Ah, missed that. I agree it's not much help security-wise to not be able to generate new deposit addresses. I'll alert the devs to this issue right away.
I believe that after a certain number of new deposit addresses are generated, the old addresses will be retired (at least, the documentation suggests this is the case, I haven't tested it myself); thus generating enough new addresses to invalidate all of the existing addresses could be used as a kind of Denial of Service attack, as there may be funds transfers sent to these addresses not expecting them to suddenly be retired.