If an owner of a repo on GitHub decided to take the repo down one day, would the source still be available for my dependency manager to fetch? I assume GitHub doesn't keep back ups and make them available via re-direct?
Is it common practice to clone a repo and store it somewhere trustworthy before you link it as a dependency to your project?
Its all about artifactory, since artifactory (maven central, google maven repo, jitpack or whatever it is) keeps that artifact, you are fine.