github
Validate scopes on target GitHub personal access tokens (PATs)
Before we start a migration, we should validate that the target personal access token (PAT) has the required scope(s) for the command being executed.
This can be checked by comparing the X-OAuth-Scopes header returned by the API against a known required list of scopes.
One good way to get the X-OAuth-Scopes header is to call the GET /rate_limit endpoint, because it doesn't use up any rate limit points 😉
There is documentation here on what scopes you need for doing different things.
When implementing this, we should be aware that different commands in the CLI will require different scopes. We may wish to tackle the most important command(s) first - probably migrate-repo, and then tackle other commands in follow up issues.
Note that scopes are not all that matters - you also need to have the relevant permissions on the organization, but that can be tackled separately.
