Tell HN: GitHub banned me permanently

63 points by siproprio ↗ HN
A few months ago, I’ve made some controversial comments on an open source project discussion that I regret. Because of these comments, GitHub decided to permanently ban me from the platform.

I can no longer have any account on GitHub, new accounts that I create are hunted and suspended.

I tried appealing the ban, and months have passed with no response from support.

This means that GitHub has effectively suspended my ability to participate in the development community, and also I cannot work as well, because my company uses GitHub, and as soon as GitHub finds out that a account is used by me, the account is immediately banned under the justification that it is being used to sidestep a decision.

I don’t know what to do anymore, I’m afraid, I’m going to be fired if I can’t work, what I’m going to do?

Edit: this thread is flagged, did I do anything wrong? Should I change something, or delete it?

141 comments

[ 0.25 ms ] story [ 194 ms ] thread
get a lawyer
On what basis is GitHub obligated to provide them service?
If GH is preventing OP from performing their job for their employer, they could possibly be accused of tortious interference, since they are preventing a legal contract between other parties.
Except that the contract already covers misuse and other rules with suspension as a result. But nobody reads the rules, and instead complain when they are applied to them.

Inversely, it would be interesting to see what the result is if the ban was not following the contract and terms of use but just the choice of an individual moderator. I don't know how much wiggle room they have to make such choices.

I'm talking about the contract between OP and their employer - that's the contract that it could be argued Github is interfering with.

I'm not even remotely close to a lawyer, so I may be completely off.

(comment deleted)
Unfortunately I’m in Brazil, GitHub does not operate in Brazil.

I’m thinking of suing a distributor or the local Microsoft subsidiary.

Suing on what base? It doesn't make any sense.
I knew it! I wonder what the hell you said that they are doubling down on it. Well without shaming you on your mistake, I will try to discuss your matter with some law specialists here.
VPN, pseudonym, don't reupload any previous projects, avoid contributing to same projects that created problems, behave better in the future? I don't see how they could 'hunt you'.
I can’t avoid contributing to work projects though.
Are they private repos? Also forget everything you know about Github being a social platform. Leave the emojis and memes on your phone.
I don't have a Github account, yet my code is in there with my name on commits. Someone else cloned the repos and pulls from them regularly.

The identity working with the code doesn't have to match the code.

Are you saying they will ban some "foo" account if it pushes code into a repo where some of the commits are authored by some user "Non Grata <bar@whatever.com>"?

Or how does it work?

Try and get your employer to put pressure on them. Your employer pays them.
I really dislike the trend of locking people out of professional work and banking due to bad or disagreeable speech. I really don't see a world in which this doesn't lead to some sort of backlash that we're all going to wish hadn't happened.
Read China and Taiwan history to find how such policies end.
The "backlash" is that people who care will migrate to other Git hosting providers, of which there are several, at least two of which are HN darlings.
Particularly on the banking front, I wouldn't be so sure that this trends only results in people moving to say GitLab.
We need to normalize strict separation between our social and work life.
Yeah github is a funny one - I use my personal github for work, and I know many people who do. Whereas if your work uses g-suite or outlook/O365, it's not like you just use your personal google or hotmail (or whatever ms has now) account with it. Separate, and centrally managed would be better, I don't know how we got here
To be fair, Github actually considers it a best practice to only have one account, but I think they really want to keep it all about the social graph.
Long ago I tried to split mine and the problem I ran into was messiness with ssh key management and I actually asked GitHub to merge them back into one. It was obvious it was a pain in the ass.

(That was 12 years ago I haven't checked if https/oauth made things better)

The real problem is companies that expect employees to use free consumer-grade services for their work and are therefore held to those SLAs. Github has an enterprise plan where an employer can use their own SSO and doesn't have to rely on you setting up a personal account. Why not use that instead? Right, because they have to then pay for it.

If you are using a service for work, you should not be expected to maintain a direct relationship with them. It's on your employer to negotiate account creation, terms of use, payment, banning or whatever else. This is exactly how something like, say, Slack works.

