this post was submitted on 14 May 2025
321 points (99.4% liked)

Programming

20182 readers
231 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 2 years ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz
321
GitHub is introducing rate limits for unauthenticated pulls, API calls, and web access (github.blog)
submitted 1 day ago* (last edited 1 day ago) by chaospatterns@lemmy.world to c/programming@programming.dev
137 comments fedilink hide all child comments
 

An update from GitHub: https://github.com/orgs/community/discussions/159123#discussioncomment-13148279

The rates are here: https://docs.github.com/en/rest/using-the-rest-api/rate-limits-for-the-rest-api?apiVersion=2022-11-28

  • 60 req/hour for unauthenticated users
  • 5000 req/hour for authenticated - personal
  • 15000 req/hour for authenticated - enterprise org
top 50 comments
sorted by: hot top controversial new old
[–] bitwolf@sh.itjust.works 6 points 7 hours ago* (last edited 7 hours ago)

Maybe charge OpenAI for scrapes instead of screwing over your actual customers.

[–] PurpleStephyr@lemmy.blahaj.zone 3 points 9 hours ago

RIP yocto builds

[–] NigelFrobisher@aussie.zone 4 points 11 hours ago

Probably because of AI agents. This is why we can’t have nice things.

[–] varnia@lemm.ee 9 points 16 hours ago (1 children)

Good thing I moved all my repos from git[lab|hub] to Codeberg recently.

[–] stinky@redlemmy.com 1 points 7 hours ago

did your project manager or client ask for you to move there?

[–] midori_matcha@lemmy.world 65 points 1 day ago

Github is owned by Microsoft, so don't worry, it's going to get worse

[–] Lv_InSaNe_vL@lemmy.world 36 points 1 day ago* (last edited 1 day ago) (3 children)

I honestly don't really see the problem here. This seems to mostly be targeting scrapers.

For unauthenticated users you are limited to public data only and 60 requests per hour, or 30k if you're using Git LFS. And for authenticated users it's 60k/hr.

What could you possibly be doing besides scraping that would hit those limits?

[–] MangoPenguin@lemmy.blahaj.zone 11 points 19 hours ago

60 requests per hour per IP could easily be hit from say, uBlock origin updating filter lists in a household with 5-10 devices.

[–] chaospatterns@lemmy.world 25 points 1 day ago* (last edited 1 day ago)

You might behind a shared IP with NAT or CG-NAT that shares that limit with others, or might be fetching files from raw.githubusercontent.com as part of an update system that doesn't have access to browser credentials, or Git cloning over https:// to avoid having to unlock your SSH key every time, or cloning a Git repo with submodules that separately issue requests. An hour is a long time. Imagine if you let uBlock Origin update filter lists, then you git clone something with a few modules, and so does your coworker and now you're blocked for an entire hour.

[–] Disregard3145@lemmy.world 6 points 1 day ago (1 children)

I hit those many times when signed out just scrolling through the code. The front end must be sending off tonnes of background requests

[–] Lv_InSaNe_vL@lemmy.world 6 points 1 day ago

This doesn't include any requests from the website itself

[–] DoucheBagMcSwag@lemmy.dbzer0.com 14 points 1 day ago

This going to fuck over obtanium?

[–] onlinepersona@programming.dev 42 points 1 day ago (1 children)

I see the "just create an account" and "just login" crowd have joined the discussion. Some people will defend a monopolist no matter what. If github introduced ID checks à la Google or required a Microsoft account to login, they'd just shrug and go "create a Microsoft account then, stop bitching". They don't realise they are being boiled and don't care. Consoomer behaviour.

Anti Commercial-AI license

[–] calcopiritus@lemmy.world 1 points 11 hours ago (1 children)

Or we just realize that GitHub without logging in is a service we are getting for free. And when there's something free, there's someone trying to exploit it. Using GitHub while logged in is also free and has none of these limits, while allowing them to much easier block exploiters.

[–] onlinepersona@programming.dev -1 points 11 hours ago (1 children)

I would like to remind you that you are arguing for a monopolist. I'd agree with you if it were for a startup or mid-sized company that had lots of competition and was providing a good product being abused by competitors or users. But Github has a quasi-monopoly, is owned by a monopolist that is part of the reason other websites are being bombarded by requests (aka, they are part of the problem), and you are sitting here arguing that more people should join the monopoly because of an issue they created.

