Its a workaround for a bug in Bundler which can cause sources from github to be loaded via HTTP and not HTTPS – which makes it vulnerable to man in the middle attacks.
git_source adds a source which you can use so that the gem is downloaded from a git repository instead of a package from rubygems.org.
git_source(:github) do |repo_name|
repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("https://stackoverflow.com/")
"https://github.com/#{repo_name}.git"
end
Would make it so that when you declare:
gem 'foo_bar', :github => 'foo/bar'
Bundler would attempt to download the gem from https://github.com/foo/bar.git.
Since fixing this would be a breaking change as it would invalidate any existing Gemfile.lock it is fixed in Bundler 2.x. At that point it should be safe to remove this workaround.