Update: I’ve asked Github Support to please consider sending an email to users who get flagged and they’ve said they will raise the issue internally. That’s good enough for me. Overall I think Github handled this very well, but it doesn’t hurt to ask for improvements.
This morning I woke up, went to check on one of my Github Repos and got this unwelcome surprise:
I immediately sent a message to support asking what was going on and within about 15 minutes it had been restored. During the time it was “hidden”, my public profile and all my public repos returned 404 errors from Github. Basically erasing me from Github. I don’t know how long my profile was blocked, or why it happened.
I have over 5 years of history on Github. Thousands of commits to my projects and other people’s projects, active Wikis and Issues lists, hundreds of stars, etc. I am on Github, as a human, typing things every single day without fail.
This is pretty upsetting. For a short period of time everything I’ve done on Github, which is where I do all my Open Source work, was erased from the Internet. Even my code and repositories, which I thought were as safe as could be, were just gone. 404 Not Found.
This has really shaken my trust in Github, which is quite embarrassing since not two weeks ago I was publicly defending my decision to use it.
I don’t relish the thought of moving all my work off Github, but now I don’t know what to do. I feel like they can just erase me at any time.
Github has responded to my message and is not willing to offer any kind of explanation. Here’s the full transcript:
Nadia J (GitHub Staff) to me
You certainly seem human to me! Sorry about our bots getting a little overzealous with the spam filter.
I’ve cleared that flag now, so your account should be back to normal.
Nadia,Can you please explain to me how this happened? I have over 5 years of history on Github. I commit almost every day. I just filed two new issues for an open source project yesterday (through the web interface, typed by hand) and in my day job I commit nearly every day to a private repo. I’m active on Github every single day. I’m the owner of repos with hundreds of stars and many forks.This is hugely upsetting. Github basically erased my developer resume for a period of time. I have no idea how long my profile and repos were returning 404 and I have no idea if it will happen again and when. Can you please give me some details here?Thanks,Jason
Hey Jason,Sorry, but we have to keep our spam-detecting tactics hush-hush. If I were to share that information and word got out, it would be like releasing access to some of our security protocols into the big, wide world. I hope you understand.
That all being said, none of your data was ever erased, and you were always able to access your account and keep working. A flag like this simply hides an account from public view.
As you probably know, there is also a banner placed on the top of your screen whenever a user signs in and this flag exists on an account. This is placed immediately at the time of the flag being placed. Additionally, the inquiries we receive from users who were caught in the spam filter take top priority in our Support inbox. We respond to these messages as quickly as possible.
I understand that this is not ideal, but it’s a very rare side effect to keeping all our users’ accounts as safe as possible. It’s very likely you won’t see this happen on your account again.
Let me know if you have any other questions or if I can help with anything else.
I can barely express my frustration with this situation. I can understand maybe placing a warning banner or something to let users know that you suspect me of spamming, but Github hid all of my public repos and all the work I’ve done for 5 years. I am an open source developer and Github effectively took all of my projects offline without even a warning. Why couldn’t you have emailed me to check? Or show me a captcha or any of the many other ways that companies check for automated access?
This may just sound like venting, but it’s not. I am very seriously concerned about keeping my data with Github now when it can just be “hidden” at a moment’s notice with no explanation or notification.
I really hope you will consider changing this policy. I’ve been a huge proponent of Github for many years and now you’ve completely lost my trust.