Skip to content

ForbiddenError during search pagination is a misleading error caused by secondary rate limit #779

Description

@QingShan-unitx

Describe the bug

When SEARCH_QUERY matches more than 200 results (requiring more than 2 pages), the action fails with this misleading error:

You do not have permission to view a repository from: 'owner/repo '; Check your API Token.
This happens even when the token has correct permissions. The first 200+ results are printed successfully before the failure, which proves it's not a real permission issue.

The root cause is that GitHub's secondary rate limit returns HTTP 403 (not 429), and search.py catches all ForbiddenError exceptions as permission errors without checking whether it's actually a rate limit response:

except github3.exceptions.ForbiddenError as e:
    print(f"You do not have permission to view a repository from: '{repos_and_owners_string}'; Check your API Token.")
    sys.exit(1)

The existing wait_for_api_refresh() only handles the primary search rate limit (ratelimit_remaining < 5). Secondary rate limits from rapid successive page requests are not handled.

To Reproduce

  1. Use a private repository where the search query matches more than 200 PRs/issues in a given period
  2. Run the action with GITHUB_TOKEN (with contents: read and issues: write and pull-requests: read)
  3. Observe: the first two pages of results (200 items) are printed successfully, then the error appears when requesting the third page

Expected behavior

  • When a secondary rate limit 403 is received, the action should read the Retry-After response header and retry after waiting, instead of exiting immediately
  • The error message should distinguish between a real permissions error and a secondary rate limit

Screenshots

Image Image

Additional context

Metadata

Metadata

Assignees

No one assigned

    Labels

    StalebugSomething isn't working

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions