Is your feature request related to a problem? Please describe.
The current use of OAuth Apps in Decap poses a significant security risk by requiring access to all private repositories. This is a concern for many users, and a dealbreaker for some.
Describe the solution you'd like
I suggest transitioning Decap to use the newer GitHub Apps instead of OAuth Apps. GitHub Apps offer more granular repository access, providing much better security by allowing users to specify access permissions on a per-repository basis. This would fix https://github.com/decaporg/decap-cms/issues/4329.
Describe alternatives you've considered
Machine users have been proposed as an alternative, but that has many drawbacks.
Additional context
Transitioning to GitHub Apps aligns with best practices for security and would address the specific concerns outlined in issue https://github.com/decaporg/decap-cms/issues/4329. Users would benefit from improved control over repository access, contributing to a more secure and reliable experience.
Is your feature request related to a problem? Please describe.
The current use of OAuth Apps in Decap poses a significant security risk by requiring access to all private repositories. This is a concern for many users, and a dealbreaker for some.
Describe the solution you'd like I suggest transitioning Decap to use the newer GitHub Apps instead of OAuth Apps. GitHub Apps offer more granular repository access, providing much better security by allowing users to specify access permissions on a per-repository basis. This would fix https://github.com/decaporg/decap-cms/issues/4329.
Describe alternatives you've considered Machine users have been proposed as an alternative, but that has many drawbacks.
Additional context Transitioning to GitHub Apps aligns with best practices for security and would address the specific concerns outlined in issue https://github.com/decaporg/decap-cms/issues/4329. Users would benefit from improved control over repository access, contributing to a more secure and reliable experience.
See https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps