Research how open source works
Each git commit has its own unique sha1 id, that builds upon the previous commit (also identified by sha1 id), much like bitcoin's block chain itself.
It will be obvious if anybody hacks github.com and adds unwanted source code changes.
I know how OS works. I also know how it possible to make very subtle changes to crypto code (For example, compromising a random number generator before a whitening stage to hide the result. This is how Racal Milgo, Crypto AG and Cylink compromised their commercial encryptors under orders of NSA in the mid-1990s). My concern is not a hacker making unwarranted or hidden changes but one of the 'trusted' BTC developers.
JM