We have Jenkins configured to use github authentication, with the github committer authorization strategy and also granting access based on being a participant in our github organisation.

After upgrading from 0.20 to 0.21.1, I was redirected to github to be told that the plugin was asking to revoke the read:org and repo scopes (eg so it had no scopes granted). Subsequently I was redirected back to jenkins but got a fatal error on the "complete login" step due to a "Not Found" error from the Github API when attempting to check my organisation memberships.

I had to manually edit config.xml and add <oauthScopes>read:org</oauthScopes> to the <securityRealm class="org.jenkinsci.plugins.GithubSecurityRealm"> node before I could access the web interface at all. There was no <oauthScopes> element present in the file.

I see from https://github.com/jenkinsci/github-oauth-plugin/pull/39 that the plugin is supposed to request read:org by default if no scopes are configured - it seems however that this is not working following an upgrade?