, there is concern that forcing the python version to something newer will largely break their plugin ecosystem as a lot of the plugins are expecting Python 3.3 and may not be compatible with 3.8 or later versions with supported OpenSSL.
It's probably not a major security risk unless the plugins are making network connections, but it is an unfortunate situation.
Edit: [1] https://github.com/sublimehq/sublime_text/issues/5984