OAuth scope for github login
Currently, gitter asks for the
user OAuth scope, which grants read and write access to personal user data. Do you really need so much permissions ?
I don't really see why you would need the write access. If what you need is the read access to the email address, you could request for
user:email instead to get only the minimal permissions: http://developer.github.com/v3/oauth/#scopes