github-proxy: Use identical access token rate limit quota
Created by: tsenart
This commit deprecates the site config settings githubClientID
and
githubClientSecret
and removes the code that used them in github-proxy
.
They were originally meant to be used by sourcegraph.com to increase the
available rate limit quota against github.com. However, recent changes
to GitHub deprecate OAuth authentication as an app via client_id
and
client_secret
URL query parameters.
In search for a solution, I looked into whether it would make sense to convert this mechanism to the new GitHub App authentication, but stopped short of it because I verified that the existing available rate limit quota for the OAuth app is the same as for the personal access token we already authenticate requests with (i.e. 5000 request / hour).
$ curl -I 'https://api.github.com/user?client_id=$CLIENT_ID&client_secret=$CLIENT_SECRET&access_token=$ACCESS_TOKEN' |
grep 'X-RateLimit-Limit'
X-RateLimit-Limit: 5000
$ curl -I 'https://api.github.com/user?access_token=$ACCESS_TOKEN' |
grep 'X-RateLimit-Limit'
X-RateLimit-Limit: 5000
In light of this finding, I chose to instead remove the usage of these OAuth credentials altogether and rely only on the already present personal access token.
Fixes #8310 (closed)