If commercial redistributors that are getting paid for Python 2.7 support don’t step up to pay the
pip developers to continue doing that work, then why should the
pip developers continue donating that labour to them for free? (and the same question applies to
cryptography et al)
I’ve been on the other side of that fence: if the volunteers are still doing the work, the answer to internal funding requests is “Nah, the community is already handling that just fine”, so redistributors only step in when it’s abundantly clear that if they don’t do something, then they’re not going to be able to meet the support commitments they’ve already made to their customers.
(Tangent: being able to state this openly is one of the nicest aspects of not working for a redistributor any more)