Lower ORGANIZATION_ADMIN_TOKEN requirement

[glensc]

Summary

Current docs say about ORGANIZATION_ADMIN_TOKEN:

You have to provide an ORGANIZATION_ADMIN_TOKEN (with a full repo scope)

But if I look at the "full repo" scope (it means all checkboxes under "repo" checked?), I'm hesitant that this program needs security scan privileges or manage invites:

also, perhaps it's better to describe with the scope names to be distinctively clear what scopes are needed. in fact, you can pass the defaults in URL:

• https://github.com/settings/tokens/new?scopes=repo,gist

[Ocramius]

Switching default branch can only be done with admin privileges, AFAIK.

Or at least it was when I initially wrote that utility.

Did that change?

[glensc]

What exactly defines the "admin privileges"? what scopes must be checked? there are actual scopes that contain name "admin" in their name if you open the link:

• https://github.com/settings/tokens/new?scopes=

[glensc]

Since I lost my token, I needed to create the token again, and I was reading the documentation to create the token again, but it is not explicit with scope names, I don't like this wording:

You have to provide an ORGANIZATION_ADMIN_TOKEN (with a full repo scope)

I would prefer it said:

You have to provide an ORGANIZATION_ADMIN_TOKEN, with scopes "repo", "project".

and can provide a universal link to create the token.

So, the questions here are:

1. what is the "with full repo scope" exactly?
2. are invites and security scan scopes really needed? (see the screenshot)

[glensc]

Update: Recreated token with "repo" scope was able to make release:

• https://github.com/settings/tokens/new?scopes=repo

So, if the scopes can't be lowered should at least update the doc to include a direct link with scopes checked.

[Ocramius]

It could be that personal repos and org repos have different permissions.

Possibly worth revisiting all this once fine-grained tokens are available?

https://github.com/settings/tokens?type=beta