GitHub fine-grained personal access tokens

If you need to push a commit to a GitHub repo over HTTPS and you don’t want to provide a username & password, a GitHub “fine-grained personal access token” is the way to go¹. The owner of the repo can create that token and configure (1) to which repo(s) it provides access and (2) the kind of access it allows to these repo(s), the repository permissions. The following screenshot shows some of these permissions:

There are a lot of permissions you can configure, but to push commits to a repo, you only need “Read access to metadata” and “Read and Write access to code”. The first one is mandatory and you need it to “search repositories, list collaborators, and access repository metadata”.