Removed broad Gitlab permission from ScmAuth

To write repositories the `api` permission is not needed anymore.

Signed-off-by: Severin Wischmann <severinwischmann@nianticlabs.com>

.changeset/cuddly-glasses-battle.md

@@ -0,0 +1,7 @@
+---
+'@backstage/integration-react': patch
+---
+
+Remove unnecessary broad permissions from Gitlab SCMAuth
+
+Newer versions of Gitlab (after 2019) do not require the broad api permissions to write to repos.

packages/integration-react/src/api/ScmAuth.test.ts

@@ -105,7 +105,7 @@ describe('ScmAuth', () => {
         additionalScope: { repoWrite: true },
       }),
     ).resolves.toMatchObject({
-      token: 'read_user read_api read_repository write_repository api',
+      token: 'read_user read_api read_repository write_repository',
     });
 
     const azureAuth = ScmAuth.forAzure(mockAuthApi);

packages/integration-react/src/api/ScmAuth.ts

@@ -162,7 +162,7 @@ export class ScmAuth implements ScmAuthApi {
    *
    * If the additional `repoWrite` permission is requested, these scopes are added:
    *
-   * `write_repository api`
+   * `write_repository`
    */
   static forGitlab(
     gitlabAuthApi: OAuthApi,
@@ -173,7 +173,7 @@ export class ScmAuth implements ScmAuthApi {
     const host = options?.host ?? 'gitlab.com';
     return new ScmAuth('gitlab', gitlabAuthApi, host, {
       default: ['read_user', 'read_api', 'read_repository'],
-      repoWrite: ['write_repository', 'api'],
+      repoWrite: ['write_repository'],
     });
   }