Is your feature request related to a problem? Please describe.
I'd like to use this extension with private org repos, but I don't really trust giving write access.
Describe the solution you'd like
Improved OAuth to support organizations, or support for fine-grained PATs
OAuth doesn't support a "read-only" access level to repos. Its either "repo" access level, or no access to repos at all. Hence, there is no way to change it with OAuth unless GitHub makes support for that option.
.
At the time of developing the extension, Github GraphQL API (which the extension completely relies upon) had no support for fine grained tokens.
But now it seems it is supported. And it works out of the box, with no modifications to the extension. You could choose "Custom PAT" option in the extension authentication page and enter the fine grained token there. It works.
.
The permission required is "Read-only" on "contents" option of the repositories it is meant to be used on. (It can be specified while generating the fine grained token.)
Is your feature request related to a problem? Please describe. I'd like to use this extension with private org repos, but I don't really trust giving write access.
Describe the solution you'd like Improved OAuth to support organizations, or support for fine-grained PATs
Describe alternatives you've considered None