GitHub Toolkit leverages the GitHub REST API to fetch user and repository data. This document explains how the integration works and the best practices used.
- API Version: 2022-11-28
- Authentication: Personal Access Token
- Rate Limits: 60 requests/hour (unauthenticated), 5,000 requests/hour (authenticated)
- Docs: GitHub REST API Documentation
-
Go to GitHub Settings → Developer settings → Personal access tokens → Tokens (classic)
-
Click "Generate new token (classic)"
-
Configure token settings:
- Token name: GitHub Toolkit (or your preference)
- Expiration: Choose an appropriate expiration period
- Scopes: Select the following:
public_repo- Access to public repositoriesuser- Access to user profile information
-
Copy the generated token
-
Add to
.envfile:GITHUB_TOKEN=your_token_here
- Never commit tokens to version control
- Use
.envfiles for local development - Use environment variables in production
- Rotate tokens periodically for security
- Revoke old tokens when no longer needed
All requests include proper GitHub API headers:
{
"Accept": "application/vnd.github+json",
"X-GitHub-Api-Version": "2022-11-28",
"Authorization": "Bearer {token}",
"User-Agent": "GitHub-Toolkit"
}These headers ensure compatibility with the latest GitHub API features and proper authentication.
GET /users/{username}
Returns: Basic user profile information
- username
- name
- bio
- avatar_url
- location
- company
- blog
- twitter_username
- followers
- following
- public_repos
- created_at
GET /users/{username}/repos?per_page=100&sort=updated
Returns: List of user repositories with:
- name
- description
- html_url
- language
- stargazers_count (stars)
- forks_count (forks)
- updated_at
- size
GET /search/repositories?q=user:{username}
Alternative endpoint for repository search and analysis
{
"login": "octocat",
"id": 1,
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"followers": 20,
"public_repos": 2,
...
}Common error responses and handling:
| Status | Error | Meaning |
|---|---|---|
| 404 | Not Found | User or repository doesn't exist |
| 403 | Forbidden | Rate limit exceeded or insufficient permissions |
| 401 | Unauthorized | Invalid or expired token |
| 422 | Unprocessable Entity | Invalid parameters |
| 500 | Server Error | GitHub API server error |
{
"message": "API rate limit exceeded",
"documentation_url": "https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"
}- Authenticated Requests: 5,000 per hour
- Unauthenticated Requests: 60 per hour
- Reset Time: Hourly (check
X-RateLimit-Resetheader)
All responses include rate limit information:
X-RateLimit-Limit: 5000
X-RateLimit-Remaining: 4999
X-RateLimit-Reset: 1234567890
- Use Authentication: Always provide a GitHub token
- Cache Results: Store results to avoid repeated API calls
- Monitor Usage: Track API calls to prevent hitting limits
- Batch Requests: Group related requests efficiently
- Handle 403 Response: Implement exponential backoff for retry logic
User Input (GitHub username)
↓
GET /users/{username}
↓
GET /users/{username}/repos?per_page=100
↓
Calculate Metrics
├── Total Stars (sum of stargazers_count)
├── Total Forks (sum of forks_count)
├── Language Distribution (aggregate languages)
├── Average Stars per Repo
└── Average Forks per Repo
↓
Format Response
↓
Frontend Displays Results
User Input (Two GitHub usernames)
↓
GET /users/{username1} + Repos
GET /users/{username2} + Repos
↓
Calculate Metrics for Both Users
├── Followers comparison
├── Following comparison
├── Public repos comparison
├── Stars comparison
├── Forks comparison
└── Determine winners
↓
Format Comparison Response
↓
Frontend Displays Side-by-Side Comparison
- Browser Cache: Automatic caching of API responses
- Session Storage: Cache results during user session
- Prevents Duplicate: Avoid duplicate API calls for same user
- In-Memory Cache: Store recent profile queries
- TTL: Cache invalidates after 1 hour
- Cache Invalidation: Manual cache clear on demand
import requests
headers = {
"Accept": "application/vnd.github+json",
"X-GitHub-Api-Version": "2022-11-28",
"Authorization": f"Bearer {token}",
"User-Agent": "GitHub-Toolkit"
}
response = requests.get(
f"https://api.github.com/users/{username}",
headers=headers
)
if response.status_code == 200:
user_data = response.json()
else:
# Handle error
print(f"Error: {response.status_code}")repos_response = requests.get(
f"https://api.github.com/users/{username}/repos",
params={"per_page": 100, "sort": "updated"},
headers=headers
)
repositories = repos_response.json()- Error: 403 Forbidden with "API rate limit exceeded"
- Solution: Wait until rate limit reset time or add GitHub token
- Error: 404 Not Found
- Solution: Verify GitHub username exists and is spelled correctly
- Error: 401 Unauthorized
- Solution: Check token is valid and not expired, regenerate if needed
- Error: Request timeout after 30 seconds
- Solution: Check network connection, GitHub may be experiencing issues
- Error: Missing fields in response
- Solution: Verify user repository visibility settings, some repos may be private