[oarsinsync]

I went to look at a repo on Github today. Clicked on the "xxx commits" link to see the commit history, and got told I've hit a secondary rate limit and need to wait.

I'm the only person on this network that would even look at Github, and my connection has a dedicated IP, no CGN.

[blinded]

The only real way to browse the site is to be logged in.

[NewJazz]

They will gradually authwall everything they can. Just look at linkedin.

[Asooka]

Wouldn't this break Go and other build systems (npm?) that pull packages from github by default? Not that I endorse the practise, but will Microsoft really kick out such a big class of users?

[blinded]

It does break it, from experience authorizing the pulls with a bot user fixes it.

In the case were the build happens from a github action there are standard builtin credential (workflow permissions).

https://docs.github.com/en/rest/using-the-rest-api/rate-limi...

[chrisandchris]

Can't count the times a "nuget restore" in our CI fails with 401, just to succeed on a 2nd attempt a few seconds later. Seems like the IP range is somehow flagged, so there's definetly a downside to it.

[negura]

sadly even that isn't an option for me. i spent half an hour yesterday trying to create a github account. i couldn't. my @proton.me got rejected. captchas take several painful minutes to complete. and even when I did manage to create an account (at least the page displayed a success mesage), it got disabled the instant I logged in for "TOS violation". i wish i was joking, but i literally cannot create a github account. a few years ago this would have seemed crazy. but here we are.

i'm stuck having to use google (another pain in the ass) for discovering codebases that contain specific snippets. but some repo contents (such as wikis) are not exposed at all to search engines

[classified]

Take that as a hint. Make an account somewhere else. The article lists several alternatives.

[negura]

having an account elsewhere won't help with the use case i mentioned

[blinded]

Could you make a throw away gmail or something?

[negura]

currently gmail requires that you send (yes, send) a text to them with a code in order to sign up

https://discuss.privacyguides.net/t/google-account-registrat...

[blinded]

wild, I had no idea.

[graemep]

Exactly the same here. I get that regularly.

[MYEUHD]

If you're on the desktop, refresh the page cache by using Ctrl + Shift + R

The page will load correctly

[e40]

I regularly get 404s on legit links in slack that work for other people.

[noprocrasted]

Yeah this is just typical techbro gaslighting. There is no rate-limit and hasn't been for years (it's just default deny), but they refuse to change the wording to reflect.

[dcrazy]

Would you care to cite your source that GitHub does not apply rate limits to unauthenticated requests?

[noprocrasted]

The parent's experience which mirrors my own - on a clean residential IP that hasn't sent any traffic I hit that "rate-limit" on my first request to the commits list view.

So there is no rate-limit, it's a default deny for unauthenticated requests... which could be fine but at least update the error message to reflect that.

[tempaccount420]

It's a rate limit of 0 RPS to that endpoint