From c97f35afed0fc2a64b4e74b395928419ddd3456f Mon Sep 17 00:00:00 2001
From: Dennis Doomen <dennis.doomen@avivasolutions.nl>
Date: Thu, 11 Jun 2026 15:00:02 +0200
Subject: [PATCH 1/2] Log GitHub API 403 rate-limit errors as Warning instead
 of Debug

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 Src/PackageGuard.Core/GitHubRepositoryRiskEnricher.cs | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Src/PackageGuard.Core/GitHubRepositoryRiskEnricher.cs b/Src/PackageGuard.Core/GitHubRepositoryRiskEnricher.cs
index 20a8fe6..5e69d0b 100644
--- a/Src/PackageGuard.Core/GitHubRepositoryRiskEnricher.cs
+++ b/Src/PackageGuard.Core/GitHubRepositoryRiskEnricher.cs
@@ -269,6 +269,11 @@ await Task.WhenAll(releaseDataTask, readmeTask, issueDataTask, contributorDataTa
                 LastReleaseAt = releaseData.LastReleaseAt
             };
         }
+        catch (HttpRequestException ex) when (ex.StatusCode == System.Net.HttpStatusCode.Forbidden)
+        {
+            logger.LogWarning(ex, "Failed to fetch GitHub repository risk metadata from {RepositoryApiRoot}", repositoryApiRoot);
+            return null;
+        }
         catch (Exception ex)
         {
             logger.LogDebug(ex, "Failed to fetch GitHub repository risk metadata from {RepositoryApiRoot}", repositoryApiRoot);

From 08dc4d86f2a16797b57ab9ffd7abcbd26a9385eb Mon Sep 17 00:00:00 2001
From: Dennis Doomen <dennis.doomen@avivasolutions.nl>
Date: Thu, 11 Jun 2026 18:30:12 +0200
Subject: [PATCH 2/2] Promote network error logging to Warning for
 LicenseUrlRiskEnricher and NpmRegistryMetadataFetcher

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 Src/PackageGuard.Core/LicenseUrlRiskEnricher.cs         | 2 +-
 Src/PackageGuard.Core/Npm/NpmRegistryMetadataFetcher.cs | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Src/PackageGuard.Core/LicenseUrlRiskEnricher.cs b/Src/PackageGuard.Core/LicenseUrlRiskEnricher.cs
index 403faa9..0f0addc 100644
--- a/Src/PackageGuard.Core/LicenseUrlRiskEnricher.cs
+++ b/Src/PackageGuard.Core/LicenseUrlRiskEnricher.cs
@@ -40,7 +40,7 @@ public async Task EnrichAsync(PackageInfo package)
         }
         catch (Exception ex)
         {
-            logger.LogDebug(ex, "Failed to validate license URL {LicenseUrl} for {Name} {Version}", package.LicenseUrl, package.Name, package.Version);
+            logger.LogWarning(ex, "Failed to validate license URL {LicenseUrl} for {Name} {Version}", package.LicenseUrl, package.Name, package.Version);
             package.HasValidLicenseUrl = false;
             package.HasValidatedLicenseUrl = true;
         }
diff --git a/Src/PackageGuard.Core/Npm/NpmRegistryMetadataFetcher.cs b/Src/PackageGuard.Core/Npm/NpmRegistryMetadataFetcher.cs
index 845296f..a8449d1 100644
--- a/Src/PackageGuard.Core/Npm/NpmRegistryMetadataFetcher.cs
+++ b/Src/PackageGuard.Core/Npm/NpmRegistryMetadataFetcher.cs
@@ -313,8 +313,8 @@ private async Task FetchDownloadCountAsync(PackageInfo package)
         }
         catch (Exception ex)
         {
-            logger.LogDebug("Failed to fetch download count for {Name} {Version}: {Error}",
-                package.Name, package.Version, ex.Message);
+            logger.LogWarning(ex, "Failed to fetch download count for {Name} {Version}",
+                package.Name, package.Version);
         }
     }