fix(resolve-repositories): limit to user owned repos

[stoe]

📝 Summary

• Running @octoherd/cli v3.3.2 (@octoherd/octokit v2.3.1, Node.js: v14.16.0, darwin x64)
• Limit to affiliation: "owner" for the "GET /user/repos" route call.

⛱ Motivation and Context

When using --octoherd-repos "user/*" with a repo scoped Personal Access Token (PAT) resolveRepositories.js would find all repositories the user has access to, not only the ones owned by that user under their account.

📊 How Has This Been Tested?

Modifying a local script with these changes:

node cli.js \
  --octoherd-token "0123456789012345678901234567890123456789" \
  --octoherd-repos "stoe/*"

Before

After

[gr2m]

Great catch, thanks a lot for the PR!

[github-actions]

🎉 This PR is included in version 3.3.3 🎉

The release is available on:

• GitHub release
• npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

[gr2m]

@stoe I see you created https://github.com/stoe/octoherd-dependabot-config, very cool! How did the setup go? Did you use npm init octoherd-script?

[stoe]

@stoe I see you created https://github.com/stoe/octoherd-dependabot-config, very cool! How did the setup go? Did you use npm init octoherd-script?

I ported this locally from an old script before I found out about npm init octoherd-script.

The Go template is via https://github.com/stoe/octoherd-dependabot-config/blob/main/dependabot.go.yml and I only switch the used template via discovered logic:
https://github.com/stoe/octoherd-dependabot-config/blob/70a0396f8b1cd8fc8ff81ca5e870c7b76ea4d357/script.js#L36-L47

[gr2m]

If you like you could submit your script to https://github.com/octoherd/octoherd/discussions/categories/show-and-tell, it might be useful to others! And make sure to install https://github.com/apps/octoherd/, I use it for some upgrade automation via PRs such as octoherd/script-star-or-unstar#6