data in transit

Yes, but then it is stored unencrypted on github. Ready to be used as training data. Which isn’t bad per se. Just pointing out, that the weakest link in your chain of security mrasures is the… weakest link.

If you wanted to secure your code, you could store it on-site, behind a firewall, in its own network segment, with encrypted offsite backups. Elliptic curves would help too in this scenario.