I downloaded the Catalyst Theme from the site library. Having a new account, I would just like to know if the security updates for the Generate Press common theme will also be applied to any of your site library themes. Also, I noticed that there are additional plugins that are downloaded and activated with any one of these themes. Are these plugins going to continue being updated for any security issues that may arise? I try to not have to have a lot of plugins because there could be vulnerabilities the more plugins you activate and how do I know if these plugins will be supported long term. Will everything work with the new version of WordPress coming out with Gutenberg?
the Sites are a package made up of theme settings and content. Very similar to the package that would be created if you were to duplicate your own website. So they are not a theme and would not introduce any vulnerabilities. All Sites are vetted before they are added to the library and are maintained for relevance and best practices. This process is overseen by Tom personally.
Only plugins approved by GP are included in a Site build. Approval is granted once continuous support is proven and / or Tom has checked the code himself. The designers are under strict briefs to what can be used and to keep that to a minimum. If at any time there was an issue relating to a particular plugin, it would be assessed and if necessary replaced with an alternative.
In regards to Gutenberg, this very site is built using the editor. I and other users are currently using the plugin. And as it stabilises within core i expect we will see more GP updates relating to it.