flex icon indicating copy to clipboard operation
flex copied to clipboard
verified publisher icon symfony

The "https://raw.githubusercontent.com/symfony/recipes/flex/main/index.json" file could not be downloaded (HTTP/2 404 )

Open fluffycondor opened this issue 3 years ago • 5 comments

It's basically the same as #891, but that one was closed by its author because he was unbanned by Github rate-limiting algorithm.

In CurlDownloader.php line 645:                                                                                                                      
  The "https://raw.githubusercontent.com/symfony/recipes/flex/main/index.json" file could not be downloaded (HTTP/2 404 )

The reason for this is Github have really a non-transparent rate-liming. (And also it masks an unfulfilled request by 404 code, which is quite misleading.) Looks like the migration from a Symfony server to Github wasn't actually "free" :( I often encounter this error in co-workings and large office spaces where all people obviously use one IP address to connect Github. It would be nice to have a fallback the same as Composer have. If someone hit a rate-limit while updating a package, Composer suggest you enter a Github token or skip it and it will download the package from another place, which a little bit slower, but still works. But the way Symfony Flex it does (just throwing an exception), it ruins my workflow almost everyday, and I have to use proxies/VPN/etc. just to make my Composer work. Maybe it would be nice to save this file in cache and retrieve it if there's 404 from Github. Or maybe just skip this step completely if there's a 404, because looks like it retrieves this json every time I use Composer to install/update something, I guess if this file was downloaded within last 24 hours, it would be sufficient. Maybe Github is upset that it have quite big request's number for this particular file.

fluffycondor avatar Aug 08 '22 13:08 fluffycondor

Does Flex support setting (and using) an Github API token? Because then the rate limit is 5000 req/hr, which is probably enough?

apfelbox avatar Aug 08 '22 14:08 apfelbox

the rate limit is 5000 req/hr

I wish it would be. Maybe this rate limit is applied only when I use a non-outdated token? It's quite fun I'll never see a Composer dialogue to enter a new token because Flex tries to download files earlier.

fluffycondor avatar Aug 08 '22 14:08 fluffycondor

Also all these flex urls are always opened perfectly by a browser. So providing these files manually also would be a nice option.

fluffycondor avatar Aug 08 '22 14:08 fluffycondor

I wish it would be. Maybe this rate limit is applied only when I use a non-outdated token?

It is: CleanShot 2022-08-08 at 18 26 46@2x

Composer is using the token if set, but I am not sure about Flex. So this should be verified (hence the question).

apfelbox avatar Aug 08 '22 16:08 apfelbox

Deleting /home/user/.config/composer/auth.json solved the problem, looks like Github aggressively prohibits downloading with outdated tokens?.. But it allows to do that if one don't specify a token at all. Kinda weird I'd say. And one can't enter a new token via Composer dialogue because Flex crashes Composer before that :) Looks like the plugin should call Github::authorizeOAuthInteractively() in case of 404 like Composer does.

fluffycondor avatar Aug 09 '22 14:08 fluffycondor