Are F-Droid security concerns still valid or have they been mitigated?

Basically as the title says. I’m sure we all read the various articles about F-Droid’s insecurities but these articles are quite dated (2-3 years?). I was wondering if F-Droid have taken the necessary steps to deal with these issues yet or if they still apply. I remember one important issue was the fact that they re-use package ID’s for apps, is this still the case?