`NP_GITHUB_TOKEN` should only be supplied as credentials for GitHub-hosted repositories

[bradlarsen]

Describe the bug A GitHub personal access token can be supplied to Nosey Parker via the NP_GITHUB_TOKEN environment variable. If a token is supplied, it is used for (a) GitHub REST API calls for repository enumeration (e.g., scan --github-org=octocat) and (b) credentials for the git clone operation if prompted by the remote server.

The problem is with (b): the personal access token is supplied to any remote, even non-GitHub-hosted ones, like https://example.com/some-git-repo.git.

To Reproduce

export NP_GITHUB_TOKEN=<your token>
noseyparker scan --git-url https://example.com/some-git-repo.git

If https://example.com/some-git-repo.git is configured to ask for credentials, noseyparker will supply <your token> to the server.

Expected behavior NP_GITHUB_TOKEN should only be supplied as a credential to GitHub-hosted repositories.

Output of noseyparker --version

noseyparker 0.18.0-dev

Build Configuration:

    Build Timestamp:    2024-06-14T19:24:31.059745000Z

    Commit Timestamp:   2024-06-11T14:59:51.000000000-04:00
    Commit Branch:      main
    Commit SHA:         b42786641a9de1af0816f7a8d7683cc732410dee

    Cargo Features:     color_backtrace,default,mimalloc
    Debug:              true
    Optimization:       0
    Target Triple:      aarch64-apple-darwin

Build System:

    OS:                 Darwin
    OS Version:         MacOS 14.5

    CPU Vendor:         Apple
    CPU Brand:          Apple M3 Max
    CPU Cores:          14

    rustc Version:      1.77.2
    rustc Channel:      stable
    rustc Host Triple:  aarch64-apple-darwin
    rustc Commit Date:  2024-04-09
    rustc Commit SHA:   25ef9e3d85d934b27d9dada2f9dd52b1dc63bb04
    rustc LLVM Version: 17.0