SUMMARY
I am the maintainer of the MacPorts packaging (port) for QCA. We recently moved to using OpenSSL3 as the default in MacPorts, which required updating QCA.
We have a policy of providing each port for the oldest OS version that can be supported with a reasonable effort, since Macs are valuable and long-lived computers. Contrary to Linux, older Macs are often locked in on older OS versions, and thus do not have access to more recent Qt5 versions (again, contrary to Linux). A similar situation exists for MS Windows, AFAIK.

I thus had to spent a few hours introducing conditional code that falls back to the equivalent from QCA v2.2.1 when being built against a "too old" Qt5 version, thus making it possible again to build against as "ancient" a version as Qt 5.3.2 (thus allowing users locked in to Mac OS X 10.6.8 to use the latest crypto/security related features provided by QCA and OpenSSL3).

I do not want to suggest to burden the release and development QCA versions with this conditional code, but I think the interest is high enough to consider adding a legacy branch for my patched code or simply to include the patchfile in whatever way (directory) KDE would provide such a file. A priori that branch or patchfile would be updated at every QCA release (by me, presumably).

The patchfile in question is hosted on github and could also be downloaded from there if you prefer not to incorporate it in either version but instead mention its existence in a note in the README or INSTALL file.