Were his other actions (impersonating another user, compromising other accounts) also to demonstrate vulnerabilities or just unnecessary semi-malicious actions on his part?
They were not malicious but, imho, they crossed the line. It's not be too difficult to justify something simple like opening a closed issue but once he did things that interfered with other peoples accounts that's the point at which I feel no sympathy for for him being suspended.
Downvoted for pointing out what the OP conveniently ignores? Or downvoted for daring to even appear to go against the hivemind?
Edit: I guess that answers that question. As pointed out in other threads the response to this has shown that HN is no different to other sites and not in a good way. I wasn't even being critical in my original comment but the very suggestion of dissent against the mainstream response is deemed non-conforming enough to warrant anonymous downvoting. That 'hivemind' mentality is the reason I left Reddit. At least others have pointed out this more eloquently than I in relation to this incident.
If you actually read my comments you would see I say the exact opposite- that's it's easy to justify opening the issue. My original comment just highlighted the fact the parent conveniently left out details, simplifying the narrative intentionally in my opinion.
1. Egor finds a vulnerability and reports it. https://github.com/rails/rails/issues/5228
2. It gets ignored and he is being called a troll.
3. He proves that he was right by doing a harmless commit to to the rails master repo.
4. The vulnerability gets fixed quickly as it got the focus of the community.
5. His account gets suspended
Not sure I agree with the suspension.