> “This change removes the “Act on your behalf” note in the consent page if the app is requesting only read permissions against the user account itself.”

I think this blog demonstrates the problem. To a lot of people this is perfectly straightforward. Others might think, “but my GitHub account is where I keep all my private repos.”

When listing access controls, I think most nouns need to very carefully map back to a clear definition, ideally full of examples and bulleted lists of “what this is” and “what this isn’t”

This had been an open issue since ~2022:

https://github.com/orgs/community/discussions/37117

Lots of discussion and "this will never get fixed" comments (including from me) but hey...! It did get fixed! :-)