[check-valid-credentials] support Fine-grained PATs #73
Description
At the moment, check-valid-credentials relies on being able to know what permissions a token has by querying the X-OAuth-scopes field from the response header, but the Fine-Grained PATs (as of now) do not deploy these (see this community discussion comment for updates)
One solution is to somehow detect if the token is a Fine-Grained PAT (e.g. by detecting if the text starts with github_) and then allowing them to pass through without checking permissions.