Yeah, I kind of lament them removing this warning if I'm going to be honest. It feels like something such as that should be more common best practice.
Of course decent log collection/monitoring should also be able to catch authlog stuff and alert accordingly and I'm sure most organizations rely on solutions like that instead of letting things get lost in email
This is a pretty short diff and it clearly does NOT do that, unless you're saying they went back later in another commit to add this. They removed the message in all situations. The string "This incident will be reported" has been removed from the source code; it could not possibly print that message now.
Is there more to the change than the linked commit? Because if not, looking at the code change I don't see how you could possibly be correct. There is no additional logic/branching that could be checking whether sudo sends mail or not, just a string change.
I feel like that warning comes right out of the era of multi-user machines with unprivileged shell accounts. That era is largely gone. Today, someone, possibly a less knowledgeable user, runs sudo on their single user laptop that they completely own outright, and may get confused who they're being "reported" to.
But there is a renewed focus on corporate laptops to remove admin rights on windows. Not really because the user is not being trusted, but because malware has a lot more options for bypassing EDR/antimalware and persistence when it runs with admin rights.
I'm sure this will come to Linux too at some point.
Of course decent log collection/monitoring should also be able to catch authlog stuff and alert accordingly and I'm sure most organizations rely on solutions like that instead of letting things get lost in email