[ANN] Changing GitHub Third-party application access policy setting and suspending Travis-CI GitHub App
27 views
Skip to first unread message
Takayuki Shimizukawa
Apr 28, 2022, 9:31:32 PM4/28/22
to sphin...@googlegroups.com
Hi Sphinx developers,
In response to the following article, I have taken action on the GitHub sphinx-doc organization.
The sphinx-doc organization does not have any private repository. However, I considered this case to be urgent and took action without discussing it with you.
Specifically, I did the following
1. check emails from GitHub/Heroku/Travis-CI
2. check third-party application access policy
3. invalidate OAuth token in Heroku Dashboard/Travis-CI
4. Investigate Audit log
Specifically, I did the following
1. check emails from GitHub/Heroku/Travis-CI
2. check third-party application access policy
3. invalidate OAuth token in Heroku Dashboard/Travis-CI
4. Investigate Audit log
-----------
1. check email from GitHub/Heroku/Travis-CI
There were no emails that seemed to be relevant.
I heard that my non-sphinx-doc friends received the following email.
"Subject: Important information about your GitHub account".
I heard that my non-sphinx-doc friends received the following email.
"Subject: Important information about your GitHub account".
2. check Third-party application access policy
It was not restricted, so I enabled the restriction.
It was not restricted, so I enabled the restriction.
before, it was not restricted
setup
Now restricted.
3. invalidate OAuth token in Heroku Dashboard/Travis-CI
I checked GItHub App.
Heroku was not there, but Travis-CI was, so I suspended it.
Travis CI is actually no longer available on OSS, so I don't think it will have an impact.
If there is a problem, please let us know.
4.Investigate Audit log
Confirmed. There was no log for `action:org.oauth_app_access_approved`.
There was a log for `action:repo.download_zip`, but it was until the end of last year, and it is a public repository to begin with, so there seems to be no problem.
Please let us know if there is any impact from this action.
Also, if there is anything else that needs to be done, I would appreciate it if you could let me know.
Thank you in advance.
Also, if there is anything else that needs to be done, I would appreciate it if you could let me know.
Thank you in advance.
Komiya Takeshi
Apr 30, 2022, 11:55:34 AM4/30/22
to sphin...@googlegroups.com
Hi Takayuki,
Thank you for your work. +1 for revoking permissions for Travis CI because we've not use it now.
Thanks,
Takeshi KOMIYA
2022年4月29日(金) 10:31 Takayuki Shimizukawa <shimi...@gmail.com>:
--
You received this message because you are subscribed to the Google Groups "sphinx-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sphinx-dev+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/sphinx-dev/CADstH-5ypm2k%2BkD4S8QJM9rGD4jjE5PTxx2xvWiXTrWaL8Qvpw%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages