Key takeaway: "But, if they can't protect my fucking email address why the hell should I trust them with my clients code?"

Who else provides a product/service similar to github enterprise (internally-hosted dead-simple git repo and access system)? I've tried gitlab but it doesn't have quite the same polish.

Microsoft recently added Git support to TFS: http://tfs.visualstudio.com/

Bitbucket?

I assume you mean http://www.atlassian.com/software/stash/overview Admittedly I didn't realize they offered an internal version. I'm going to try this out!

Gitorious, which is free software.

Hard to work out what's actually going on here from that article, but it sounds like GitHub Enterprise sent out a bulk email with all 3000 recipients in the CC field of the email?

This morning I received a set of emails from Github Enterprise that looked like the following:

--------------------------------------

To: [massive list of GE user emails]

Subject: NotMyInc Inc., your GitHub Enterprise license expires in 31 days

Body: We're reaching out to remind you that your GitHub Enterprise license is coming up for renewal in 31 days:

NotMyInc Inc.

License 123456

Created: April 18, 2012

Expires: April 18, 2013

Whenever you're ready, you can place your renewal order here:

https://enterprise.github.com/purchase

If you have any questions about this renewal process, or if there's anything else we can help with, just reply to this email and we'll be glad to help.

Thank you for choosing GitHub Enterprise!

The GitHub Team

---------------------------------------

Each email was addressed to a different customer whose license is (apparently) soon to be expired.

Ah, the famous "send it to everyone in the loop". Made a smiliar mistake once myself, sent it 7 times per recipient in the list, getting bigger as it looped :(

That's how I read it.

Eh. Email addresses aren't really that valuable anymore. Spam protection is fairly sophisticated, even in the enterprise, so it is not really that big a deal.

Still shouldn't have happened though. :)

As a recipient of that email (several times), it's apparent a script went bad that had all users on the To: line, though still iterating through each company account. IMO it looks like a pretty basic coding error ... something that should have been checked before sending of course. No real account info aside from email addrs and company name was exposed.

Github did follow up with a "sorry" email. Note that it wasn't all true enterprise users. I did trial enterprise, but my company stayed with the hosted version only. Also, lots of the names on there were evidently @github test users and others I recognized as tire kickers (knowing they use only hosted GH as well).

End result - a little egg on face for Github, one very sad day for script kiddie email coder, and an indication (if complete) that Github has << 3000 GH Enterprise users.

I almost caused a mailout like this as well when I just kept adding recipients in a loop without ever clearing the recipient list again. (Using SwiftMailer, that is.)

A 'fake' SMTP server that just saved the e-mails to the file system as plain textfiles helped me to find the error before I actually sent the mails out. I am not entirely sure but I think it was this project: http://sourceforge.net/projects/fakemail/

Move fast! Break things!

3K email addresses, not "emails".

Also known as a non-issue (if you want to hide that you are using a service, you need to use a dedicated randomly generated mail address).