This is more about education and changing a default.
The only issue here is not realizing the email field in the git config doesn't need to be your personal one or even real. And I agree more people should know this, but this is not something github or git needs to fix in any way.
If you think people should only use an email address that they want to be contacted with, that is where I am saying the issue lies. People signup to Github, commit some code without knowing Github is giving their email out to the world. You are arguing that is by design, but I am saying most people don't understand it works that way. It's an education thing or change of defaults.
No - the correct statement is: "People signup to Github, commit some code without [understanding that their local Git configuration] is giving their email out to the world".
Github is not giving their email out - they are. Their email ends up in the Git commit objects _on their local disk_, long before Github ever sees the commits.
Don't blame Github, Github is not at fault. The users who don't configure their system correctly are at fault. Github is just where those users voluntarily publish their email address (when the publish the Git commit objects that their local Git copy inserted their email address into). The identical issue exists with _any_ internet Git hosting service.
The distinction is subtle, but important. You can argue 'education' all you want, but your article blames Github, when it is not Github's fault, nor can Github do anything about it (because changing the content of the commit objects also changes their sha1 hash, making them _different_ commit objects, and breaking the Git repository in the process).
> You are arguing that is by design,
It is by design, this is how Git works. Create an empty git repository on your local machine, then make a test commit. Then look at the output of 'git log'. The email address you told git to include will be part of the log output. Why?, because it is part of the Git commit object on disk.
> but I am saying most people don't understand it works that way. It's an education thing or change of defaults.
Which is also fine, but your article is written as:
Github reveals your email addresses - they should stop doing so.
When the facts are:
You reveal your email address when you mis-configure Git and then push something to an internet Git hosting service.
Place the 'blame' where it belongs (users mis-configuring their local Git settings) rather than where it does not (Github).
Anyway, if you tick the keep my address private box on https://github.com/settings/emails, the email field on your profile won't show.
I don't think this is a big issue.