fix: Pass github authorization via header instead of query string

server/routes.js

@@ -58,8 +58,12 @@ router.get('/developers', ctx => renderpage(ctx, <Developers />));
 router.get('/developers/api', ctx => renderpage(ctx, <Api />));
 router.get('/changelog', async ctx => {
   const data = await fetch(
-    `https://api.github.com/repos/outline/outline/releases?access_token=${process
+    `https://api.github.com/repos/outline/outline/releases`,
-      .env.GITHUB_ACCESS_TOKEN || ''}`
+    {
+      headers: {
+        Authorization: `token ${process.env.GITHUB_ACCESS_TOKEN || ''}`,
+      },
+    }
   );
   const releases = await data.json();
   return renderpage(ctx, <Changelog releases={releases} />);