-
-
Notifications
You must be signed in to change notification settings - Fork 4.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GitHub rate limit exceed when token provided #6621
Comments
I think that indeed we not check for this. It is incredibly rare for someone to hit the rate limit associated with a token. It would be a nice-to-have to handle this more gracefully. |
@alcohol Yes, i was very suprised of this also, the project have many npm-assets and it look like a single |
Yeah I personally cannot recommend managing npm dependencies through composer.. but opinions vary :-) |
@alcohol we do, the full error message is:
It dates back from before the anonymous API limits were dramatically increased, but the error is technically still completely correct: it says the rate limit is the problem, and how to exceed it. I don't see the problem. |
@curry684 The problem is two-fold:
Creating another token at that time would suffer from the same rate limit. |
Ow I see, my apologies. True issue then, but small :P |
Having a look at the code, it seems that on master branch it is already managed : is it an other case ? |
That code is 4 years and a week old so I doubt it's still working as it should, feel free to make a PR :) |
Everything in that code seems correct according to https://developer.github.com/v3/#rate-limiting (headers, status code etc. are still the same) |
I checked on this link before submiting https://developer.github.com/v3/rate_limit/ and the code still correct. |
Most likely the bug is in composer/src/Composer/Util/RemoteFilesystem.php Lines 581 to 588 in eb61069
Perhaps GitHubDriver::getRateLimit should be moved to Util\GitHub so that this can be called from both places. |
I was running into a variant of this issue which took an annoyingly large amount of caveman debugging to find: Composer 1.7.1 was reporting the "please create a GitHub OAuth token to go over the API rate limit" error at the very first download from GitHub, which pointed me in the completely wrong direction (since it doesn't make sense to hit a rate limit on the first download). Anyway, only after dumping everything that goes in and out of the
So GitHub even includes headers in their response now that clearly state that rate limit is not the issue here... Only the real error message "Bad credentials" together with the fact that the actual URL (while composer only shows a truncated variant) already had an access token appended made me realize, that I already had an OAuth token configured multiple years ago, which has become invalid in the meantime. Simply deleting it fixed the error, but the message is highly misleading (and the fact that |
When a Github token is provided, and valid, BUT the rate limit is exceed. Composer ask to create a new token, which is very miscleading.
How to reproduce:
"remaining": 0,
composer update
My
composer.json
:Output of
composer diagnose
:When I run this command:
I get the following output:
And I expected this to happen:
When veryfing the RATE limit manually,
GET https://api.github.com/rate_limit?access_token=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The following output would be expected :
The text was updated successfully, but these errors were encountered: