1. 4
  1.  

  2. 1

    Hi folks, I’m the CEO of GitHub. GitHub hasn’t been hacked. We accidentally shipped an un-stripped/obfuscated tarball of our GitHub Enterprise Server source code to some customers a couple of months ago. It shares code with github.com. As others have pointed out, much of GitHub is written in Ruby.

    Git makes it trivial to impersonate unsigned commits, so we recommend people sign their commits and look for the ‘verified’ label on GitHub to ensure that things are as they appear to be.

    As for repo impersonation – stay tuned, we are going to make it much more obvious when you’re viewing an orphaned commit.

    In summary: everything is fine, situation normal, the lark is on the wing, the snail is on the thorn, and all’s right with the world.