I think part of the problem here is that github is banning all accounts he has access to. So even if he has a work and private account, both could still be banned. We dont know if they would escalate to a paid githut corporate account or not, but it is not inconceivable.
Github is banning all their personal accounts. Enterprise ones are governed by completely separate agreements. They probably won't even be able to identify you in that case considering you aren't the one creating the account, your IT admin is.
note that not all enterprise setups use enterprise managed accounts.

you can also use GHE with unmanaged accounts that are still connected via SSO for approving access.

using enterprise managed accounts and unmanaged accounts on the same system can be quite annoying because you'll need to use different browser contexts (container tabs, separate browsers, etc.) and also different hostnames for ssh cloning to use different ssh keys.

https://docs.github.com/en/enterprise-cloud@latest/admin/ide...

https://docs.github.com/en/enterprise-cloud@latest/admin/ide...

Drama Queen :)

Make a new account from a fresh email and you are probably good to go.

How would they know it is you? If you use your work email, yeah, you have to ask your employer to give you another one. But is that so hard?

If the permaban is appropriate is a different discussion. Without seeing that comment that go you banned, it's impossible to say.

They're probably using among other things IP addresses.
You mean they banned the whole hedge fund OP works for?
They're probably seeing a new account pop up and using the ip range along with some machine info leaked by the browser to pin down the OP, or just the machine info.
No. And also they banned me before I started working for the hedge fund. Previously I worked at Siemens, we did not use GitHub, we had a self hosted Gitlab instance.
That's way too general. An entire company and dozens of people could be behind one IP address.
Sure, if you only try to use it from work that may make ti a bit harder to pinpoint which is why I said among other things. I think we're all aware that browsers leak information about you and your machine if you aren't careful.
I tried that. It’s the third account they terminated.

Whether or not the comment warrants a permaban or not, I’d gladly delete it, avoid the behavior in the future, and also clearly regret it!

Figure out how they figure out.

IP? Unlikely. You probably do not use a static IP that only you use, right?

Your ssh keys? Delete them.

Cookies? Delete them.

Fingerprint? Use a different browser to find out.

Etc etc.

If you are not too technically versed, maybe start from a fresh computer.

Work and home ip address/geolocation.

Work domain.

Work projects.

Browser fingerprinting.

Vscode telemetry data.

Windows telemetry data.

There are lots of ways to track it, and probably there’s a machine learning algorithm that helps it, because every time I find a loophole, when I’m suspended again the loophole stops working.

> If the permaban is appropriate is a different discussion. Without seeing that comment that go you banned, it's impossible to say.

When you need github access to have so many jobs, it starts to reach the point where basically no comment should result in a permanent ban.

It also means we need to learn the art of judicious commenting.
A really bad comment shouldn't have harsher consequences on your life than many criminal punishments.
I don't disagree. Doesn't mean that there aren't lessons to be learned about the long-term consequences of our speech.
Who decides which comments are 'bad' enough to get you banned?

"They are a private company and can ban whoever they want"...

OK, and suddenly you find yourself banned for expressing an opinion which totally fits with your own ideology and which you thought was the epitome of virtue. You just forgot the company got bought and the new management follows a different ideology. Is the company still right in their decision to ban you? If not, why not?

I said nothing about company policies. The issue of social media entitlement are orthogonal, and could easily rear their head if the dev you bad-mouthed in a comments ends up being your manager. Perhaps I'm just an old geezer, but I'm very careful to keep my business clean for anything that may touch me financially.
Why does it matter if the company is right? What I wonder is what remedy all the people who complain about privately owned communication infrastructure are actually asking for? For instance, this site is moderated and you will be banned if you break the rules - would you make that illegal?
The main issue is that GitHub is used by OP's company as a work service. There should be expectation that if a company is still trusting someone as an employee - then for WORK he should be allowed to use whatever business tools the company he's employed in has paid.

Imagine, if you will - a financial analyst getting banned from Bloomberg Terminal due to some issues in Bloomberg.com.

Isn't that silly?

I find most aspects of social media silly, and combining it with a git repository especially so. But I still don't understand what it is that people want here - to use the government (as Libertarians would say, men with guns) to force Bloomberg to sell their services to that financial analyst?
Keep in mind that corporations are artificial legal constructs. If the government wants to put rules on companies with thousands of employees, that's very different from putting rules on people.
"corporations are people, my friend."

- Mitt Romney

> How would they know it is you?