Can you see the flaws in reasoning in your statements?

Anti Commercial-AI license

[–] calcopiritus@lemmy.world 2 points 9 hours ago (1 children)

No. I cannot find the flaws in my reasoning. Because you are not attacking my reasoning, you are saying that i am on the side of the bad people, and the bad people are bad, and you are opposed to the bad people, therefore you are right.

The world is more than black or white. GitHub rate-limiting non-logged-in users makes sense, and is the expected result in the age of web scrapping LLM training.

Yes, the parent company of GitHub also does web scrapped for the purpose of training LLMs. I don't see what that has to do with defending themselves from other scrappers.

[–] onlinepersona@programming.dev -1 points 9 hours ago* (last edited 9 hours ago) (1 children)

Company creates problem. Requires users to change because of created problem. You defend company creating problem.

That's the logical flaw.

If you see no flaws in defending a monopolist, well, you cannot be helped then.

Anti Commercial-AI license

[–] calcopiritus@lemmy.world 1 points 3 hours ago

I don't think Microsoft invented scrapping. Or LLM training.

Also, GitHub doesn't have an issue with Microsoft scraping its data. They can just directly access whatever data they want. And rate-limiting non logged in accounts won't affect Microsoft's LLM training at all.

I'm not defending a monopolist because of monopolist actions. First of all because GitHub doesn't have any kind of monopoly. There are plenty of git forges. And second of all. How does this make their position on the market stronger? If anything, it makes it weaker.

[–] traches@sh.itjust.works 140 points 1 day ago (3 children)

Probably getting hammered by ai scrapers

load more comments (2 replies)
[–] daniskarma@lemmy.dbzer0.com 17 points 1 day ago (19 children)

Open source repositories should rely on p2p. Torrenting repos is the way I think.

Not only for this. At any point m$ could take down your repo if they or their investors don't like it.

I wonder if it would already exist and if it could work with git?

[–] thenextguy@lemmy.world 13 points 1 day ago (2 children)

Git is p2p and distributed from day 1. Github is just a convenient website. If Microsoft takes down your repo, just upload to another system. Nothing but convenience will be lost.

[–] witten@lemmy.world 8 points 1 day ago (1 children)

Not entirely true. You lose tickets and PRs in that scenario.

[–] QuazarOmega@lemy.lol 4 points 1 day ago (1 children)

I've heard git-bug a few times for decentralised issue tracking, never tried it but the idea is interesting

[–] witten@lemmy.world 2 points 20 hours ago

Yeah, pretty neat!

[–] samc@feddit.uk 9 points 1 day ago (3 children)

The project's official repo should probably exist in a single location so that there is an authoritative version. At that point p2p is only necessary if traffic for the source code is getting too expensive for the project.

Personally I think the source hut model is closest to the ideal set up for OSS projects. Though I use Codeberg for my personal stuff because I'm cheap and lazy

load more comments (3 replies)
load more comments (16 replies)
[–] hackeryarn@lemmy.world 85 points 1 day ago (9 children)

If Microsoft knows how to do one thing well, it’s killing a successful product.

load more comments (9 replies)
[–] tal@lemmy.today 53 points 1 day ago (11 children)

60 req/hour for unauthenticated users

That's low enough that it may cause problems for a lot of infrastructure. Like, I'm pretty sure that the MELPA emacs package repository builds out of git, and a lot of that is on github.

load more comments (11 replies)
[–] sturlabragason@lemmy.world 39 points 1 day ago* (last edited 1 day ago) (13 children)

No no, no no no no, no no no no, no no there's no limit

https://forgejo.org/

[–] furikuri@programming.dev 2 points 20 hours ago

Amazon's AI crawler is making my git server unstable

End of the day someone still has to pay for those requests

load more comments (12 replies)
[–] brachiosaurus@mander.xyz 9 points 1 day ago (1 children)

I have a question: why do lemmy dev keep using microsoft github?

load more comments (1 replies)
load more comments
view more: next ›