Plugin Updates rate limited by Github

[prokizzle]

Search first

• I searched and no similar issues were found

What Happened?

I performed Check for Updates on plugin page. I recieved errors about rate limit from github when looking for updates. I was unable to update plugins found to have updates.

Reproduce the Bug

1. Go to plugins modal
2. Click the vertical dots menu
3. Select Check All Updates

Expected Behavior

I expect to see a list of updates or not see error popups

Screenshots

Desktop or Mobile Platform Information

macOS 13.3.1 M1 Macbook Pro LogSeq 0.9.2

Additional Context

No response

Are you willing to submit a PR? If you know how to fix the bug.

• I'm willing to submit a PR (Thank you!)

[prokizzle]

Adding a github login option could allow all update requests to be authenticated, resulting in a higher rate limit.

[cnrpman]

Good point. PR is welcome

[shlomi-dr]

Experiencing the same problem..

[prokizzle]

Good point. PR is welcome

Any advice at where to start looking for the plugin update code?

[shlomi-dr]

Not familiar with the code at all, but perhaps this is a clue?

logseq/src/electron/electron/plugin.cljs

Lines 34 to 62 in 5885bc8

	(defn- fetch-release-asset
	[{:keys [repo theme]} url-suffix {:keys [response-transform]
	:or {response-transform identity}}]
	(-> (p/let [repo (some-> repo (string/trim) (string/replace #"^/+(.+?)/+$" "$1"))
	api #(str "https://api.github.com/repos/" repo "/" %)
	endpoint (api url-suffix)
	^js res (fetch endpoint)
	illegal-text (when-not (= 200 (.-status res)) (.text res))
	_ (when-not (string/blank? illegal-text) (throw (js/Error. (str "Github API Failed(" (.-status res) ") " illegal-text))))
	_ (debug "[Release URL] " endpoint "[Status/Text]" (.-status res))
	res (response-transform res)
	res (.json res)
	res (bean/->clj res)
	version (:tag_name res)
	asset (first (filter #(string/ends-with? (:name %) ".zip") (:assets res)))]
	[(if (and (nil? asset) theme)
	(if-let [zipball (:zipball_url res)]
	zipball
	(api "zipball"))
	asset)
	version
	(:body res)])
	(p/catch
	(fn [^js e]
	(debug e)
	(throw (js/Error. [:release-channel-issue (.-message e)]))))))

[prokizzle]

So I assume the strategy is to add an Authorization header to the fetch call for the github release zipball endoint. Probably needs a core plugin to handle a UI for inputting the token, with a link to generate one on gh with the necessary permissions.

Also should probably handle token expiry, since gh strongly discourages creating tokens that don't expire.

[cnrpman]

Thank you guys for the investigation!
Feel free to ping if there's any issue about development.

[cnrpman]

Related ticket: #9581 #5847