Hey lxmlers,

I recently found out that older organizations by default grant third party access to any github OAuth application that a user has enabled. This means that if any of such applications is compromised, this organization is open for attack. I therefore would recommend we go amend that here:


I don't think it has huge consequences as you can selectively enable those applications you trust after that, but I figured people using this org should be aware before it's enabled.