334
GitHub is introducing rate limits for unauthenticated pulls, API calls, and web access (github.blog)
submitted 2 weeks ago* (last edited 2 weeks ago) by chaospatterns@lemmy.world to c/programming@programming.dev
138 comments fedilink hide all child comments

An update from GitHub: https://github.com/orgs/community/discussions/159123#discussioncomment-13148279

The rates are here: https://docs.github.com/en/rest/using-the-rest-api/rate-limits-for-the-rest-api?apiVersion=2022-11-28

  • 60 req/hour for unauthenticated users
  • 5000 req/hour for authenticated - personal
  • 15000 req/hour for authenticated - enterprise org
you are viewing a single comment's thread
view the rest of the comments
[-] theunknownmuncher@lemmy.world 31 points 2 weeks ago* (last edited 2 weeks ago)

LOL!!!! RIP GitHub

EDIT: trying to compile any projects from source that use git submodules will be interesting. eg ROCm has more than 60 submodules to pull in 💀

[-] sxan@midwest.social 25 points 2 weeks ago

The Go module system pulls dependencies from their sources. This should be interesting.

Even if you host your project on a different provider, many libraries are on github. All those unauthenticated Arch users trying to install Go-based software that pulls dependencies from github.

How does the Rust module system work? How does pip?

[-] Ephera@lemmy.ml 8 points 2 weeks ago

For Rust, as I understand, crates.io hosts a copy of the source code. It is possible to specify a Git repository directly as a dependency, but apparently, you cannot do that if you publish to crates.io.

So, it will cause pain for some devs, but the ecosystem at large shouldn't implode.

[-] sxan@midwest.social 1 points 2 weeks ago

I should know this, but I think Go's module metadata server also caches, and the compiler(s) looks there first if you don't override it. I remember Drew got pissed at Go because the package server was pounding on sr.ht for version information; I really should look into those details. It Just Works™, so I've never bothered to read up about how I works. A lamentable oversight I'll have to correct with this new rate limit. It might be no issue after all.

[-] Ephera@lemmy.ml 3 points 2 weeks ago

I also remember there being a tiny shitstorm when Google started proxying package manager requests through their own servers, maybe two years ago or so. I don't know what happened with that, though, or if it's actually relevant here...

load more comments (9 replies)
load more comments (9 replies)
this post was submitted on 14 May 2025
334 points (99.4% liked)

Programming

20418 readers
279 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 2 years ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz
UlrikHD@programming.dev