Systems in use at several Big Tech companies can cross check any number of (meta) data attached to the account, resulting in flagged accounts and possibly even automated bans.

This is the reason that at least some permanently banned people on Twitter need to use VPN, a new name/bio and a burner phone to create and maintain a new account. Using a IP address used to access the old one and/or the same phone number and/or the same or a very similar name/bio (probably using a Levenshtein like algo to check similarity) automatically flags the new account.

I don't have a solution but I regularly make controversial but polite points on Microsoft's open source projects so this worries me. I am anti-Telemetry and against some of the decisions they have made as a business which have impacted usability of their tools in my sector.

Perhaps we should simply not be building organisational dependencies on this product.

Well, there’s also the point that a person might even regret comments they made!

But the ban is forever, there is zero transparency, and no appeal.

Why would there be? They're not obligated to provide service to you.
Sure, but do you really want to live in a world where a 3rd party can block your employment for something you said that is merely offensive but not against the law? Even worse, a ban with no a appeal process that lasts forever.
Again: I don't understand why anybody expects GitHub to moderate or adjudicate these dramas. They're a source code hosting site, not a university disciplinary board.
I totally agree. I don't even see how they have any upside here, if they do this too much they'll lose business and doing it at all invites people to demand that they keep doing it.
I don't understand. The problem is that they did want to moderate/adjudicate this across the entire site.
No: a user caused problems for them, and they kicked them off the site, the same way you'd get kicked out of a McDonalds for walking in without pants.

If you do the Internet equivalent of walking into GitHub without pants and they kick you off, and you gave them money, we can have a conversation about whether they should give you your money back (I guess I probably would). But other than that, what's there to talk about?

Make a new account that isn't traceable to the reputation you lit on fire, or go to any of the other perfectly viable Git hosting sites. You can even run your own.

I get not wanting to tell your boss why your old GitHub account doesn't work anymore, but: you're going to have to have that conversation, probably.

> Make a new account that isn't traceable to the reputation you lit on fire

They tried...

And doing that leaves a blade dangling above your head even if your behavior is perfect on the new account.

Why can't there be anything you can do to wipe the slate mostly clean? Maybe even donating $100 to charity and giving github a few dollars for wasting their time.

If you really feel like GitHub bans are a "blade dangling over your head", use GitLab, or Source Hut.

GitHub is not going to develop a charity-linked rehabilitation program for people who shit on their carpet. They're just going to ban you. They're a business, not a public utility.

There's some unpleasant subtext to being blocked from GitHub that has nothing to do with someone's ability to write code: it's that your employer is certainly going to ask "uh, why are you not able to make a GitHub account?", and when you tell them "because I shat on GitHub's carpet", they may very well fire you. But that's on you, not GitHub.

> They're a business, not a public utility.

That's the standard line. And it has problems when applied to companies with tens of millions of users.

People say it has problems, because that makes for fun message board debates, but the arguments are deeply unserious. Go use Source Hut.
Saying that there's a sliding scale toward being effectively a utility is "deeply unserious"?

Is it also "deeply unserious" when I say it's bad that shopping malls are privately owned areas masquerading as public spaces, which lets them ban people in ways that actual public spaces can't? Because there's a lot of literature on that topic, and I see it as pretty similar.

Yes, yes it is unserious. Shopping malls aren't public squares, as several decades of US jurisprudence has ably established, and the collapse of shopping malls in the face of ecommerce amply demonstrates that the argument was silly to begin with. You couldn't have picked a better bit of evidence for my argument; thank you.
I don't think you understand what I'm saying. Yes, legally they are very much not public squares, and that is a bad thing.

I'm talking about what should be, what is good for society. Not how the legal system currently works. Talking about that is not "deeply unserious".

And nothing about the collapse of malls changes that either.

They were never legally determined to be public squares, and that's a good thing, because that would be an eminently stupid decision to make about an institution that will be about as relevant to American life as drug store soda fountains in 10 years. And so it goes for the awesome societal importance of GitHub. Inconstancy is my very essence, says the Wheel.
> because that would be an eminently stupid decision to make about an institution that will be about as relevant to American life as drug store soda fountains in 10 years

Malls lasted a long time. But why is that a stupid decision? Let's not even say "decision" though, let's just say every mall offered to rent the hallways out to the local government at a nominal fee, nothing else changed, no lock in. Wouldn't that be a significant improvement?

