Skip to content

REFERENCE.md

Latest commit

 

History

History
942 lines (582 loc) · 63 KB

REFERENCE.md

File metadata and controls

942 lines (582 loc) · 63 KB

GitHub CLI

Every gh command, plus a local store, cross-org rollups, and FTS no other GitHub tool ships.

github-pp-cli matches gh surface for surface and adds a sync engine + SQLite store so you can answer cross-repo questions in one query — recent, bottlenecks, flake-rank, release-diff, reviewer-load, velocity, who-broke-main — plus FTS that bypasses GitHub's 1000-result cap and a rate-limit-aware paginate that doesn't cliff-fail. Every command is agent-native by default: --json, --select, typed exit codes, --dry-run on every mutation.

Learn more at GitHub.

Install

Requires Go 1.26 or newer.

go install github.com/cpard/github-pp-cli/cmd/github-pp-cli@latest
go install github.com/cpard/github-pp-cli/cmd/github-pp-mcp@latest

The two binaries land in $GOBIN (typically ~/go/bin). Make sure that's on your PATH.

From source

git clone https://github.com/cpard/github-pp-cli.git
cd github-pp-cli
go build -o ./github-pp-cli ./cmd/github-pp-cli
go build -o ./github-pp-mcp ./cmd/github-pp-mcp

Register the MCP server with Claude Desktop

Add to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or the equivalent on your platform:

{
  "mcpServers": {
    "github-pp": {
      "command": "/absolute/path/to/github-pp-mcp",
      "args": ["--transport", "stdio"]
    }
  }
}

Restart Claude Desktop. The 26 tools (including github_graphql, pr_ship_check, the 9 cross-repo aggregation tools, fts, and the github_search + github_execute Cloudflare-pattern pair) become available in your conversations.

Authentication

github-pp-cli reuses your gh auth token when present. If gh is signed in (run gh auth status to confirm), no setup is needed. Otherwise set GITHUB_TOKEN (fine-grained PAT recommended; classic PATs and GitHub App installation tokens also accepted). For sync-heavy use, GitHub App installation tokens raise the rate limit ceiling from 5000/hr to 15000/hr.

Quick Start

# Verify token + scopes + rate-limit budget
github-pp-cli auth status


# Build the local store; one watermarked walk per resource
github-pp-cli sync --org acme


# Friday triage: one query across every synced repo
github-pp-cli bottlenecks --org acme --json --select kind,repo,number,reason


# Cross-entity rollup since yesterday
github-pp-cli recent --since 24h --json


# FTS bypassing the 1000-result cap
github-pp-cli fts "flaky test" --type prs,issues --json --select repo,number,title

Unique Features

These capabilities aren't available in any other tool for this API.

Cross-org rollups

  • reviewer-load — See review load (given, received, pending) per teammate over a window — for 1:1 prep, perf cycles, and cross-squad rollups.

    Reach for this when you need to know who's overloaded with reviews — gh cannot answer this without N round trips, and the 1000-result search cap breaks it on big orgs.

    github-pp-cli reviewer-load --org acme --since 30d --json --select user,reviews_given,reviews_pending,median_ttr_hours

  • recent — One command, all repos: PRs merged, issues closed, releases cut, runs failed since a watermark.

    Reach for this for daily / weekly cross-repo standup rollups instead of opening N tabs of gh invocations.

    github-pp-cli recent --since 24h --org acme --json --select kind,repo,number,title,actor

  • velocity — Per-repo throughput: PRs/day merged, median PR lifetime, p50 time-to-first-review, median CI duration.

    Reach for this for engineering health checks and rollups instead of pasting gh pr list --json into a spreadsheet.

    github-pp-cli velocity --org acme --window 30d --json --select repo,merged_per_day,median_lifetime_h,p50_ttfr_h

Local store leverage

  • fts — Full-text search across every cached issue, PR, commit, and release across every synced repo — bypasses GitHub's 1000-result cap.

    Use this when GitHub's search would silently truncate at 1000 hits or when you need to grep comments + bodies + commit messages in one shot.

    github-pp-cli fts "flaky test" --type prs,issues --since 90d --json --select repo,number,title,updated_at

  • bottlenecks — Surfaces PRs open >N days awaiting review, PRs red >24h, issues without a triage label after 48h.

    Use this for Friday triage or sprint hygiene — one command instead of six tabs.

    github-pp-cli bottlenecks --org acme --review-stale 7d --check-stale 24h --json --select kind,repo,number,reason,age_hours

CI / release forensics

  • flake-rank — Per-job success rate over the last N runs of a workflow, ranked by flakiness with mean duration and last failure.

    Use this to triage 'is this job flaking for the team or just on my PR' — gh run list cannot rank.

    github-pp-cli flake-rank --workflow ci.yml --repo acme/web --since 50runs --json --select job,success_rate,mean_duration_s,last_failure

  • release-diff — Show PRs merged, issues closed, contributors, and files changed between two tags in one repo.

    Reach for this to draft release notes or audit what shipped between two tags without walking git log and pasting SHAs into gh pr view.

    github-pp-cli release-diff v2.14.0 v2.15.0 --repo acme/web --json --select prs,authors,files_changed

  • who-broke-main — For each red main-branch run, the merge commit, PR, author, and elapsed-red duration.

    Use this for incident retros and deploy postmortems instead of scrolling gh run list and clicking through.

    github-pp-cli who-broke-main acme/web --since 7d --json --select run_id,pr,author,started_at,red_duration_s

Agent-native plumbing

  • pr ship-check — One-shot rollup of required reviewers, branch-protection rules, all check runs, merge queue position, and conflicts. Typed exit (0=mergeable, 2=blocked, 3=conflicted).

    Agents reach for this to decide whether to merge; humans reach for it to debug 'why won't this PR merge'.

    github-pp-cli pr ship-check acme/web#1234 --json --select mergeable,blockers,required_reviewers,checks

Usage

Run github-pp-cli --help for the full command reference and flag list.

Commands

advisories

Manage advisories

  • github-pp-cli advisories security-get-global-advisory - Gets a global security advisory using its GitHub Security Advisory (GHSA) identifier.
  • github-pp-cli advisories security-list-global - Lists all global security advisories that match the specified parameters. If no other parameters are defined, the request will return only GitHub-reviewed advisories that are not malware.

By default, all responses will exclude advisories for malware, because malware are not standard vulnerabilities. To list advisories for malware, you must include the type parameter in your request, with the value malware. For more information about the different types of security advisories, see "About the GitHub Advisory database."

agents

Endpoints for Agents secrets and variables.

  • github-pp-cli agents tasks-create-task-in-repo - > [!NOTE]

This endpoint is in public preview and is subject to change.

Starts a new Copilot cloud agent task for a repository.

This endpoint is only available to users with a Copilot Business or Copilot Enterprise subscription.

Fine-grained access tokens for "Start a task"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Agent tasks" repository permissions (read and write)

GitHub App installation access tokens are not supported for this endpoint.

  • github-pp-cli agents tasks-get-task-by-id - > [!NOTE]

This endpoint is in public preview and is subject to change.

Returns a task by ID with its associated sessions

Fine-grained access tokens for "Get a task by ID"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Agent tasks" repository permissions (read)

GitHub App installation access tokens are not supported for this endpoint.

  • github-pp-cli agents tasks-get-task-by-repo-and-id - > [!NOTE]

This endpoint is in public preview and is subject to change.

Returns a task by ID scoped to an owner/repo path

Fine-grained access tokens for "Get a task by repo"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Agent tasks" repository permissions (read)

GitHub App installation access tokens are not supported for this endpoint.

  • github-pp-cli agents tasks-list-tasks - > [!NOTE]

This endpoint is in public preview and is subject to change.

Returns a list of tasks for the authenticated user

Fine-grained access tokens for "List tasks"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Agent tasks" repository permissions (read)

GitHub App installation access tokens are not supported for this endpoint.

  • github-pp-cli agents tasks-list-tasks-for-repo - > [!NOTE]

This endpoint is in public preview and is subject to change.

Returns a list of tasks for a specific repository

Fine-grained access tokens for "List tasks for repository"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Agent tasks" repository permissions (read)

GitHub App installation access tokens are not supported for this endpoint.

app

Information for integrations and installations.

