You don't fix security problems with the Same Origin Policy because you're trying to free up some anti-CSRF code to make developer lives easier. You do it because mistakes with that anti-CSRF code result in vulnerabilities, which harm users, who are an externality both to developers and standards authors. And those mistakes happen all the time.
The SameSite change we're talking about decisively mitigates most CSRF vulnerabilities. Once widely deployed, it probably kills the bug class, turning it into another bug bounty eye-roller like ClickJacking, rather than what it is now: a bug that is routinely exploitable on significant sites. It is more than worth it; it's one of the smartest things the browser vendors have done in awhile.
You're not wrong, the universe with SameSite available is safer than the ones without it. The migration is just frustratingly painful for those of us stuck between slow framework updates, unsupported browsers, and customers who are slow to upgrade our software. And for those of us who have csrf protections, it's effort spent just to maintain the status quo ante.
I like making the internet less dangerous to handle, so to speak, but there are always trade-offs, and I'm not sure that changing the default brings enough benefit to warrant all the pain.
To me, it seems like it would've been better to use this energy to push the community into opting into SameSite={Lax,Strict} by default (make it a 'best practices' thing). Get it added to automated security tooling, make the browser console print messages for cookies missing SameSite, etc.
Albeit, it is much harder to reach all the web devs in the world, and so some sites may not opt into SameSite and be bitten by CSRF, but that is in line with e.g. X-Frame-Options / Content-Security-Policy. It's not ideal, but it preserves backwards compatibility, which is a thing I value very, very highly.
I'm not saying that CJ has been mitigated by default the way CSRF is poised to be, but rather that it's very rarely exploitable, which is soon to be the case for CSRF as well.
The SameSite change we're talking about decisively mitigates most CSRF vulnerabilities. Once widely deployed, it probably kills the bug class, turning it into another bug bounty eye-roller like ClickJacking, rather than what it is now: a bug that is routinely exploitable on significant sites. It is more than worth it; it's one of the smartest things the browser vendors have done in awhile.