I'm signing up a website with my github account. But why would github allow application gain access to my private repo?
What I expect is that github should allow me to control which access I want to grant to that application.
This application will be able to read and write all public and private repository data. This includes the following:
- Code
- Issues
- Pull
- requests
- Wikis
- Settings
- Webhooks and services
- Deploy keys
Github's permissions are, unfortunately, not all that granular.
They're listed here: https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps
The site is presumably requesting the repo permission. It'd be nice if Github let you pick and choose which repositories to allow a third-party application access to, but it's currently all-or-nothing.
The site may or may not have a legitimate need for that permission (a CI service might need access to a private repo, for example). We can't answer that part for you - you'll have to decide for yourself if the login is worth the risk.