Closed rodoviario closed 5 months ago
The default scope for GitHub is:
You can customise the scope as you prefer:
git config --global credential.https://github.com.oauthScopes repo
See docs https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps for GitHub's complete list of scopes
specific repo
Separately to OAuth, you might be interested in GitHub's fine-grained personal access tokens https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-fine-grained-personal-access-token
I am using regulary git-credentaial-oauth with gitlab. Yesterday I was going to clone a github.com project and noted a bigger scope there to accept of the app, and no way to reduce or limit it to the bare minimum necessary.
Actually, for doing a git clone of the https URL I guess that no auth have to be necessary. Unless you later try to do a push, and in that case
Is there a way to reduce the scope when pulling from github.com?
And if there is not, at least is there a way to configure it to ignore github.com but keep working for gitlab.com?
echo url=https://gitlab.com | git credential fill
echo url=https://github.com | git credential fill