And, ultimately, it's not rawgit's job to maintain a website. If you use a free service as part of your deployment it's your job to keep an eye on it in case it shuts down.

Rawgit has provided a fantastic service that's proved very useful and I'm glad it's been available as long as it has.

It is bit more complex than that. it is incredibly hard to keep an eye on whether a library you use has a dependency which uses such services, and even if they fix it in the next version it may not be fixed in the version you use.

If you're deploying your website and you don't know where assets are coming from then something has gone very, very wrong. You can't just ignore security completely and thrn blame a CDN provider if things break.