GitHub 因使用 Actions 验证 VPN 节点而永久封禁了我的账户。
我是一名来自俄罗斯的20岁兽医学学生,正在开发反审查工具。2026年3月17日,GitHub因违反服务条款与GitHub Actions相关的规定,永久暂停了我的账户。
**项目介绍**
Raccoon Squad VPN — 一款基于Xray-core的Android VPN客户端,支持俄罗斯用户的DPI绕过。支持VLESS、VMess、Trojan、Shadowsocks、Hysteria2和TUIC。该项目完全在几个月内通过人工智能辅助构建。
**来源**: [https://gitlab.com/shray77/rsquad](https://gitlab.com/shray77/rsquad)
**我的操作**
我有一些仓库,聚合并验证来自公共来源的免费VPN节点:
- hpp: Python爬虫 — 获取节点列表,按SNI过滤VLESS XTLS,验证格式,进行TCP ping。每6小时运行一次,约30分钟。
- node-filter: Go L7检查器 — 通过Xray连接,验证握手,下载2MB测试文件,测量速度。每1小时运行一次,约30分钟。
- loshad-scoc: 新源侦查 — 50多个GitHub dork查询,15个PAT令牌轮换,HuggingFace API验证。
- zhopa-bobra: SNI流行度分析器。
关键事实:没有挖矿,没有密码破解,没有重计算。节点来自公共的raw.githubusercontent.com列表。网络软件的标准CI/CD验证。每天总共约1小时的Actions运行时间。
**时间线**
2月26日:因“怀疑被攻破”而暂停 — 恢复。
2月27日:因“垃圾邮件标记”而暂停 — 恢复。
2月27日:因仓库rsquad而暂停 — 被要求设为私有。
2月27日:因raccoon-release而暂停 — 无法遵守:被锁定。
3月2日:GitHub要求我删除仓库。我仍无法登录。
3月17日:提交正式法律申诉(7页),抄送legal@github.com。
3月17日:约70分钟后 — 永久封禁。
**困境**
GitHub要求我删除仓库以解决暂停问题。但账户已被暂停,无法登录。我多次通知支持团队,但没有解决方案。
**他们在扣押我的代码**
我无法访问我的仓库。没有导出,没有备份。GitHub实际上在扣押我的知识产权。根据GDPR第20条,我有无条件的数据可携带权。GitHub拒绝遵守。
这实际上是知识产权的盗窃。我所写的代码被锁在他们的墙后,没有合法的保留依据。
**GDPR违规**
第20条赋予数据可携带权。我被锁定,无法导出。数据保护官请求未得到回应,仅收到自动工单。
**当前状态**
- 提交了FTC投诉
- 联系了数据保护官 — 仅获得自动工单号
- 项目迁移至GitLab: [https://gitlab.com/shray77/rsquad](https://gitlab.com/shray77/rsquad)
我分享这些是因为执法过程任意,缺乏透明度,开发者在平台做出自动决策时没有任何救济途径。
查看原文
I'm a 20-year-old veterinary student from Russia developing anti-censorship tools. On March 17, 2026, GitHub permanently suspended my account citing Terms of Service violations related to GitHub Actions.<p>THE PROJECT<p>Raccoon Squad VPN — an Android VPN client based on Xray-core with DPI bypass for Russian users. Supports VLESS, VMess, Trojan, Shadowsocks, Hysteria2, TUIC. Built entirely with AI assistance over several months.<p>Source: https://gitlab.com/shray77/rsquad<p>WHAT THE ACTIONS DID<p>I had repositories that aggregated and validated free VPN nodes from public sources:<p>- hpp: Python scraper — fetched node lists, filtered by SNI for VLESS XTLS, validated format, TCP ping. Every 6 hours, ~30 min runtime.<p>- node-filter: Go L7 checker — connected via Xray, verified handshake, downloaded 2MB test file, measured speed. Every 1 hour, ~30 min runtime.<p>- loshad-scoc: Scout for new sources — 50+ GitHub dork queries, 15 PAT tokens with rotation, HuggingFace API validation.<p>- zhopa-bobra: SNI popularity analyzer.<p>Key facts: No mining, no password cracking, no heavy computation. Nodes from public raw.githubusercontent.com lists. Standard CI/CD validation for network software. ~1 hour Actions runtime per day total.<p>TIMELINE<p>Feb 26: Suspended for "suspected compromise" — restored.
Feb 27: Suspended for "spam flag" — restored.
Feb 27: Suspended for repository rsquad — asked to make private.
Feb 27: Suspended for raccoon-release — COULD NOT COMPLY: locked out.
Mar 2: GitHub demanded I delete repos. I still couldn't log in.
Mar 17: Filed formal legal appeal (7 pages), CC'd legal@github.com.
Mar 17: ~70 minutes later — permanent ban.<p>THE CATCH-22<p>GitHub demanded I delete repositories to resolve the suspension. But the account was suspended, preventing login. I informed support multiple times. No resolution.<p>THEY ARE HOLDING MY CODE HOSTAGE<p>I have no access to my repositories. No export. No backup. GitHub is effectively holding my intellectual property hostage. Under GDPR Article 20, I have an unconditional right to data portability. GitHub is refusing to comply.<p>This is, de facto, theft of intellectual property. The code I wrote is locked behind their wall with no legal basis for retention.<p>GDPR VIOLATION<p>Article 20 grants right to data portability. I'm locked out with no export option. DPO request unanswered beyond automated ticket.<p>CURRENT STATUS<p>- FTC complaint filed
- DPO contacted — only automated ticket number
- Project migrated to GitLab: https://gitlab.com/shray77/rsquad<p>I'm sharing this because enforcement was arbitrary, the process lacked transparency, and developers have no recourse when platforms make automated decisions.