[SCUSKU]

Tried a public repo but it asked for a personal access token? No thanks. Otherwise great idea, but why should I give a personal access token for something that's publicly available, it really does not inspire confidence.

[pmig]

Thanks scusku, the personal access token does not have any additional permission, we just need to avoid getting rate limited.

[Sleaker]

Sharing a GitHub API token to bypass rate limiting is explicitly in violation of section H of the terms on GitHub usage.

https://docs.github.com/en/site-policy/github-terms/github-t...

[pmig]

Most applications are designed in that way, think about ossf scorecard, star-history.com etc..

[kissgyorgy]

Why don't use your own personal access token?

[pmig]

We did, bur ran into the API limits as oder/scorecard alone is quite expensive on GitHub request

[rglover]

Implement an OAuth flow with Github and then you can avoid that entirely.

[pmig]

Gods point, will work on that!

[dylan604]

never pay for something yourself when you can have someone else pay for it. it's a useful concept that can be used in many many cases. the 1%ers love this concept