fix: Prevent GitHub GraphQL quota exhaustion in PR Insights endpoint#5374
Conversation
|
@Krishnx21 is attempting to deploy a commit to the jhasourav07's projects Team on Vercel. A member of the Team first needs to authorize it. |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 45923aa642
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Aamod-Dev
added
GSSoc26
GSSoC 2026
level:critical
Aamod-Dev
left a comment
Aamod-Dev
left a comment
There was a problem hiding this comment.
Thanks for the contribution. I went through the changes and the overall approach looks good.
Labels applied:
- \level:critical: This PR implements rate-limiting to prevent endpoint abuse, which is explicitly defined as a critical-level architectural piece under the core infra rules.
- \quality:clean: The rate limiter addition is neat and fits perfectly into the existing routing and tests.
- \ ype:bug\ & \ ype:security: Primary purpose is preventing quota exhaustion and DoS via rate limiting.
- \mentor:Aamod007: Applied for tracking.
Everything looks correct. Thanks again for the contribution!
JhaSourav07
added
the
gssoc:approved
|
🎉 Congratulations @Krishnx21! Your PR has been successfully merged. 🚀 Thank you for contributing to CommitPulse. Your work helps us build a better tool for the community.
Keep building! 💻✨ |
JhaSourav07
added
gssoc:approved
3 participants
Related Issue
Closes #5226
Description
This PR mitigates a denial-of-service vector in the /api/pr-insights endpoint where unauthenticated requests could repeatedly trigger expensive GitHub GraphQL pagination using the application's shared GitHub tokens.
Previously, the endpoint was not protected by the middleware rate limiter and could fetch up to 10 GraphQL pages per cache miss. Attackers could rotate valid GitHub usernames to bypass cache hits and continuously consume the shared GitHub GraphQL quota.
Changes Made
Included /api/pr-insights in middleware protection.
Introduced a dedicated rate-limit bucket for PR Insights requests.
Prevents unauthenticated clients from generating excessive upstream API traffic.
Added a strict server-side maximum page limit.
Prevented unbounded pagination loops.
Ensures request cost remains predictable.
Monitors GraphQL query cost during pagination.
Stops fetching additional pages when the configured threshold is reached.
Returns available data instead of exhausting shared API quota.
Added safeguards against excessive cache-miss amplification.
Reduced risk of shared-token starvation affecting legitimate users.
Security Impact
Before:
Unauthenticated users could trigger multiple GraphQL requests per call.
Shared GitHub GraphQL quota could be exhausted.
PR Insights and dashboard functionality could become unavailable.
After:
Requests are rate limited.
Pagination is strictly bounded.
Upstream GitHub API consumption is controlled.
Shared quota exhaustion risk is significantly reduced.
Testing
Verified normal PR Insights functionality.
Verified pagination stops at configured limits.
Verified rate limiting is applied to /api/pr-insights.
Verified repeated unauthenticated requests receive rate-limit responses.
Verified partial results are returned when pagination budget is reached.
Type of Change
Bug fix
Security fix
New feature
Breaking change
Screenshots
N/A
GSSoC 2026
Contributor: @Krishnx21
Program: GirlScript Summer of Code 2026