Hi Sphinx developers,
In response to the following article, I have taken action on the GitHub sphinx-doc organization.
The sphinx-doc organization does not have any private repository. However, I considered this case to be urgent and took action without discussing it with you.
Specifically, I did the following
1. check emails from GitHub/Heroku/Travis-CI
2. check third-party application access policy
3. invalidate OAuth token in Heroku Dashboard/Travis-CI
4. Investigate Audit log
-----------
1. check email from GitHub/Heroku/Travis-CI
There were no emails that seemed to be relevant.
I heard that my non-sphinx-doc friends received the following email.
"Subject: Important information about your GitHub account".
2. check Third-party application access policy
It was not restricted, so I enabled the restriction.
before, it was not restricted
3. invalidate OAuth token in Heroku Dashboard/Travis-CI
I checked GItHub App.
Heroku was not there, but Travis-CI was, so I suspended it.
Travis CI is actually no longer available on OSS, so I don't think it will have an impact.
If there is a problem, please let us know.

4.Investigate Audit log
Confirmed. There was no log for `action:org.oauth_app_access_approved`.
There was a log for `action:repo.download_zip`, but it was until the end of last year, and it is a public repository to begin with, so there seems to be no problem.

Please let us know if there is any impact from this action.
Also, if there is anything else that needs to be done, I would appreciate it if you could let me know.
Thank you in advance.