Skip to content

Investigation: GitHub API rate limiting already implemented#166

Draft
Copilot wants to merge 1 commit intomainfrom
copilot/add-github-api-token-support
Draft

Investigation: GitHub API rate limiting already implemented#166
Copilot wants to merge 1 commit intomainfrom
copilot/add-github-api-token-support

Conversation

Copy link
Contributor

Copilot AI commented Feb 19, 2026
edited
Loading

Issue claims fetch-releases.js makes unauthenticated GitHub API calls without rate limiting. Investigation reveals the claim is incorrect.

Findings

fetch-releases.js makes zero API calls

  • Uses only local git log and git show commands
  • Parses git history to generate data/updates.json and RSS feed
  • No HTTP libraries imported or invoked

update-repos.ts already has comprehensive protection

  • Token authentication via GITHUB_TOKEN environment variable
  • 500ms delay between requests (more conservative than issue's suggested 200ms)
  • Handles 403 rate limit responses gracefully
// Existing implementation in update-repos.ts
if (process.env.GITHUB_TOKEN) {
    headers['Authorization'] = `token ${process.env.GITHUB_TOKEN}`;
}
await new Promise(resolve => setTimeout(resolve, 500));

Conclusion

No changes required. Issue based on incorrect file identification. The script making API calls already implements all suggested mitigations.

Original prompt

This section details on the original issue you should resolve

<issue_title>Bug/Reliability: GitHub API Rate Limiting</issue_title>
<issue_description>Issue :

The fetch-releases.js script iterates through all repositories in the CSV to find new job postings. For a large list, this will quickly trigger GitHub's secondary rate limits if an authenticated GH_TOKEN is not used or if requests aren't staggered.
Improvement: Add an optional token header to the fetch requests and implement a small delay (e.g., 200ms) between repository checks in the loop.

File Path : open-source-jobs/scripts/fetch-releases.js

Code Idea :

const headers = process.env.GH_TOKEN ? { Authorization: `token ${process.env.GH_TOKEN}` } : {};
// Inside the loop:
await new Promise(resolve => setTimeout(resolve, 200));
```</issue_description>

<agent_instructions>I think this should not be a problem, verify it</agent_instructions>

## Comments on the Issue (you are @copilot in this section)

<comments>
</comments>

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

@vercel
Copy link

vercel bot commented Feb 19, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
open-source-jobs Ready Ready Preview, Comment Feb 19, 2026 4:03am

Copilot AI changed the title [WIP] Add GitHub API token support and delay in fetch-releases script Investigation: GitHub API rate limiting already implemented Feb 19, 2026
Copilot AI requested a review from timqian February 19, 2026 04:06
@timqian timqian mentioned this pull request Feb 19, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@timqian timqian Awaiting requested review from timqian

Assignees

@timqian timqian

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Bug/Reliability: GitHub API Rate Limiting

2 participants

@timqian