Putting a dynamic app like Github behind a CDN with page-caching just does not work. Sure they could freeze those projects and serve what is now essentially static HTML, but in day-to-day operations you're left using CDN products that let you serve static parts separately from dynamic parts, which is probably of dubious benefit during a DoS attack.
Github has got a bit of a read mostly situation. If read requests where funneled so that there was only one per URL per edge node at any given point in time (which edge side includes effectively gives you), it would make for pretty easy to manage load for Github.
