Is it possible to reduce access to all of these permissions? The OAuth login through Github requests permission for user data, all public & private repos, and Gists. If the program only requires access to Gists, then removing all other permissions would be best. If it needs access to repos, then limit it to only public repos and not private.
Agreed. Would you be up for putting in the PR to do this? I think we probably do want gists + public repos. In terms of user info we really only need the username I think ...
Is it possible to reduce access to all of these permissions? The OAuth login through Github requests permission for user data, all public & private repos, and Gists. If the program only requires access to Gists, then removing all other permissions would be best. If it needs access to repos, then limit it to only public repos and not private.