The code is public and they could definitely write automated tests to check all they need to check, and at every single commit

The other thing they’d need to verify is that the app that’s uploaded to the Play Store or whatever other platform it’s on matches the code, which can be hard to deal if the build isn’t reproducible (that is, if every build produces a binary that differs in some way, like if there’s a timestamp embedded in it). This is one reason I like F-Droid - F-Droid build and package the apps on their end, so you can guarantee that the compiled app matches the source code.

For google drive integration, i saw that most devs are just removing support for it

I’ve worked on both sides of this (a big tech company providing an API to access data, and a smaller company or open source project utilizing said API) so I understand both arguments.

In addition to cost, there’s also complexity, as often the big tech company’s compliance issues/requirements become the small developer’s compliance requirements too. For example, there can be issues with storing data from European users outside of the EU, you may need a terms of service or privacy policy that explains what you do with the data, you need to handle erasing the data if the user deletes their Google account, etc. Other companies like Facebook have similar concerns, and the Facebook Graph API is relatively restrictive as a result (to prevent third party apps from abusing data, like what happened with Cambridge Analytica)