OOM is a separate problem. It currently forces process abort instead of unwind-panicking, but there's a plan to have oom=panic option.
I don't think there are any plans to remove panic from std. panic is technically safe by Rust's definition of safety, even though requires extra care when mixed with unsafe. Personally I'd like to see better tooling for detecting and forbidding panics, like a built-in #[no_panic].
You can use write!(std::io::stdout())? to handle failures. println! is designed for convenience. It can't be changed to return an error, and I'm not sure if a silent failure is better than a panic.