GitHub project integration form does not need to display stored personal access token to the user
While the token theoretically should only have very limited permissions, practice shows the is oftentimes very much not the case. GitLab can do a better job of protecting users from their own ingenuity by masking the token or a part thereof.
It would also be nice to be able to reuse the GitHub repository mirroring token, since it needs to be used anyway.