And when I said earlier, tens of millions of users, if github wants to be small again then it will go back to the bottom of the sliding scale.

No, it wouldn't, because it turns out that malls are not actually an important part of the fabric of American life, or even commerce, and it would be dumb to invest more importance in them. Mostly, the only reason anyone ever talks about malls anymore is to make arguments about who should be allowed to use the n-word on Twitter.

(I'm probably being hyperbolic, but I'm sorely tempted to test the hypothesis with the search bar below.)

Letting people walk around malls, during their heyday, was just as important or more important than letting them walk around public streets. And that importance was used for a lot of bad discrimination of various kinds. Saying "no, everyone is allowed in the hallways unless they start breaking the law" does not invest more importance in them, it just helps everyone have fair access.

Related: https://99percentinvisible.org/episode/beneath-the-skyway/

If your employment is limited because you are banned arbitrarily from a tool for any reason then the situation is wrong.

Regardless of that, my entire org relies on github globally. If we could not onboard or retain someone due to this I would raise this with our risk and compliance board and the product would be written off from the accepted vendors list almost immediately and cause a fuck load of evaluation and migration work and a $100k/year enterprise customer to disappear for them. That's how bad this is.

We already did this to two other vendors and we don't get a choice. It's a business risk.

It's not getting banned, it's why you got banned. You could get banned from a tool nobody even gives a shit about for reasons that will absolutely get you shitcanned from a variety of jobs. You could get locked out permanently from Google Mail and Github simultaneously and still keep your job if the reason it happened truly was that you made a fair-minded and impassioned case against closed-source development tools that was so persuasive freaked evil vendors out. It's all about the circumstances.
That is correct. Which is why I don't give a fuck about the circumstances. I care about the risk to the organisation. And that is a tangible one. And it must be mitigated.
If you’re worried GitHub might ice one of your team members, use something else. GitHub is extremely up-front about their willingness to ice users.
Well, you won't be able to onboard the original poster.
Being banned from GitHub can prevent you from doing your job or gaining future employment. Being banned from a single McDonalds doing prevent you from buying fries at 90% of places that sell fries.
So the government (of which it would be specifically the US government) should force GitHub to not be allowed to ban anyone?

I see complaints with zero solutions for a private company.

Well, in US law they might not be.

But in other countries, is more complicated than that.

In Brazil, those kinds of bans behaviors are not ok under consumer protection laws, and also their TOS where they don’t guarantee anything even for paid accounts is definitely not ok and suable for damages if something happens.

Good luck. You know that there are some optics to how responsive you are to these comments, and how un-responsive you are to comments that asked you to say more about what your "controversial comments" were. I'm beginning to think they might not just have been about ad blockers.
> I'm beginning to think they might not just have been about ad blockers.

Did the first line about regretting the comments not indicate that pretty clearly?

I really don't want to accuse you of being deceptive for rhetorical effect, but are you actually "beginning" to think this? Am I completely misreading your comments?

Edit: This comment was a waste of space and I didn't express myself well but I was half a minute too slow on the delete button.

It's not at all clear to me what the comments were, and I don't think the level of regret matters really at all to the analysis. If I punch you in the nose, I will surely regret it moments later, but that isn't going to save me much trouble.
I said in another comment, most of the comments were on the Python extension repo for Vscode, about the quality of the extension and feature choices, many people were criticizing as well, and the trend of moving towards closed source.
You keep saying that but haven't described any of the comments in anything but the vaguest terms - so vague that the descriptions alone sound like an implausible basis for a ban.
I don't wish to link my identity to this hn account. This is what I got from gh support:

```

Your accounts were disabled following reports that its content or activity may have been in violation of the following prohibition found in our Acceptable Use Policies:

"We do not allow content or activity on GitHub that:

is off-topic, or interacts with platform features in a way that significantly or repeatedly disrupts the experience of other users"

Specifically, the activity that was reported included posting repetitive and disruptive comments in Visual Studio repositories, which we found to be in violation of our Acceptable Use Policies.

