From a security point of view it would be incredibly bad practice to have a scope that would allow access to all future features so the user never has to agree to the scopes again. Similarly it’s bad practice to request more scopes than needed for the operation of your app so it’s quite uncommon to need every single scope when new scopes are added.
Even if you do need every scope that gets added, it’s usually months between new scopes being added, if not years in some cases, so requiring the user to go through the OAuth flow a few times a year is far from the end of the world, and also helps to remind the user of what permissions you’re requesting, as to if the user chooses to read that list or not is up to them but it at least must be made clear to them what your app is requesting.