Firstly, thanks for the free stuff devs, we appreciate it.
But I’ve got a gripe.
If I want somebody to be able to download a tarball of my latest commit to a private repo I have to give them a token with full r/w repo access?!?
That’s absolutely **bonkers**.
What’s even more bonkers is that people have been complaining about this for years and it’s still an issue.
Who else wants to see a read-only private repo permission added to the o-auth token system?