```

You were reported for saying something about open source and github banned you for it? This still doesn't seem to add up at all. How many comments are we talking about? Did they contain, oh, I dunno, slurs? And again, you can paraphrase the comment(s) which you seem to remain very reluctant to do.
No slurs. No offenses. No bad words, no cursing, etc.

I’m not going to paraphrase because the threads were erased. I don’t have most of the comments actually.

Mail me at my username at duck.com and I’ll send you the handles of the account, you can search GitHub yourself.

If the comments are as boring as you're suggesting they are, you don't have a real problem. Tell your manager what happened and work with them to arrange an account you can use.
Because due to market share they’re effectively a monopoly and this ban has very real repercussions for the OP’s ability to make a living.
No, they're not.
Github is indeed not a monopoly as far as a fitted out office building is not a monopoly. It does have an extremely high exit cost. And it's not reasonable for the owner of an office building to refuse access for your staff for saying something horrible about them.

Offices (and SaaS products) are dangling on a thin thread. It doesn't take a lot to lose customers. Lots of them. Especially when working from home (hosted gitlab) is a reasonable option. Most offices near me are converted to housing. You can't convert github to housing so it has even less tangible value if it pisses users off which starts a chain reaction of risk.

It's also bloody unreliable and in the forefront of people's attention for risk already.

Okay then, let's see you try to get a job by telling the hiring manager, "by the way, GitHub has perma-banned me so if you hire me, you'll have to change your entire organization's usage from GitHub to something else."

Let us know how that goes for you.

Get a new phone number.

Get a new email address.

Use a clean/new browser profile.

Create a new github account.

If that doesn't work, I'm curious to know how Github connects the accounts to the same person.

Work and home IP address, possibly. Work domain. Vscode settings possibly.
Yes I guess the set of IP addresses used by an account could narrow it down.

Use a VPN and perhaps get a different computer or use a different browser in case they've fingerprinted it. That seems like a lot of effort for GitHub to go to but I guess it's not impossible.

I didn't even know GitHub permanently banned people, notwithstanding users from sanctioned countries.
Seems like this could have been better handled by suspending you from commenting and creating issues instead. Best bet is probably appealing like you've tried already.
Why not use your work email to create a new account? How will they know it is "you"?
Fingerprinting and tracking cookies from other services, such as Google.
What does that even mean? Github cannot access "tracking cookies" from Google. They have very limited data available to them (browser cookies - easily cleanable, IP address – can use VPN or just renew your lease from your ISP, other scripts – block them through a browser extension). If you are getting tracked across the internet by Github – especially as a software engineer – you are simply not trying hard enough.
Browser fingerprinting and the such.

I'm not exactly sure how it works. But Reddit has banned my accounts whenever I make a new one and i've deleted all of my Reddit cookies, they somehow find me.

That's covered by the "browser extension" part. Firefox even does most of the blocking out of the box.
Reddit fingerprints you very aggressively. Cookies are not used here. Every single pageload, they scan all your fonts, plugins, etc.

They also exfiltrate this data back in ways to prevent blocking, by completely randomizing the API endpoint used to submit it and also not use a dedicated endpoint. For example on each pageload it might send to /submit, or /register, or /friend, it'll just pick a random valid endpoint and "front" that

They also continue to do this while you are logged out to tie your IP to the fingerprint.

    hxxps://www.redditstatic.com/reddit-init.en.4-tSxFR4sOk.js


^F "Arial"

Commonly spoofed fingerprints will result in a permanent ban automatically.

So expressing regret did not work, it rarely does and is widely considered a sign of weakness. Perhaps it have worked better to double down on your offensive positions, strengthen them, draw in deranged allies. (\s, maybe)

Or find an employer that does not require github which is like 99% of employers.

Apparently your username is a Portuguese psychological term that means self-reflection, that is cool. But maybe expand outside that.

The username is a reference to Jim Incandenza, a character from Infinite Jest.
It's likely tracking cookies from another website they are using.

For example Google.

I have the same issue with Reddit. I can create an account on a different email and use it fine for a few days and then boom. But I stopped using it on anything I am logged into my Google account with and it's been fine for months.

What do you access Github on? I would create a separate user profile for work. Do not log into any services such as Google on it that Github have linked to you and you should be fine.

