bsdisbetter I disagree with the rest. (Friendly of course). I don't want NetBSD to get jails, zfs, sandboxing etc. That's already done by FreeBSD and really it would be a waste of resources to even attempt them. I love that NetBSD still basically uses the same file system that 386BSD used. Rock solid. I think the endearing feature of NetBSD is K.I.S.S. :
well, while I'm a simple person myself who relies on UFS2 (and JFS on Linux!) under most circumstances, I think nonetheless that in 2019 having a CoW filesystem (aside from [LFS](https://en.wikipedia.org/wiki/Log-structured_File_System_(BSD) which has been in base for eons, but clearly nobody wants to use it) has become a sort of requirement if one aims at being of any use in real-life production scenarios (which I'm under the impression is something NetBSD still pursues as a goal, not being primary a R&D project , as opposite to OpenBSD).
That said, ZFS is on NetBSD already (the port was finished in 2018) and it finally made it into 9.0_BETA on recent snapshots, so chances are high you'll see it in the upcoming formal release as well (my kernel on desktop is compiled without, I'm not sure whether GENERIC amd64 enables it by default now or not).
I would have preferred if they rather tried to import HAMMER2, but ZFS is stable,featured, well-tested, largely supported and brings the convenience of being cross-platform...therefore I cannot blame NetBSD for choosing the convenience/usability path, due to the reason I explained above, even though as you stressed really well, ZFS is all but KISS, in few words, it's the Java of filesystems.
A NetBSD's unique filesystem I really like, and used from time to time on flash drives, is CHFS somehow similar to Samsung's F2FS; not many know about it unfortunately, and by now I'd say it's become obsolete due to lack of interest and maintenance.
As for sandboxing, browser hardening (including resource limits, restriction and monitoring on memory management, access to files, r/w operations, TCP stack) has become a major concern in the last few years (as desktop computing for many users substantially turned into using their OS as a bootloader for their browsers, their operating environment) and practically all modern OSs came up with sandboxing suites (pledge, AppArmor, Windows Defender, Capsicum, App Sandbox), so I really don't see why NetBSD shouldn't catch up.
As for jails, I confess not being a container fan either, not at all actually (well, I have a weak spot for Solaris Zones, unparalleled example of software enginerring imho). I would love if OSs weren't expected to provide containers, and if most small/medium businesses and private projects weren't hosted on containers and VMs owned by cloud providers, but reality is that the whole IT and Inernet world ended in a different (despisable) way, so, under many circumstances, one has to choose between adapting or fading away 1, unless they come up with a new, better-designed, and attracting solution, convenient enough to justify the fact of 'staying different' and leading people to go through the trouble of rebasing their project on such an alternative.
1 Even though Neil Young taught us: 'It's better to burn out than fade away'
PS: I appreciate any form of criticism and/or clarification on what I've said