Granular scopes for GitHub
We would like to see CircleCI use the newer GitHub API to lessen the privileges needed for integration.
I see that when linking GitHub with CircleCI you still require write access to pretty much everything in my GitHub account.
I know, that in the past this was do to a limitation of GitHub OAuth scopes, but now that they have GitHub Apps which allows more granular permission, I would appreciate if I could specify a lower privileged access so that CircleCI cannot arbitrarily modify code in GitHub.
New API should allow much more granular access so that by default you don’t get write access. I see this as a real differentiator when picking the most secure CI SAAS.