REddit is crazy. Every thread is filled with [deleted] talking to [deleted]. It seems like most of the throwaway posters get passes, the one posting <= 3 word replies. But all the top well thought out multi paragraph conversations all end up happening between deleted users.
Fortunately there's the Pushshift archive, which mitigates that somewhat - replace "reddit.com" in the URL with "unddit.com" or "reveddit.com", these sites will fill in removed comments from this archive.
If you have iOS for Reddit. Check out the traffic and data Reddit collects. Reddit is using blockchain to fingerprint everyone now.
It's crazy, I got banned from a silly subreddit for not really doing anything wrong but fair enough, it's one where the mods are known to be like that.

I have a different account that I use on a work computer, I ended up posting in that same subreddit without realising my original account was banned (hadn't logged into it and noticed that was the case)

Reddit Perm banned both accounts for ban evasion and for awhile any other account I made, even though i did nothing wrong or didn't post on that subreddit again, until I made sure to use completely clean profiles whenever I want to use reddit.

Annoying.

Similar thing happened to me after forgetting my mobile device was logged into the wrong Wi-Fi network, they permabanned two unrelated accounts as well that I used for completely different purposes. I appealed and got one back that I use to post on a gaming subreddit, but not the other that I used to post on a subreddit for a medical condition. Very strange, and irritating.
You have been fingerprinted. Look into digital fingerprint. Google and Reddit work together to guarantee you are censored.

Nowadays. The comments on Reddit are GPT3. No real users comment anymore. Next year. This will be an issue. Now, it’s just a experiment Reddit is running before IPO.

What was the nature of the controversial comments you made? This thread is starting to spin off into concerns that, for instance, being "anti-telemetry" (like 85% of HN) would get you banned. Is that what you were talking about? Or was it something... more controversial?
Most of the comments were on the Python extension on the Vscode repo about the quality of the extension, and the trend of moving towards closed source extensions.
I said 85% of HN people would probably agree with an anti-telemetry argument. Something closer to 95% would agree with "trends towards closed source development tools are bad". My question for you: why do you "regret" these comments? What aren't we hearing about this story right now? This isn't adding up.
(comment deleted)
I regret the comments because they caused me to be banned and were disruptive comments that violated the TOS of the service. This type of behavior is to be avoided in the future. The nature of disruption is not 100% clear to me, I asked for clarification but gh did not provide clarification.

Mail me at my username at duck.com and I’ll send you the handles of the account, you can search GitHub yourself. Some threads were deleted though.

What sort of comments did you make?

> This means that GitHub has effectively suspended my ability to participate in the development community, and also I cannot work as well, because my company uses GitHub

> I don’t know what to do anymore, I’m afraid, I’m going to be fired if I can’t work

You'll have to have a discussion with your employer/manager about why you can't use github any more.

I said in another comment, most of the comments were on the Python extension repo for vscode, about the quality of the extension and feature choices, many people were criticizing as well, and the trend of moving towards closed source.
What exactly did you say? I'm intrigued as to what they consider is the tipping point for a lifetime ban.

(Partly out of sheer curiosity and partly so I can avoid this myself, as I also have a habit of making somewhat feisty comments, when I'm off my meds and in a bit of an obsessive rage about something.)

Mail me at my username at duck.com and I’ll send you the handles of the account, you can search GitHub yourself. Some threads were deleted though.
in addition to the steps mentioned, avoid re-using ssh keys
IMHO, Github is for, well Git repos, so I would understand of the behaviour described resulted in a ban on commenting in other people's Github but a blanket ban seems very heavy-handed.

On the other hand, maybe Github has enough on its plate not to bother trying and they just blanket ban on a significant enough red flag.

Looks like you got a personal moderator on HN too :)
If your employer uses only GitHub as git host and not use proprietary extensions like issues, you could simply have your company IT mirror (or do it urself) the repos to another host and setup sync - gitlab can do it - you can do it urself as well with few shell scripts.
You can’t figure out a way to get around this?

Sheesh, what happened to hackers … ?

See here the problem with a large centralised provider.

People that support non-discrimination should consider moving their repositories to smaller providers.

Talk to your boss, presumably someone else can upload your work. What have you been doing for the months it has been like this?
I've been trying to find a legal page with legal contact for GitHub since the topic was opened, with no success.

