fix: oauth device flow scopes

Correct the name of POST variable sent during OAuth device flow as
documented in the GitHub API docs. This allows custom scopes to be
requested, which were previously ignored.

https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#step-1-app-requests-the-device-and-user-verification-codes-from-github

Author: stevenh

githubkit/auth/oauth.py

@@ -36,7 +36,7 @@ def create_device_code(
     url = base_url.copy_with(raw_path=base_url.raw_path + b"login/device/code")
     body = {"client_id": client_id}
     if scopes:
-        body["scopes"] = " ".join(scopes)
+        body["scope"] = " ".join(scopes)
     response = yield httpx.Request(
         "POST",
         url,