Hey lxmlers,

I recently found out that older organizations by default grant third party access to any github OAuth application that a user has enabled. This means that if any of such applications is compromised, this organization is open for attack. I therefore would recommend we go amend that here:

https://github.com/organizations/lxml/settings/oauth_application_policy

I don't think it has huge consequences as you can selectively enable those applications you trust after that, but I figured people using this org should be aware before it's enabled.

Regards,

Martijn