The only contact information I can find is this email for privacy requests, which should be good enough, they have to process legal requests they receive privacy@github.com

For Microsoft there is this Page https://www.microsoft.com/en-us/legal/policies AskCELA@microsoft.com

It's not clear from your messages whether you are a subscriber or your organization is a subscriber or both or neither. This affects how to access support and escalate and what claims you may have (your company should have a contract with access to enterprise support if they are customers).

It's not reasonable for GitHub to ban you with no justification and no recourse and make you lose your job.

Get a lawyer yourself. Or get your company to escalate through their support channel or legal.

Warning: We only have one side of the story. If you were posting abusive messages to Github in your name and/or in the company name, on company time. The company may review the messages and may find them abusive too and may fire you.

Some messages could be viewed as flame/kind of abusive in the sense of criticizing a msft open source project, and they were absolutely not made in the company’s name. Obviously I deeply regret any trouble they could have caused.

Msft said it was a GitHub decision, they can’t interfere.

I would expect MSFT to process official legal requests they receive for themselves and their subsidiaries.

EDIT: After more digging, I found the contact, the terms of services here https://docs.github.com/en/site-policy/github-terms/github-t... are linking to this legal section here https://docs.github.com/en/site-policy/other-site-policies/g... that contains address and email for legal requests. This is incorrectly put in a page "Guidelines for Legal Requests of User Data" but it's not about data request, it's for all legal requests.

There’s not so much we on HN can do about this.

I would suggest that you talk to your manager. If your company pays for GitHub, hopefully they can get in touch with support and/or a sales rep and get it sorted.

I don't wish to be uncompassionate.

But I must respectfully note, I think if you're asking for help to circumvent a punishment by GitHub, one needs to know what the nature of the "controversy" was. There are certainly some 'controversial' viewpoints that are vile enough that I'd rather not help someone who had their views.

I respect that you're in a sticky wicket. But this seems no different from pre-Internet times when one might lose their job from insulting a close vendor or client your employer works with. Imagine you were in a bar in a one-company town talking about a sexual conquest, only to turn around and see your employer, who reveals your conquest was a 20-something child of theirs. Your choice at that point is pretty much to move.

You failed to have the self-awareness that you were in a venue that could affect your livelihood and made a mistake so significant that it can't be retracted or made up. That has happened both off the Internet and on it since time immemorial.

The question you are asking now is not how to handle the situation, but how to continue the behavior of disguising yourself to circumvent the punishment. I think that (a) is a question that shows you are not owning up to your behavior (which itself is problematic); and (b) is the wrong strategy to take in this situation, because any circumvention or working outside the GitHub system is _conceivably_ fragile and could collapse at any point, leaving you with the same problem once more.

My own suggestion - and I make this with reluctance not knowing whether the 'controversy' is something vile - would be to do two things. Both would be extremely hard.

First, I would approach your HR contact, apologize for your conduct with the most remorse you can demonstrate, and see if their person/contact (sales, support, whatever) at GitHub can help you in this situation. Assuming they want to keep you, they can even say to GitHub, "Look, we want to keep this person employed, what can you do for us? Can you provide an ability to commit code without commenting ability?" Etc.

Second, pursuing that guidance separately, I would see if anyone here, or any personal or professional contact of yours (cf. LinkedIn, etc.), has any contact at GitHub, or any friend-of-a-friend at GitHub, etc., so that you can speak with someone personally.

Certainly the repeated attempts (and deletions) at circumvention likely are not doing anything but racking up points on the 'don't let this guy back in' meter, whether that's automated or not.

Lest you think I am unsympathetic, I once made a decision that might've potentially locked me out of a great deal of future employment. I truly believe what made the difference in that situation was that I owned up to my error and looked the wronged parties in the eye and apologized directly. I explained the human factors leading me to make the wrong decision, while explicitly saying it didn't excuse the mistake. Humility is rare enough in today's world that it can oft make a difference.

I wish you luck in your resolution of this issue.

About the ‘nature’ of the comments, see here:

https://news.ycombinator.com/item?id=33577471

They were not offensive, they were not disrespectful, they were actually valid complaints, and I also used to participate a lot, and since people echoed the comments, they were considered ‘disruptive’.