The entire source code for the code hosting service used by developers, GitHub.com, has just been leaked to the public.
In a suspicious commit to the official GitHub DMCA repository, an unknown individual uploaded the confidential source code, impersonating Nat Friedman using a bug in GitHub’s application.
At the heart of open-source, GitHub has long been criticised for keeping its source code private. The platform hosts millions of open-source projects, and critics say GitHub’s position is somewhat hypocritical.
However, this raises questions around the security of GitHub’s source code, and whether or not GitHub have anything to lose, if they do plan to release the source code in a public setting.
Some worry this will damage the overall security of GitHub, and this may be true. Commonly, closed-source applications perform “security by obscurity”. This means the source code is hidden, with the intention of concealing security risks.
Since Microsoft’s acquisition of GitHub in 2018, Microsoft have repeatedly emphasised their “love” for open-source. We have seen this through repeated commercial advertisements, which aim to place Microsoft at the forefront of open-source development.
Some users, such as Drew DeVault, suggest Microsoft is attempting to centralise open-source. Through closed-source applications, and proprietary extensions to Git, GitHub is seen as a platform that tries to contain open-source. An example of this is when GitHub went offline for two hours, leaving thousands of open-source projects inaccessible and unusable.
GitHub is, in many ways, the Google of open-source development.
Perhaps GitHub as 12 years late in finally revealing their source code to the public; and maybe this is just what we need. What do you think?