diff --git a/container/libs/github.py b/container/libs/github.py
index 32547f9..d576216 100644
--- a/container/libs/github.py
+++ b/container/libs/github.py
@@ -1,8 +1,14 @@
-from datetime import datetime, MINYEAR
+import os
+from datetime import datetime, MINYEAR
 from github import Github, GitRelease, Repository, GithubException
 
 def get_latest_github_repo_version(repo):
-    client = Github()
+    # check for a github token that may be used alongside the codeql cli to upload github results
+    # this will limit rate limting 403 errors on checking codeql versions, as the request will be authenticated if possible.
+    # by default codeql uses env var "GITHUB_TOKEN" to authenticate
+    # https://codeql.github.com/docs/codeql-cli/manual/github-upload-results/
+    access_token = os.getenv('GITHUB_TOKEN')
+    client = Github(access_token) if access_token != None else Github()
     repo = client.get_repo(repo)
     releases = repo.get_releases()
     latest_release = get_latest_github_release(releases)
diff --git a/container/setup.py b/container/setup.py
old mode 100755
new mode 100644
index f5eddc5..e3fc8d1
--- a/container/setup.py
+++ b/container/setup.py
@@ -38,12 +38,13 @@ def setup():
     # check version and download the latest version
     get_latest_codeql(args)
     logger.info("End setup...")
+
 def get_latest_codeql(args):
     codeql = CodeQL(CODEQL_HOME)
-    # what version do we have?
+    current_installed_version = codeql.get_current_local_version()
+    logger.info(f'Current codeql version: {current_installed_version}')
+    # ensure we only query for the latest codeql cli version if we might actually update it
     if args.check_latest_cli:
-        current_installed_version = codeql.get_current_local_version()
-        logger.info(f'Current codeql version: {current_installed_version}')
         latest_online_version = codeql.get_latest_codeql_github_version()
         if current_installed_version != latest_online_version.title:
             # we got a newer version online, download and install it