deps: update eslint job failed

[nodejs-github-bot]

This is an automatically generated issue by the GitHub Action.
The update workflow has failed for .
@nodejs/security-wg @nodejs/actions

[marco-ippolito]

A lot of dependencies update failure happened, I've closed most of the issue automatically opened. I think the main cause is github api rate limit. There is a PR open to solve this issue
#48200

[fasenderos]

The error message of one of the failed job is

data: {
      message: 'You have exceeded a secondary rate limit and have been temporarily blocked from content creation. Please retry your request again later.',
      documentation_url: 'https://docs.github.com/rest/overview/resources-in-the-rest-api#secondary-rate-limits'
}

As per the doc, even authenticated request can hit a secondary rate limits. To avoid these limits, requests for a single user (e.g. GITHUB_TOKEN) must be done serially, not concurrently and - for large (??) number of call - wait one second between each request.

1. Make requests for a single user or client ID serially. Do not make requests for a single user or client ID concurrently.

2. If you're making a large number of POST, PATCH, PUT, or DELETE requests for a single user or client ID, wait at least one second between each request.

By default jobs run in parallel and we can try to run the jobs sequentially, but we have also to consider that all the other jobs count in these limits, not only the one that update the dependencies, so it is very likely reaching these limits. It might be useful have a last resort job that act as a DLQ of failed jobs to be runned again

[aduh95]

we have also to consider that all the other jobs count in these limits

We have to consider all the other jobs that do API calls with the bot token, and I think that's only the CQ and the Auto-start-ci workflows (and only if there are PRs on the queue). (At least there are only those on this repo, I don't know if we use nodejs-github-bot elsewhere, I assume no). Making the deps_updater workflow run sequentially should be enough I think.

[targos]

I'm not sure this is related to a rate limit.

I see nothing that indicates it in the logs of https://github.com/nodejs/node/actions/runs/5101478266/jobs/9170360142

[targos]

It's also not clear to me why it opened an issue at all. It's supposed to only happen on failure and the eslint job didn't fail.

[marco-ippolito]

the errors are all different, there is api rate limit, missing template(? weird) etc... https://github.com/nodejs/node/actions/runs/5101478266

[targos]

That doesn't explain why it opened issues for jobs that finished without errors like the eslint one.

[marco-ippolito]

there were some issue with the github action which have been reverted: #48312