CamilleTeruel opened a new issue, #36: URL: https://github.com/apache/incubator-devlake-website/issues/36
In the Github plugin doc, in the Auth Token(s) configuration section, we can read: > This field accepts a comma-separated list of values for multiple tokens. The data collection will take longer for GitHub since they have a rate limit of 5k requests per hour. You can accelerate the process by configuring multiple personal access tokens. However, in [Github API doc](https://docs.github.com/en/rest/overview/resources-in-the-rest-api#requests-from-personal-accounts), we can read: > **All requests** from OAuth applications authorized by a user or a **personal access token** owned by the user, and requests authenticated with any of the user's authentication credentials, **share the same quota of 5,000 requests per hour** for that user. So this means that using multiple PATs to accelerate collection works only if those PATs come from different accounts. The documentation should make it clear. -------- Side note. I understand why this feature has been introduced but I have two concerns: - although it can be argued that this feature just allows multiple users to pool their rate limit, Github could interpreted it as a way to abuse its API by bypassing its rate limits - to use this feature the person filling up the conf form needs to be in possession of PATs that don't belong to him, which raises security concerns regarding those PAT permissions -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
