For security reasons, we will be making changes to third-party application access for Mozilla organizations on GitHub. This means that GitHub applications not run by Mozilla will have to go through a more formal approval process by Mozilla GitHub organization owners before they are added (not just anyone can enable third-party applications). This will help ensure third-party applications aren't inadvertently granted access to data in and privileges for Mozilla's GitHub organizations and projects that they shouldn't have.
When we activate the new security settings: * Existing third-party applications may lose access to Mozilla GitHub organizations and projects therein. This has the potential to disrupt tools, processes, and workflows. * SSH keys created before February 2014 will lose access. You will have to upload a new SSH key to speak with GitHub servers. * Hooks from private projects will no longer be sent to unapproved applications. * Other items listed at https://help.github.com/articles/about-third-party-application-restrictions/ There is no perfect time to perform this change. There will be some disruption. But since security is at stake, it needs to performed sooner rather than later. We have scheduled the switch for 1700 UTC / 1000 PDT on Tuesday, October 20. Mozilla GitHub organization owners will be on call in #github and at github-own...@mozilla.org to approve any urgent requests for third-party application approval. During this switch, the many popular applications such as Travis CI, Circle CI, ect. may experience temporary downtime. We expect the downtime to be under 5 minutes. Thank you for your understanding. Doug _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
