Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unauthenticated requests to GitHub can be ratelimited #167

Open
zeptofine opened this issue Nov 7, 2024 · 3 comments
Open

Unauthenticated requests to GitHub can be ratelimited #167

zeptofine opened this issue Nov 7, 2024 · 3 comments
Labels
enhancement New feature or request

Comments

@zeptofine
Copy link
Collaborator

zeptofine commented Nov 7, 2024
edited
Loading

Describe the bug
Requests that BLV2 make to GitHub for the latest build and the launcher api are ratelimited after an amount of time and affects other programs that request to GitHub without authentication.

For the log file, I added a print statement before the error point to find exactly what was being returned.

To Reproduce
Run scraping enough times to hit the GH ratelimit (I just did apparently)

System (please complete the following information):

Additional context
A possible solution would be to let the user add their own GitHub token so we can authenticate our requests properly. We will need to store them securely, perhaps with https://pypi.org/project/keyring/
@Victor-IX
Copy link
Owner

I knew about this but didn't think we would reach the limit of 5000 per hour.
Do you know if the limit is shared between all Blender Launcher requests, or is it per user?

A possible solution would be to let the user add their own GitHub token so we can authenticate our requests properly. We will need to store them securely, perhaps with https://pypi.org/project/keyring/

This would be a good solution. We could also implement a rate limiter inside the Blender Launcher to only make API requests once every 24 hours.

@zeptofine
Copy link
Collaborator Author

I knew about this but didn't think we would reach the limit of 5000 per hour. Do you know if the limit is shared between all Blender Launcher requests, or is it per user?

I think it's moreso per IP than per user
As you can see in the log, it referenced my IP along with the error message (I hid it). That leads me to believe that it limits based on your IP and not a specific machine, so those who share an IP with multiple people, eg. businesses and educational organizations, may be requesting from the GitHub API a ton.
Since I am at a college with a big Engineering department, there may be some other students who use the GitHub API frequently

@Victor-IX
Copy link
Owner

so those who share an IP with multiple people, eg. businesses and educational organizations, may be requesting from the GitHub API a ton.
Since I am at a college with a big Engineering department, there may be some other students who use the GitHub API frequently

Oh yeah, that makes sense why you hit the limit. In this case, the token is the way to go!

@Victor-IX Victor-IX added the enhancement New feature or request label Nov 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
Blender Launcher V2
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zeptofine @Victor-IX