25 Jan
2022
25 Jan
'22
9:10 p.m.
Hi Martijn! Martijn Faassen schrieb am 25.01.22 um 11:11:
Hey lxmlers,
I recently found out that older organizations by default grant third party access to any github OAuth application that a user has enabled. This means that if any of such applications is compromised, this organization is open for attack. I therefore would recommend we go amend that here:
https://github.com/organizations/lxml/settings/oauth_application_policy
I don't think it has huge consequences as you can selectively enable those applications you trust after that, but I figured people using this org should be aware before it's enabled.
Good call. I enabled that setting. If anything stops working unexpectedly, that was me. :) Stefan