View Single Post
Old 11-05-2020, 18:14
atom0s's Avatar
atom0s atom0s is offline
Join Date: Jan 2015
Posts: 327
Rept. Given: 25
Rept. Rcvd 107 Times in 52 Posts
Thanks Given: 49
Thanks Rcvd at 559 Times in 223 Posts
atom0s Reputation: 100-199 atom0s Reputation: 100-199
GitHub Source Code Leak

On Nov. 3, someone uploaded the full source code to GitHub to GitHub's own DMCA repo using a GitHub staff account. GitHub responded to the upload after taking it down within the hour of it being posted saying:

GitHub hasn't been hacked. We accidentally shipped an un-stripped/obfuscated tarball of our GitHub Enterprise Server source code to some customers a couple of months ago. It shares code with As others have pointed out, much of GitHub is written in Ruby.
This response came from the same name of the account that posted the source code.

However, the commits log says otherwise, with the commit saying:
felt cute, might put gh source code on dmca repo now idk
This appears to be similar to the previous leaks where an auth token was stolen that was used to access multiple private repos owned by Microsoft.

You can view the archive entry of the commit here:
You can find a full download of the commit here:
The current speculation as to why this happened is due to the recent RIAA takedowns of various repos on GitHub via DMCA'ing. Most notable is the 'youtube-dl' repo. That repo has been mirroed in several locations such as:

Personal Projects Site:
Reply With Quote
The Following 5 Users Say Thank You to atom0s For This Useful Post:
ARUBA (11-23-2020), emo (11-07-2020), Fyyre (11-22-2020), MrScotc (11-10-2020), tonyweb (11-06-2020)