GitHub is a private company with one dual obligation, to prolong its existence and keep increasing its profit margin.

It is not any sort of arbiter for morality - morality being an externality to its central obligation - so it cannot be relief upon to “do the right thing”.

So it is not in any position of authority that would enable it to “approve”, in the moral sense of the word. They can only “allow” for the regex to be ran and the results sent off.

For example, the “right thing” for GH would be to increase profit, while for another entity might instead be to uphold its users’ privacy.

(You may think that it’s only for public repos, so they’re already made public, but isn’t GH here facilitating an aggressive collection and summation of information, that would otherwise be much more difficult and error-prone?)

The power of approval would rather come from an elected entity that would also determine who may request that such searches are executed, and which reasons would be valid.

Otherwise, we get a William Gibson-esque megacorp cyberspace future with clear but corporate Orwellian overtones.

Isn’t this obvious?

(I’m not being snarky at all - I’m genuinely asking: isn’t this glaringly and terrifyingly obvious?)