Rate limiting when hitting the github API

[nicolas-grekas]

Today, I've given a Symfony UX workshop, it went well, thanks for all the 🐟 :)

One issue still: running the tailwind::build command, we saw "Cannot determine latest Tailwind CLI binary version. Please specify a version in the configuration." errors.

The reason is of course that everybody was using the same IP address and it got rate-limited.
The solution to that is attaching a github token to the call that's done to https://api.github.com/repos/tailwindlabs/tailwindcss/releases/latest in src/TailwindBinary.php.

While the workshop situation made this issue obvious, I think it might be nice to make this less fragile.

I'm opening this issue to figure out the best way to do this.

Ideas:

• sniff the github token from ~/.composer/auth.json
• get and commit the version number on composer install so that the request is not needed anymore when deploying?
• others?

[bocharsky-bw]

Hey Nicolas,

Thank you for reporting it! This sounds like an edge case considering the IP problem, but it's definitely not something you want to face during the workshop :/

We had a similar issue before, see #43, and we decided to cache the latest version check, but it seems that solution does not solve the same IP problem you got.

get and commit the version number on composer install so that the request is not needed anymore when deploying?

As I understand this will not solve the same IP problem you had because we will still need to execute that ...releases/latest request to figure out the version.

Not sure about best practice sniffing that ~/.composer/auth.json... is it too hackey? Probably sounds like a simple and valid option, though I suppose it may have some problems with different OS because the path may be diffrent. Or maybe just allow devs to set up a specific env var, e.g. GITHUB_TOKEN and if set - add that to the request?

I think authenticated requests should be a good solution in this case.

[langziyang]

so, how to fix it