Skip to content

docs(gh-cli): GITHUB_TOKEN per-repo rate limit + git-tree workaround#106

Merged
CybotTM merged 2 commits into
mainfrom
feat/retro-github-token-rate-limit
Jul 5, 2026
Merged

docs(gh-cli): GITHUB_TOKEN per-repo rate limit + git-tree workaround#106
CybotTM merged 2 commits into
mainfrom
feat/retro-github-token-rate-limit

Conversation

@CybotTM

@CybotTM CybotTM commented Jul 5, 2026

Copy link
Copy Markdown
Member

Summary

Document the GITHUB_TOKEN per-repository REST rate limit (1,000/hour) and the git-tree API workaround, in references/gh-cli-reference.md.

Came from

/retro sweep on 2026-07-05 of session 44c102fc (2026-07-04).
Finding: B16 (hard-won technique) — a nightly GitHub Pages deploy 403'd because a collector fired ~1,500 contents probes across ~100 repos, exhausting the installation token's per-repo cap. The build job passed while deploy failed, which misdirected debugging.

Change

New "Rate Limits — GITHUB_TOKEN in Actions" section covering:

  • the 1,000 req/hour per-repo installation-token cap (distinct from the 5,000/hr user limit and the GraphQL budget);
  • the misleading build-green / deploy-403 symptom;
  • the fix: one recursive git/trees?recursive=1 call per repo instead of N per-file contents probes (~1,500 → a few hundred calls);
  • the free rate_limit preflight.

Test plan

  • Skill Validation (markdown/link lint) passes
  • git/trees?recursive=1 example runs and lists blob paths as written

…workaround

The GITHUB_TOKEN in Actions is capped at 1,000 REST requests/hour per
repository. A workflow probing many paths across many repos exhausts it,
and the failure misleads: the build job passes while the deploy job 403s.

Add a "Rate Limits" section to gh-cli-reference.md covering the cap, the
build-green/deploy-403 symptom, and the fix — one recursive git-trees call
per repo instead of N per-file contents probes (drops a ~100-repo sweep from
~1,500 calls to a few hundred), plus the free rate_limit preflight.

Came from a /retro sweep of session 44c102fc (2026-07-04): a TYPO3 docs
dashboard's nightly Pages deploy 403'd on this exact limit.

Signed-off-by: Sebastian Mendel <github@sebastianmendel.de>
Copilot AI review requested due to automatic review settings July 5, 2026 20:33
@github-actions github-actions Bot added documentation Improvements or additions to documentation skill labels Jul 5, 2026
@github-actions

github-actions Bot commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request adds a new section to the GitHub CLI reference documentation explaining GITHUB_TOKEN rate limits in GitHub Actions and providing optimized commands to fetch git trees recursively. The review feedback suggests improving the robustness of the provided jq commands by using optional chaining and default fallbacks to handle potentially null or missing JSON fields safely.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread skills/github-project/references/gh-cli-reference.md Outdated
Comment thread skills/github-project/references/gh-cli-reference.md Outdated
Comment thread skills/github-project/references/gh-cli-reference.md Outdated

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds guidance to the GitHub CLI reference documentation to help workflows avoid exhausting the GITHUB_TOKEN REST API rate limit, including a recommended git/trees?recursive=1-based approach to reduce per-file contents probing.

Changes:

  • Documented the GITHUB_TOKEN REST rate limit behavior in Actions and a common “build green / deploy 403” symptom.
  • Added an example workflow pattern for enumerating repo files via the Git data “tree” API instead of per-file contents calls.
  • Documented a rate_limit preflight check before running large collectors.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread skills/github-project/references/gh-cli-reference.md Outdated
Comment thread skills/github-project/references/gh-cli-reference.md Outdated
Comment thread skills/github-project/references/gh-cli-reference.md Outdated
Review feedback on #106:
- Fix subject-verb agreement ("Actions injects").
- Clarify the 1,000/hr cap is charged to the token issued for the WORKFLOW's
  repository and shared across all its calls, including calls to other repos —
  not a separate per-target-repo budget (which is what "per repository" implied).
- Drop the commits lookup: git/trees resolves a ref directly, so the example is
  now genuinely one call per repo (verified against a live repo).
- Null-safe jq (.tree[]?, .resources.core? // empty).

Signed-off-by: Sebastian Mendel <github@sebastianmendel.de>
@sonarqubecloud

sonarqubecloud Bot commented Jul 5, 2026

Copy link
Copy Markdown

@CybotTM CybotTM merged commit 813967d into main Jul 5, 2026
18 checks passed
@CybotTM CybotTM deleted the feat/retro-github-token-rate-limit branch July 5, 2026 23:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

documentation Improvements or additions to documentation skill

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants