Comments (8)
I wonder if this is a rate limiting by GH?
from alien-build-plugin-download-github.
So yeah. This is a problem which may render this plugin pretty useless:
{
"message": "API rate limit exceeded for x.x.x.x. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)",
"documentation_url": "https://developer.github.com/v3/#rate-limiting"
}
from alien-build-plugin-download-github.
Only a valid personal access token (PAT) with public_repo no scopes is required to increase that limit to 5000/hour.
# export a valid token from https://github.com/settings/tokens
export GITHUB_PAT=0955...1223
curl -i -H "Authorization: token $GITHUB_PAT" https://api.github.com/repos/Perl5-Alien/dontpanic/releases | head -n10
HTTP/1.1 200 OK
Date: Tue, 30 Apr 2019 11:22:24 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 7735
Server: GitHub.com
Status: 200 OK
X-RateLimit-Limit: 5000
X-RateLimit-Remaining: 4999
X-RateLimit-Reset: 1556626901
Cache-Control: private, max-age=60, s-maxage=60
It would be possible for something like:
plugin 'Download::GitHub' => (
github_user => 'Perl5-Alien',
github_repo => 'dontpanic',
token => $ENV{GITHUB_PAT}
);
However, Alien users as well as authors would need to know about export GITHUB_PAT=...
if they are installing more than 60 Aliens using this plugin per hour - this would include cpantesters.
edit See e0020f4 for an option that doesn't require having headers set in Plugin::Fetch::*
.
from alien-build-plugin-download-github.
@kiwiroy I think it is reasonable for the plugin to default to a token specified in the environment without having to pass it in from the alienfile
. In fact it I don't think it ever makes sense to specify the token in the alienfile
? This would definitely be an improvement, although it still has the problem that most testers will not have the environment variable set.
from alien-build-plugin-download-github.
One security challenge will be having a security credential in the URL because the URLs are often displayed in diagnostic messages. Either using the header method, or a way to mask the URL. Neither of these are built into AB core yet.
from alien-build-plugin-download-github.
Another possibility would be the usage of a cache directory for the downloaded distfiles (possibly size-limited using LRU mechanisms or so). This could help on smokers or other build systems sharing the same home directory.
from alien-build-plugin-download-github.
@eserte I started working on a plugin to cache requests here:
https://metacpan.org/pod/Alien::Build::Plugin::Fetch::Cache
as the documentation states it is pretty dumb and probably not ready for prime time, but with some extra shine could probably be useful for the use cases you suggest.
from alien-build-plugin-download-github.
With #13 and #14, I think this is solved as well as can be currently. We can revisit and open additional if future techniques can be used to improve further.
@eserte This will work with AB 2.39+ and ABP::Download::GitHub
0.07, but note the caveats.
from alien-build-plugin-download-github.
Related Issues (11)
- version in file listing should use the version regex property
- Add some extra unit tests
- Sometimes doesn't properly decode json
- Plugin should delcare itself a configure requires for Aliens that use it HOT 1
- Send GitHub PAT when using AB 2.40+
- Need Zip Format Support HOT 2
- Add support for the release API HOT 1
- slurp should use slurp_raw
- Should be able to specify no extractor HOT 6
- (probably) bogus rather alarming warnings when using GitHub plugin correctly
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from alien-build-plugin-download-github.