You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Few months ago we went down the same attempt but rolled back as soon as we tested in CI, we are able to reach the limit (authenticated or not) very soon give the numebre of component an daily build we trigger.
Anyway, the current implementation ignore errors (no matter if conn error, 4xx / 5xx) and fallback to not filling the missing license.
In case of error this will lead to non-deterministic SBOM reports.
I would not make the generation non-deterministic, even more introducing a dependency on an external (rate limited) service.
The text was updated successfully, but these errors were encountered:
Hi @voltone
Not an issue, just a note about it.
The github API is rate limited (ref https://docs.github.com/en/rest/using-the-rest-api/rate-limits-for-the-rest-api?apiVersion=2022-11-28).
Few months ago we went down the same attempt but rolled back as soon as we tested in CI, we are able to reach the limit (authenticated or not) very soon give the numebre of component an daily build we trigger.
Anyway, the current implementation ignore errors (no matter if conn error, 4xx / 5xx) and fallback to not filling the missing license.
In case of error this will lead to non-deterministic SBOM reports.
I would not make the generation non-deterministic, even more introducing a dependency on an external (rate limited) service.
The text was updated successfully, but these errors were encountered: