I personally upload private keys in repos for some test scenarios and examples (dummy private keys of course). I often don’t want to write a test harness to generate the data for each run. Sue me!
Yes, business wise github is a git hosting site. If they started implementing rules on how you structure your application customers would get frustrated and move away.
Just to be clear, I'm not suggesting a ban at all, just a friendly email in response to commits that introduce credentials to public repos
People already mentioned the major use case of testing, but building a blacklist of keys (e.g., the Debian OpenSSL there-are-only-64K-keys fiasco) is a plausible option as well.