They're using neither. It's a cross-domain call so Github could block a regular AJAX GET by just not including ACAO headers. So they are using $.get with dataType 'script'. This is basically like JSONP without the callback - it adds a script tag with the remote URL to the page which means the client has no choice but to run the contents.
JSON.parse takes a string of "JSON" and turns it into a JS object. It doesn't evaluate the string in a JS context at all, which is what eval() does.
Some people have used eval() to do JSON parsing because JSON is a subset of JS, but if the user has any control into making malformed JSON, they could do so to create JS that can do anything the page can from the context of another user, otherwise known as Cross-Site-Scripting (XSS).