API rate limit exceeded when fetching OSV releases #24209
Unanswered
jporzucek
asked this question in
Request Help
Replies: 2 comments 1 reply
-
This might require the osv lib to accept token as a parameter and then modify Renovate to pass it during initialization |
Beta Was this translation helpful? Give feedback.
0 replies
-
any way to resolve this? |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
How are you running Renovate?
Mend Renovate hosted app on github.com
If you're self-hosting Renovate, tell us what version of Renovate you run.
No response
If you're self-hosting Renovate, select which platform you are using.
None
Was this something which used to work for you, and then stopped?
It used to work, and then stopped
Describe the problem
Most of the jobs hit 403 with
API rate limit exceeded
message when trying to fetch OSV releases from https://api.github.com/repos/renovatebot/osv-offline/releases. And since it's a Mend Renovate hosted, there is no way to setGITHUB_COM_TOKEN
that is used by@renovatebot/osv-offline
.Relevant debug logs
Logs
{ "err": { "name": "HttpError", "status": 403, "response": { "url": "https://api.github.com/repos/renovatebot/osv-offline/releases", "status": 403, "headers": { "access-control-allow-origin": "*", "access-control-expose-headers": "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Used, X-RateLimit-Resource, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset", "connection": "close", "content-length": "279", "content-security-policy": "default-src 'none'; style-src 'unsafe-inline'", "content-type": "application/json; charset=utf-8", "date": "Fri, 01 Sep 2023 05:48:37 GMT", "referrer-policy": "origin-when-cross-origin, strict-origin-when-cross-origin", "server": "Varnish", "strict-transport-security": "max-age=31536000; includeSubdomains; preload", "x-content-type-options": "nosniff", "x-frame-options": "deny", "x-github-media-type": "github.v3; format=json", "x-github-request-id": "E12D:4F7F:2704AF:5049D0:64F17B35", "x-ratelimit-limit": "60", "x-ratelimit-remaining": "0", "x-ratelimit-reset": "1693547357", "x-ratelimit-resource": "core", "x-ratelimit-used": "60", "x-xss-protection": "1; mode=block" }, "data": { "message": "API rate limit exceeded for 34.239.12.110. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)", "documentation_url": "https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting" } }, "request": { "method": "GET", "url": "https://api.github.com/repos/renovatebot/osv-offline/releases", "headers": { "accept": "application/vnd.github.v3+json", "user-agent": "octokit-rest.js/19.0.13 octokit-core.js/4.2.4 Node.js/18.17.1 (linux; x64)" }, "request": { "fetch": "[function]", "hook": "[function]" } }, "message": "API rate limit exceeded for 34.239.12.110. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)", "stack": "HttpError: API rate limit exceeded for 34.239.12.110. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)\n at /opt/containerbase/tools/renovate/36.68.1/node_modules/@octokit/request/dist-node/index.js:122:21\n at processTicksAndRejections (node:internal/process/task_queues:95:5)\n at tryDownloadDb (/opt/containerbase/tools/renovate/36.68.1/node_modules/@renovatebot/osv-offline/dist/lib/download.js:43:26)\n at OsvOffline.initialize (/opt/containerbase/tools/renovate/36.68.1/node_modules/@renovatebot/osv-offline/dist/lib/osv-offline.js:14:24)\n at Function.create (/opt/containerbase/tools/renovate/36.68.1/node_modules/@renovatebot/osv-offline/dist/lib/osv-offline.js:26:9)\n at Vulnerabilities.initialize (/opt/containerbase/tools/renovate/36.68.1/node_modules/renovate/lib/workers/repository/process/vulnerabilities.ts:49:23)\n at Function.create (/opt/containerbase/tools/renovate/36.68.1/node_modules/renovate/lib/workers/repository/process/vulnerabilities.ts:54:5)\n at fetchVulnerabilities (/opt/containerbase/tools/renovate/36.68.1/node_modules/renovate/lib/workers/repository/process/extract-update.ts:177:31)\n at lookup (/opt/containerbase/tools/renovate/36.68.1/node_modules/renovate/lib/workers/repository/process/extract-update.ts:192:3)\n at extractDependencies (/opt/containerbase/tools/renovate/36.68.1/node_modules/renovate/lib/workers/repository/process/index.ts:161:11)\n at Object.renovateRepository (/opt/containerbase/tools/renovate/36.68.1/node_modules/renovate/lib/workers/repository/index.ts:62:9)\n at attributes.repository (/opt/containerbase/tools/renovate/36.68.1/node_modules/renovate/lib/workers/global/index.ts:184:11)\n at start (/opt/containerbase/tools/renovate/36.68.1/node_modules/renovate/lib/workers/global/index.ts:169:7)\n at /opt/containerbase/tools/renovate/36.68.1/node_modules/renovate/lib/renovate.ts:18:22" } }Have you created a minimal reproduction repository?
Placeholder value, please select the correct response from the dropdown
Beta Was this translation helpful? Give feedback.
All reactions