There was nothing cynical about my comment. So you are sad for no reason.
The privacy implication of handing over access to private code repos to a complete stranger is real, and this project should warn users that this is what they are doing, front and center.
This project could (and arguably should) have been built in such a way that it didn't require you to hand over read access to your private code repos. It could have been built as a browser addon or greasemonkey plugin.
"I would think someone trying to view a private file is aware that they are signing in via Github to share it." - I don't agree. That is why I wrote my comment. I think lots of people would not even consider the implications of what they are doing.
This project doesn't even appear to have a privacy policy or terms and conditions, of any description, so who knows what they're doing with your source code. They could legitimately clone all the private repos that you give them access to, and keep them for statistical analysis or for personal commercial exploitation. Maybe you created a private repo for a NodeJS project but didn't switch the default license specified by NPM from ISC because nobody else should ever have seen the code. Now you've just given your code to a third party with a license that is functionally equivalent to MIT. They can chuck it up in a public github repo and let whoever wants to, use it.
The privacy implication of handing over access to private code repos to a complete stranger is real, and this project should warn users that this is what they are doing, front and center.
This project could (and arguably should) have been built in such a way that it didn't require you to hand over read access to your private code repos. It could have been built as a browser addon or greasemonkey plugin.
"I would think someone trying to view a private file is aware that they are signing in via Github to share it." - I don't agree. That is why I wrote my comment. I think lots of people would not even consider the implications of what they are doing.
This project doesn't even appear to have a privacy policy or terms and conditions, of any description, so who knows what they're doing with your source code. They could legitimately clone all the private repos that you give them access to, and keep them for statistical analysis or for personal commercial exploitation. Maybe you created a private repo for a NodeJS project but didn't switch the default license specified by NPM from ISC because nobody else should ever have seen the code. Now you've just given your code to a third party with a license that is functionally equivalent to MIT. They can chuck it up in a public github repo and let whoever wants to, use it.