Describe the bug
I think copilot update is a simple command, especially when it is suggested by copilot --version, so it should not fail with a raw GitHub API rate-limit error in normal usage.
In my case, this was run from a corporate network, where a single public IPv4 address is shared by many users. So I understand that unauthenticated GitHub API requests can occasionally be throttled due to GitHub's API policy.
However, for a first-party tool like GitHub Copilot CLI, I think this should be handled more gracefully.
Affected version
GitHub Copilot CLI 1.0.48
Steps to reproduce the behavior
- Run
copilot --version
$ copilot --version
GitHub Copilot CLI 1.0.48.
Run 'copilot update' to check for updates.
- Since the CLI suggests running copilot update, run it.
- The update command fails with a GitHub API rate-limit error.
$ copilot update
Checking for updates...
Checking GitHub for the latest release...
Error during update: Failed to fetch latest release: HttpError: API rate limit exceeded for xxx.yyy.zzz.vvv. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.) - https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting
Expected behavior
copilot update should not expose this kind of raw rate-limit failure for a simple update check.
Possible behavior I would expect:
- If the user is already authenticated, or if the
gh CLI is available and authenticated, use that credential to check whether a newer Copilot CLI release exists.
- If no authentication method is available, fallback to an unauthenticated request, but handle the possibility of GitHub API rate limiting.
- If rate limiting happens, show a user-friendly message such as asking the user to try again later, or explaining how to authenticate to avoid the limit.
At minimum, the error message should be more actionable than the current raw API failure.
Additional context
This was run from a corporate environment where a single public IPv4 address is shared by many users.
Because of that, unauthenticated GitHub API requests are more likely to hit the shared IP-based rate limit.
I understand that this can happen from GitHub API policy, but since this is a first-party GitHub tool, I think copilot update should either use available authentication or gracefully handle this case.
Describe the bug
I think
copilot updateis a simple command, especially when it is suggested bycopilot --version, so it should not fail with a raw GitHub API rate-limit error in normal usage.In my case, this was run from a corporate network, where a single public IPv4 address is shared by many users. So I understand that unauthenticated GitHub API requests can occasionally be throttled due to GitHub's API policy.
However, for a first-party tool like GitHub Copilot CLI, I think this should be handled more gracefully.
Affected version
GitHub Copilot CLI 1.0.48
Steps to reproduce the behavior
copilot --versionExpected behavior
copilot updateshould not expose this kind of raw rate-limit failure for a simple update check.Possible behavior I would expect:
ghCLI is available and authenticated, use that credential to check whether a newer Copilot CLI release exists.At minimum, the error message should be more actionable than the current raw API failure.
Additional context
This was run from a corporate environment where a single public IPv4 address is shared by many users.
Because of that, unauthenticated GitHub API requests are more likely to hit the shared IP-based rate limit.
I understand that this can happen from GitHub API policy, but since this is a first-party GitHub tool, I think
copilot updateshould either use available authentication or gracefully handle this case.