  • github-pp-cli app create-installation-access-token - Creates an installation access token that enables a GitHub App to make authenticated API requests for the app's installation on an organization or individual account. Installation tokens expire one hour from the time you create them. Using an expired token produces a status code of 401 - Unauthorized, and requires creating a new installation token. By default the installation token has access to all repositories that the installation can access.

Optionally, you can use the repositories or repository_ids body parameters to specify individual repositories that the installation access token can access. If you don't use repositories or repository_ids to grant access to specific repositories, the installation access token will have access to all repositories that the installation was granted access to. The installation access token cannot be granted access to repositories that the installation was not granted access to. Up to 500 repositories can be listed in this manner.

Optionally, use the permissions body parameter to specify the permissions that the installation access token should have. If permissions is not specified, the installation access token will have all of the permissions that were granted to the app. The installation access token cannot be granted permissions that the app was not granted.

You must use a JWT to access this endpoint.

  • github-pp-cli app delete-installation - Uninstalls a GitHub App on a user, organization, or enterprise account. If you prefer to temporarily suspend an app's access to your account's resources, then we recommend the "Suspend an app installation" endpoint.

You must use a JWT to access this endpoint.

  • github-pp-cli app get-authenticated - Returns the GitHub App associated with the authentication credentials used. To see how many app installations are associated with this GitHub App, see the installations_count in the response. For more details about your app's installations, see the "List installations for the authenticated app" endpoint.

You must use a JWT to access this endpoint.

  • github-pp-cli app get-installation - Enables an authenticated GitHub App to find an installation's information using the installation id.

You must use a JWT to access this endpoint.

  • github-pp-cli app get-webhook-config-for - Returns the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "Creating a GitHub App."

You must use a JWT to access this endpoint.

  • github-pp-cli app get-webhook-delivery - Returns a delivery for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

  • github-pp-cli app list-installation-requests-for-authenticated - Lists all the pending installation requests for the authenticated GitHub App.
  • github-pp-cli app list-installations - The permissions the installation has are included under the permissions key.

You must use a JWT to access this endpoint.

  • github-pp-cli app list-webhook-deliveries - Returns a list of webhook deliveries for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

  • github-pp-cli app suspend-installation - Suspends a GitHub App on a user, organization, or enterprise account, which blocks the app from accessing the account's resources. When a GitHub App is suspended, the app's access to the GitHub API or webhook events is blocked for that account.

You must use a JWT to access this endpoint.

  • github-pp-cli app unsuspend-installation - Removes a GitHub App installation suspension.

You must use a JWT to access this endpoint.

  • github-pp-cli app update-webhook-config-for - Updates the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "Creating a GitHub App."

You must use a JWT to access this endpoint.

app-manifests

Manage app manifests

applications

Manage applications

apps

Information for integrations and installations.

  • github-pp-cli apps get-by-slug - > [!NOTE]

The :app_slug is just the URL-friendly name of your GitHub App. You can find this on the settings page for your GitHub App (e.g., https://github.com/settings/apps/:app_slug).

assignments

Manage assignments

  • github-pp-cli assignments classroom-get-an - Gets a GitHub Classroom assignment. Assignment will only be returned if the current user is an administrator of the GitHub Classroom for the assignment.

classrooms

Interact with GitHub Classroom.

  • github-pp-cli classrooms get-a - Gets a GitHub Classroom classroom for the current user. Classroom will only be returned if the current user is an administrator of the GitHub Classroom.
  • github-pp-cli classrooms list - Lists GitHub Classroom classrooms for the current user. Classrooms will only be returned if the current user is an administrator of one or more GitHub Classrooms.

codes-of-conduct

Insight into codes of conduct for your communities.

  • github-pp-cli codes-of-conduct get-all - Returns array of all GitHub's codes of conduct.
  • github-pp-cli codes-of-conduct get-conduct-code - Returns information about the specified GitHub code of conduct.

credentials

Revoke compromised or leaked GitHub credentials.

