The article (2 years old) explains you could get someone's public keys from github and then compare them with other public keys (they mention on ssh servers) to see if a person is using the same key elsewhere.
The argument boils down to the fact that ssh will also give you a list of valid public keys.
It doesn't seem very critical to me, and anyone who is worried could just use a different key for github which is good practice anyway imo
Public key, by definition, is public. Exposing something that’s public can do very little harm.
Here is more discussion:
https://security.stackexchange.com/questions/150540/is-it-co...
By definition, the public key is _public_, there's no real risk in publishing them.