"403 Client Error: rate limit exceeded" when check for updates

[proninyaroslav]

I'm using the latest version of the app (v2.3.5) and it seems there are problems with getting the firmware archive (check for updates) from GitHub:

2937       INFO nitrokey.nk3.updates Firmware version before update: v1.8.1
2939      DEBUG urllib3.connectionpool Starting new HTTPS connection (1): api.github.com:443
4253      DEBUG urllib3.connectionpool https://api.github.com:443 "GET /repos/Nitrokey/nitrokey-3-firmware/releases/latest HTTP/11" 403 279
4253       INFO nitrokeyapp.device_data Nitrokey 3 failed to update - ('Failed to find latest firmware release', HTTPError('403 Client Error: rate limit exceeded for url: https://api.github.com/repos/Nitrokey/nitrokey-3-firmware/releases/latest'))
4285       INFO nitrokeyapp.gui nk3 connected: [<nitrokeyapp.device_data.DeviceData object at 0x7f6e7811a000>]
8189       INFO     otpapp Sending CCIDInstruction.Select (data: 12 bytes)
8249       INFO     otpapp Received [9000] (data: 14 bytes)
8249       INFO     otpapp TLV-decoding of data successful
8265       INFO     otpapp Sending Instruction.List (data: 6 bytes)
8681       INFO     otpapp Received [9000] (data: 0 bytes)
11010     DEBUG urllib3.connectionpool Starting new HTTPS connection (1): api.github.com:443
12266     DEBUG urllib3.connectionpool https://api.github.com:443 "GET /repos/Nitrokey/nitrokey-app2/releases/latest HTTP/11" 403 279

[daringer]

github started to rate limit requests from not logged in users - guess this is what you hit there - think we have to rethink this functionality and/or use something different than github for such requests ... for now this very mechanism is likely a "won't fix" - maybe linking the release page is the easiest workaround here - we'll target the next release for such a fix

[robin-nitrokey]

A potential workaround would be to cache the latest known release and then use conditional requests to check for new releases.