Reduce github scopes
Taluu opened this issue · 2 comments
Taluu commented
As discussed on slack, you should reduce the scopes used. Instead of user and repo (and even public_repo as suggested in #71), you could limit yourself to user:email, as the other requests (getting the starred repos and the user information except email) does not need any scopes.
e.g https://api.github.com/users/taluu & https://api.github.com/users/taluu/starred can be accessed through GET requests without any auth.
j0k3r commented
I even don't need the user email at all!