GitHub should not just reverse and make repo public and archived "as is", because there are many rolling distributions (from Gentoo to LFS), submodule pullers, CI systems, unaware users, which may pull and install the latest backdoored commit of archived project.
However if you want to access exact copies of backdoored tarballs, they are still available on every mirror, e. g. in http://gentoo.mirror.root.lu/distfiles/9f/ . For project of this level artifacts are checksummed and mirrored across the world by many people, and nothing wrong with that.
However if you want to access exact copies of backdoored tarballs, they are still available on every mirror, e. g. in http://gentoo.mirror.root.lu/distfiles/9f/ . For project of this level artifacts are checksummed and mirrored across the world by many people, and nothing wrong with that.