A side-effect of developing from a normal-sized git repo is that you have a copy of your "blockchain" locally.
I won't claim that github/gitlab couldn't somehow do evil remotely and cause you to nuke the code history next time you build from a hacked pull request or something. But even then there's a decent chance at least one developer hasn't done the evil git pull. And if that's the case I just copy it from them and I'm back where I was.
If I understand correctly, nothing at all like that was possible in the FTX case.
I won't claim that github/gitlab couldn't somehow do evil remotely and cause you to nuke the code history next time you build from a hacked pull request or something. But even then there's a decent chance at least one developer hasn't done the evil git pull. And if that's the case I just copy it from them and I'm back where I was.
If I understand correctly, nothing at all like that was possible in the FTX case.