docs(source-gitlab): improve rate limits, fix outdated tier names, document 403 behavior

[devin-ai-integration]

Documentation Confidence Assessment

Overall Confidence: 4/5

Dimension	Score	Rationale
Code Comprehension	4/5	Manifest-only YAML with simple custom components (partition routers, URL validator); all error handling and streams are declarative.
API Documentation Quality	4/5	GitLab has comprehensive official API docs with auth guides, rate limit pages, and an OpenAPI spec; minor gaps in GitLab.com-specific rate limit docs.
Change Scope & Risk	5/5	Under 10 lines changed: terminology correction, link fix, and small informational section documenting existing behavior.
Existing Doc Maturity	4/5	Well-established 226-line doc with prerequisites, setup (Cloud/OSS), sync modes, streams, limitations, and changelog.
Connector Sensitivity	2/5	Certified connector with high usage (ql=400, sl=200); errors here affect many users.
Triggering Context	5/5	Triggered from a small merged commit (concurrency default bump from 8 to 10, version 4.4.23-rc.3).

What I Verified vs. What I Inferred

• Verified from code: Error handler configuration shows action: IGNORE for HTTP 403 and action: RETRY for HTTP 500 in manifest.yaml. Concurrency level fallback changed from 8 to 10 in Jinja expression. Spec default for num_workers remains 8. All 23 streams confirmed present in the manifest matching the documented stream list.
• Verified from API docs: GitLab.com Gold was renamed to GitLab Ultimate. Rate limit defaults for Groups API (200/min for list, 400/min for detail) and members endpoints (200/min shared) confirmed from GitLab admin settings docs. Epics and Epic Issues APIs confirmed as Ultimate-tier only.
• Inferred: That action: IGNORE on the HttpResponseFilter causes the connector to skip the partition/slice without surfacing an error to the user. The CDK's exact behavior for IGNORE (whether it logs a warning or is truly silent) was not verified from CDK source code.

Areas of Concern

• The "Inaccessible resources" section states the connector "silently skips" 403 responses. A reviewer familiar with the CDK should confirm whether action: IGNORE produces any log output or is truly silent.
• The replacement rate limit links point to GitLab's admin settings documentation pages rather than a user-facing GitLab.com limits page. These show the correct default values but are primarily aimed at self-hosted administrators.

---

What

Improves the source-gitlab documentation following review of commit 49d3750 (concurrency default increase to 10, version 4.4.23-rc.3). Fixes outdated terminology, updates broken rate limit links, and documents previously undocumented connector behavior.

How

• Fix outdated tier name: Replaced "GitLab Ultimate and GitLab.com Gold only" with "GitLab Ultimate only" for Epics and Epic Issues streams. GitLab.com Gold was renamed to GitLab Ultimate several years ago.
• Update rate limits links: The previous link (/ee/user/gitlab_com/#gitlabcom-specific-rate-limits) pointed to an outdated anchor. Replaced with direct links to the Groups API and Projects API rate limit documentation pages where the specific per-endpoint limits are defined.
• Document automatic 429 retry: Added note that the connector automatically retries rate-limited requests (standard CDK behavior).
• Remove opinionated default claim: Removed "The default value of 8 is suitable for most GitLab.com users" since the effective default is being actively tuned during a progressive rollout (spec says 8, but concurrency_level fallback is now 10).
• New "Inaccessible resources" section: Documents that the connector silently skips HTTP 403 responses. This is substantiated by action: IGNORE for 403 in the manifest's error handler, and is important for users debugging missing data.

Review Guide

1. docs/integrations/sources/gitlab.md — Single file changed. Key areas:
   • Lines 83-84: "GitLab Ultimate only" — verify this is the correct current tier name for Epics/Epic Issues API access.
   • Line 112: Updated rate limit links — confirm the admin settings pages are appropriate references for end-user documentation.
   • Lines 127-129: New "Inaccessible resources" section — verify that action: IGNORE on 403 in the CDK accurately means the connector skips the resource without error.
   • Line 123: Updated retry language — confirm the CDK automatically retries 429 responses.

---

Note: I am an AI assistant (Devin) and have proposed these documentation updates based on a review of the connector source code and third-party API documentation. Reviewers may merge, modify, or close this PR as they see fit.

Link to Devin session: https://app.devin.ai/sessions/9e3d0dcb89054fbf84156fcb69e67016
Requested by: sophiecuiy

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[github-actions]

👋 Greetings, Airbyte Team Member!

Here are some helpful tips and reminders for your convenience.

💡 Show Tips and Tricks

PR Slash Commands

Airbyte Maintainers (that's you!) can execute the following slash commands on your PR:

• 🛠️ Quick Fixes
  • /format-fix - Fixes most formatting issues.
  • /bump-version - Bumps connector versions, scraping changelog description from the PR title.
• ❇️ AI Testing and Review (internal link: AI-SDLC Docs):
  • /ai-prove-fix - Runs prerelease readiness checks, including testing against customer connections.
  • /ai-canary-prerelease - Rolls out prerelease to 5-10 connections for canary testing.
  • /ai-review - AI-powered PR review for connector safety and quality gates.
• 🚀 Connector Releases:
  • /publish-connectors-prerelease - Publishes pre-release connector builds (tagged as {version}-preview.{git-sha}) for all modified connectors in the PR.
  • /bump-progressive-rollout-version - Bumps connector version with an RC suffix (2.16.10-rc.1) for progressive rollouts (enableProgressiveRollout: true).
    • Example: /bump-progressive-rollout-version changelog="Add new feature for progressive rollout"
• ☕️ JVM connectors:
  • /update-connector-cdk-version connector=<CONNECTOR_NAME> - Updates the specified connector to the latest CDK version.
    Example: /update-connector-cdk-version connector=destination-bigquery
• 🐍 Python connectors:
  • /poe connector source-example lock - Run the Poe lock task on the source-example connector, committing the results back to the branch.
  • /poe source example lock - Alias for /poe connector source-example lock.
  • /poe source example use-cdk-branch my/branch - Pin the source-example CDK reference to the branch name specified.
  • /poe source example use-cdk-latest - Update the source-example CDK dependency to the latest available version.
• ⚙️ Admin commands:
  • /force-merge reason="<REASON>" - Force merges the PR using admin privileges, bypassing CI checks. Requires a reason.
    Example: /force-merge reason="CI is flaky, tests pass locally"

📚 Show Repo Guidance

Helpful Resources

• Breaking Changes Guide - Breaking changes, migration guides, and upgrade deadlines
• Developing Connectors Locally
• Managing Connector Secrets
• On-Demand Regression Tests
• #connector-ci-issues
• #connector-publish-updates
• #connector-build-statuses

📝 Edit this welcome message.

[github-actions]

Deploy preview for airbyte-docs ready!

✅ Preview
https://airbyte-docs-cwcr95slj-airbyte-growth.vercel.app

Built with commit 229339d.
This pull request is being automatically deployed with vercel-action