Lack of token permission should state all scope requirements in error message, instead of causing multiple adjustment roundtrips

[foosel]

Hello there, and thanks for this very helpful action!

I just had my "add newly created issues and PRs to a project" workflow fail that's based on actions/add-to-project@main:

Request failed due to following response errors:
 - Your token has not been granted the required scopes to execute this query. The 'projectV2' field requires one of the following scopes: ['read:project'], but your token has only been granted the: ['repo', 'write:org'] scopes. Please modify your token's scopes at: https://github.com/settings/tokens.
 - Your token has not been granted the required scopes to execute this query. The 'id' field requires one of the following scopes: ['read:project'], but your token has only been granted the: ['repo', 'write:org'] scopes. Please modify your token's scopes at: https://github.com/settings/tokens.

Ok, easy enough, I guess with the latest changes to the whole projects API some things changed, no prob, dutifully obliged. Added read:project as instructed, reran the failed action. Which then failed again with:

Request failed due to following response errors:
 - Your token has not been granted the required scopes to execute this query. The 'addProjectV2ItemById' field requires one of the following scopes: ['project'], but your token has only been granted the: ['read:project', 'repo', 'write:org'] scopes. Please modify your token's scopes at: https://github.com/settings/tokens.

Doing that as well, then rerunning, and things are finally green again.

However, it raises the question, is there any way to maybe ask for all required scopes right away to guarantee an error free operation, instead of sending me on multiple errands and also briefly making me doubt my sanity? 😅

[peaceiris]

You can give the project scope to your personal access token. (Sorry for my confusing reply)

[foosel]

I'm aware of that, and it also says so in the error itself. This issue is about the fact that the initial error message didn't tell me to add all now required scopes to the token but only one. Then I did that, reran the action, only for it to run into the next issue and ask me for yet another scope to be added. My suggestion here is to make the error message tell the user to add all needed scopes instead of having them figure out what is needed error by error and unneeded roundtrips.

[peaceiris]

I agree. Sorry for my confusing reply.

[camchenry]

👋 Thank you for reporting this issue! I agree that our messaging here is somewhat confusing and could be improved. I've created an issue in our internal backlog to make sure that this gets passed along to the right team and handled accordingly. Thank you again for your feedback, and please feel free to add any additional information to this issue!