Using OAuth return less results

So I’ve checked that when I do a query anonymized I get more results than when I do the same query using a token (with an intermediary program not directly with curl, see this issue).

Is there any way to know if a query is completed and how many results should I get?

Hey @llrs how are you going? Thanks for bringing this up!

Reading through the issue you’ve posted, it sounds like the concern is with the PAT being used and it’s applied scope.

I may just need to run through with gh myself, but is this type of discrepancy possible to reproduce without gh? If so, could you provide an example curl that I could try with and without authentication?

I got in touch with one of your colleague via Support. However this is the curl call that reported less results for me (but not your colleague):

curl -v \
  -H "Accept: application/vnd.github.v3+json" \            
-u llrs:MyToken -X GET "https://api.github.com/repos/Bioconductor/Contributions/issues/6/events?per_page=100"

This call returns 33 events on my browser (without authentication) but only 15 when I use the above call. Also tried it on a docker image and had the same result.

Hey @llrs thanks so much for letting me know! I was able to find the support ticket and it looks like we’re still trying to sort out the relation to only some (and not all) missing events from a blocked bot user.

Strange!

Will followup here with anything relevant to the community-at-large.

So we’ve opened an internal issue on this and have received initial review from our dev team. The scope of the problem is still a bit of an unknown and there’s no way I can provide any kind of time to resolution in this public space.

What I would say to you @llrs or to anyone else who may notice this, is to post to this topic with your experience so we can tag it and track it along with other users seeing similar returns from the API.

There is some nuance here and I would encourage folks other than the OP to consider if you have blocked any users (especially bots) on the authenticated account being used to query the API.

Thanks for letting me know @nethgato.

For anyone else reading this. The issue is that I had blocked a user a bot, and the API filters events from blocked users but didn’t do it correctly as I could see some events from the user I had blocked. So if you have blocked someone and you are querying the API where this users are involved check your results.

1 Like