Scope of GitHub OAuth login #80
Description
When using the login feature with GitHub, ex-remit seems to ask for full read/write access to all public and private repositories. Is there any reason for this? When looking at the code at least at first glance, I couldn't find any features that seem to need write access, the only feature I could find was requesting team memberships. In the interest of limiting the attack surface, I think it would be nice to not ask for permissions that aren't needed.
Apart from that, ex-remit looks like a great tool, we've just set it up for use in the open source project XWiki (https://www.xwiki.org). Thank you very much for making it available!