cross-posted from: https://lemmy.ml/post/45529149
Here is the message where he found out what happened:
I didn’t receive any information about it but when creating a support ticket I was told my account has been flagged and I had to do some extra verification. I’ve created a support ticket now and will keep you posted. I’ll believe it’s nothing major though, I use 2FA everywhere, the last commit on all repos is what I expect, and all sessions and usages look fine
Absolutely fuck Github and Microslop, they can just vanish your projects without notice whenever they want with barely any justification for it, and then take their sweet time to fix it too.
I do not know for sure, but the repo did contain the dependency litellm with version specifier >=1.65.0 (if I recall correctly) and an early march build did use the version 1.81.0 per the uv.lock (version before the compromised litellm==1.82.7 and litellm==1.82.8 )
https://docs.litellm.ai/blog/security-update-march-2026
Not saying that the Dev was compromised, but it is possible, and it could be some Github precaution to disable repos with that dependency where a
pip installat the wrong time could have compromised all the Devs credentials.