explodingcamera/Github Security Issue Secret

## Github Security Issue
GitHub has discovered an error in the logic used to enforce OAuth App access restrictions, which restrict OAuth integration access to an organization's private repositories. In certain situations, when a member of an organization granted access to a third-party OAuth integration, that integration could have been given more access to some of your organization’s repositories than we intended to allow.

When an organization enables OAuth App access restrictions, GitHub generally limits OAuth integration access to private repositories.  This error in OAuth App access restrictions allowed third-party OAuth integrations, such as continuous integration providers, the same access permissions to certain private repositories within an organization as the user who implemented the integration had, provided they had authorized the integration for a scope capable of interacting with repositories.

These permissions only extended to organization-owned private forks of user-owned parent repositories; repositories created within the context of and owned by an organization were not affected by this condition, nor were non-fork repositories. For example, if a user who has read/write access to your organization’s repositories authorized a third-party OAuth integration, that integration would also have read/write access, but only to organization-owned private forks of user-owned parent repositories. The organization-owned forks potentially impacted are listed below:

XXXXXXX/XXXXXXX

This behavior was unintended and GitHub takes this matter very seriously. GitHub has already resolved this error and all private org resources are now properly protected when OAuth App access restrictions are enabled.

If the accessible forks contained sensitive information such as passwords, keys, tokens, or other access codes, we suggest you remove those from the repository and reset those secrets accordingly. In general, we also encourage users to follow sensible security practices for sensitive information, including limiting the scope of tokens or keys to what is required, and resetting tokens, keys, or other access credentials as needed.

If you intended to grant integrations access to the repositories referenced above or you need more information about OAuth App access restrictions, that can be found here: https://help.github.com/articles/about-oauth-app-access-restrictions/. Please contact GitHub support at https://github.com/contact if you have any questions or concerns.

Reference # XXXXXXX
	GitHub has discovered an error in the logic used to enforce OAuth App access restrictions, which restrict OAuth integration access to an organization's private repositories. In certain situations, when a member of an organization granted access to a third-party OAuth integration, that integration could have been given more access to some of your organization’s repositories than we intended to allow.

	When an organization enables OAuth App access restrictions, GitHub generally limits OAuth integration access to private repositories. This error in OAuth App access restrictions allowed third-party OAuth integrations, such as continuous integration providers, the same access permissions to certain private repositories within an organization as the user who implemented the integration had, provided they had authorized the integration for a scope capable of interacting with repositories.

	These permissions only extended to organization-owned private forks of user-owned parent repositories; repositories created within the context of and owned by an organization were not affected by this condition, nor were non-fork repositories. For example, if a user who has read/write access to your organization’s repositories authorized a third-party OAuth integration, that integration would also have read/write access, but only to organization-owned private forks of user-owned parent repositories. The organization-owned forks potentially impacted are listed below:

	XXXXXXX/XXXXXXX

	This behavior was unintended and GitHub takes this matter very seriously. GitHub has already resolved this error and all private org resources are now properly protected when OAuth App access restrictions are enabled.

	If the accessible forks contained sensitive information such as passwords, keys, tokens, or other access codes, we suggest you remove those from the repository and reset those secrets accordingly. In general, we also encourage users to follow sensible security practices for sensitive information, including limiting the scope of tokens or keys to what is required, and resetting tokens, keys, or other access credentials as needed.

	If you intended to grant integrations access to the repositories referenced above or you need more information about OAuth App access restrictions, that can be found here: https://help.github.com/articles/about-oauth-app-access-restrictions/. Please contact GitHub support at https://github.com/contact if you have any questions or concerns.

	Reference # XXXXXXX