Jump to content

GitHub

From Consumer Rights Wiki

⚠️This article has been marked as incomplete. Sourcing or verifiability needs additional work.

A moderator needs to check the page before this notice can be removed. Visit the noticeboard or the #appeals channel in either Zulip or Discord to request removal.
More info ▼

Articles must provide verifiable, credible evidence for their claims and avoid relying on forum posts, personal blogs, or other unverifiable sources. You can help by replacing weak citations with reputable reporting, corporate communications, receipts, repair logs, or independent investigative coverage that demonstrates the systemic relevance required by the Mission statement and Moderator Guidelines.

GitHub
Basic information
Founded 2008-02-08
Legal Structure Subsidiary
Industry Developer platform
Also known as
Official website https://www.github.com

Github is a proprietary developer platform that allows developers to create, store, manage, and share their code. It uses Git to provide distributed version control and GH itself provides access control, bug tracking, software feature requests, task management, continuous integration, and wikis for every project. Headquartered in California, GitHub has been a subsidiary of Microsoft since 2018.

Consumer impact summary

[edit | edit source]
  • User privacy: GitHub is owned by Microsoft, raising questions about data usage. Around March 2026, GitHub engaged in aggressively integrating Microsoft's Copilot AI.[1] Many projects such as the Gentoo Linux project, have left GH due to the privacy and security concerns associated with AI.[2][3][4]
  • Transparency: While some tools like the gh CLI are open-source,[5] the platform itself is closed-source.
  • Market control: GitHub is the platform that hosts the most important repositories in the world.[citation needed (11 May 2026)] It's the de facto leader for hosting and managing source-code, often overshadowing platforms such as Codeberg and GitLab.
  • Reliability: Ever since Microsoft acquired it, GitHub's uptime has degraded.[6][7] Projects such as Ghostty have left GitHub because of this.[8] There have been multiple incidents (elaborated in the next section), such as Git-history corruption and security vulnerabilities. In a blog post dated 28 April 2026, GitHub apologized and stated they planned to improve the situation.[9]

Incidents

[edit | edit source]

This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the GitHub category.

Blacklisting of e-mail domains on new accounts

[edit | edit source]
GitHub restricting the domains of e-mails you can use to create an account on their site, effectively blocking the use of e-mail aliases to protect your privacy.

When creating a new account on the platform, GitHub restricts the use of e-mails from certain domains, such as to disallow the usage of e-mail aliases. This prevents the user from being able to, for instance, preserve their privacy.

Restricting accounts of "foreign" users (2019)

[edit | edit source]

Due to trade sanctions from the U.S.A., GitHub began restricting and even suspending accounts of any user who logged in from an affected country.[10]

Questions about data usage (2024—Present)

[edit | edit source]

GitHub does not specifically tell the user the data usage for AI with private repositories. This means that it might be using their data to train AI models by Microsoft such as Copilot.[11] Previously, Copilot exposed vital private repositories from big companies, raising even more concerns.[12]

Planned fees for self-hosted Action runners (2025—Present)

[edit | edit source]

On 16 December 2025, GitHub announced a new $0.002 per minute "cloud platform charge" for developers using self-hosted GitHub Actions runners on private repositories. It was due to take effect on 1 March 2026, but seems to have been postponed indefinitely owing to "tak[ing] time to re-evaluate our approach."[13]

Buggy merge queue (April 2026)

[edit | edit source]

On 23 April 2026, pull-requests (PRs) merged via merge-queue using the squash merge method produced incorrect merge commits when the merge group contained more than one PR. In affected cases, changes from previously merged PRs and prior commits were inadvertently reverted by subsequent merges.[14][15]

RCE via git push (April 2026)

[edit | edit source]

On 28 April 2026, it was disclosed that a remote code execution vulnerability had been found which allowed abusing git push commands to read and write data to certain repositories hosted by GitHub, including private ones.[16] GitHub fixed this bug quickly after it was reported to them.

Products

[edit | edit source]

This is a list of the company's product lines with articles on this wiki.


Add your text below this box. Once this section is complete, delete this box by clicking on it and pressing backspace.


  • Enterprise
  • Copilot

References

[edit | edit source]
  1. "GitHub Copilot". GitHub. Archived from the original on 26 Mar 2026. Retrieved 8 Jul 2026.
  2. Rudra, Sourav (17 Feb 2026). "Gentoo Takes the First Step to Ditch Microsoft Copilot-Infested GitHub". It's FOSS. Archived from the original on 26 Mar 2026. Retrieved 8 Jul 2026.
  3. Whittaker, George (19 Feb 2026). "Gentoo Charts a New Path: Moving Away from GitHub Toward Codeberg". Linux Journal. Archived from the original on 26 Mar 2026. Retrieved 8 Jul 2026.
  4. Kelley, Andrew (26 Nov 2025). "Migrating from GitHub to Codeberg". Zig. Archived from the original on 3 Mar 2026. Retrieved 8 Jul 2026.
  5. "GitHub's official command line tool". GitHub. Archived from the original on 28 Jan 2026. Retrieved 8 Jul 2026.
  6. damrnelson (Feb 2026). "GitHub's Historic Uptime". GitHub. Archived from the original on 9 Jul 2026. Retrieved 8 Jul 2026.
  7. "GitHub Uptime". GitHub Status. Archived from the original on 2 Jul 2026. Retrieved 8 Jul 2026.
  8. Hashimoto, Mitchell (28 Apr 2026). "Ghostty Is Leaving GitHub". mitchellh. Archived from the original on 28 Apr 2026. Retrieved 8 Jul 2026.
  9. Fedorov, Vlad (28 Apr 2026). "An update on GitHub availability". GitHub. Archived from the original on 28 Apr 2026. Retrieved 8 Jul 2026.
  10. tkashkin (24 Jul 2019). "Project status". GitHub. Archived from the original on 22 May 2026. Retrieved 8 Jul 2026.
  11. PeterH-euris (12 May 2025). "What specific data exactly will be send to Copilot?". GitHub. Archived from the original on 12 May 2025. Retrieved 7 Sep 2025.
  12. Browne, Jonathan Antonio (28 Feb 2025). "Copilot AI Exposes Private GitHub Code From Top Companies". Digital Chew. Archived from the original on 26 Apr 2025. Retrieved 8 Jul 2026.
  13. "Coming soon: simpler pricing and a better experience for GitHub Actions". GitHub. 16 Dec 2025. Archived from the original on 25 Mar 2026. Retrieved 8 Jul 2026.
  14. "Incident with Pull Requests". GitHub. 23 Apr 2026. Archived from the original on 8 May 2026. Retrieved 8 Jul 2026.
  15. Vendola, Phil (24 Apr 2026). "What Happens If a Merge Queue Builds on the Wrong Commit". Trunk. Archived from the original on 10 May 2026. Retrieved 8 Jul 2026.
  16. Tzadik, Sagi (28 Apr 2026). "Securing GitHub: Wiz Research uncovers Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854)". WIZ. Archived from the original on 19 May 2026. Retrieved 8 Jul 2026.
[edit | edit source]