Add required scopes for GitHub Token to README

[tdmalone]

Hi there,

Thank you for your work on npmpub! New user to publishing on npm here. I was wondering if you could add to the README the scopes that you need for the GITHUB_TOKEN?

[MoOx]

To be honest I am not really sure. You should check this code https://github.com/MoOx/github-release-from-changelog/blob/master/github-release-from-changelog.js.
I am personally using a token with full access but I guess you don't need everything.

[tdmalone]

Ah no probs. I had a bit of a hunt.. that package uses grizzly which uses a Node.js wrapper for the GitHub API. It looks like only the release endpoint is being called. According to the API docs, users with push access can create a release. According to the scope docs it looks like the repo scope will cover things for public and private repos, and the public_repo scope for public repos only.

So I would guess that is the only scope required, and people could choose whether they want to grant private access or not. I haven't tested this yet, if I have a chance I will do so and then confirm with a pull request to update the README! I suppose I could also do so in github-release-from-changelog & grizzly repos :)

[MoOx]

Great idea! Thanks for your time.