  • github-pp-cli credentials revoke - Submit a list of credentials to be revoked. This endpoint is intended to revoke credentials the caller does not own and may have found exposed on GitHub.com or elsewhere. It can also be used for credentials associated with an old user account that you no longer have access to. Credential owners will be notified of the revocation.

This endpoint currently accepts the following credential types:

  • Personal access tokens (classic) (ghp_)
  • Fine-grained personal access tokens (github_pat_)
  • OAuth app access tokens (gho_)
  • User-to-server tokens from GitHub Apps (ghu_)
  • Refresh tokens from GitHub Apps (ghr_)

Revoked credentials may impact users on GitHub Free, Pro, & Team and GitHub Enterprise Cloud, and GitHub Enterprise Cloud with Enterprise Managed Users. GitHub cannot reactivate any credentials that have been revoked; new credentials will need to be generated.

To prevent abuse, this API is limited to only 60 unauthenticated requests per hour and a max of 1000 tokens per API request.

Note

Any authenticated requests will return a 403.

emojis

List emojis available to use on GitHub.

  • github-pp-cli emojis get - Lists all the emojis available to use on GitHub.

enterprises

Manage enterprises

events

Manage events

  • github-pp-cli events activity-list-public - > [!NOTE]

This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.

feeds

Manage feeds

  • github-pp-cli feeds activity-get - Lists the feeds available to the authenticated user. The response provides a URL for each feed. You can then get a specific feed by sending a request to one of the feed URLs.
  • Timeline: The GitHub global public timeline
  • User: The public timeline for any user, using uri_template. For more information, see "Hypermedia."
  • Current user public: The public timeline for the authenticated user
  • Current user: The private timeline for the authenticated user
  • Current user actor: The private timeline for activity created by the authenticated user
  • Current user organizations: The private timeline for the organizations the authenticated user is a member of.
  • Security advisories: A collection of public announcements that provide information about security-related vulnerabilities in software on GitHub.

By default, timeline resources are returned in JSON. You can specify the application/atom+xml type in the Accept header to return timeline resources in Atom format. For more information, see "Media types."

Note

Private feeds are only returned when authenticating via Basic Auth since current feed URIs use the older, non revocable auth tokens.

gists

View, modify your gists.

  • github-pp-cli gists create - Allows you to add a new gist with one or more files.

Note

Don't name your files "gistfile" with a numerical suffix. This is the format of the automatic naming scheme that Gist uses internally.

  • github-pp-cli gists delete - Delete a gist
  • github-pp-cli gists get - Gets a specified gist.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown. This is the default if you do not pass any specific media type.
  • github-pp-cli gists get-revision - Gets a specified gist revision.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown. This is the default if you do not pass any specific media type.
  • github-pp-cli gists list - Lists the authenticated user's gists or if called anonymously, this endpoint returns all public gists:
  • github-pp-cli gists list-public - List public gists sorted by most recently updated to least recently updated.

Note: With pagination, you can fetch up to 3000 gists. For example, you can fetch 100 pages with 30 gists per page or 30 pages with 100 gists per page.

  • github-pp-cli gists list-starred - List the authenticated user's starred gists:
  • github-pp-cli gists update - Allows you to update a gist's description and to update, delete, or rename gist files. Files from the previous version of the gist that aren't explicitly changed during an edit are unchanged.

At least one of description or files is required.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown. This is the default if you do not pass any specific media type.

github-search

Manage github search

  • github-pp-cli github-search code - Searches for query terms inside of a file. This method returns up to 100 results per page.

When searching for code, you can get text match metadata for the file content and file path fields when you pass the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to find the definition of the addClass function inside jQuery repository, your query would look something like this:

q=addClass+in:file+language:js+repo:jquery/jquery

This query searches for the keyword addClass within a file's contents. The query limits the search to files where the language is JavaScript in the jquery/jquery repository.

Considerations for code search:

Due to the complexity of searching code, there are a few restrictions on how searches are performed:

  • Only the default branch is considered. In most cases, this will be the master branch.
  • Only files smaller than 384 KB are searchable.
  • You must always include at least one search term when searching source code. For example, searching for language:go is not valid, while amazing language:go is.

Note

repository.description, repository.owner.type, and repository.owner.node_id are closing down on this endpoint and will return null in a future API version. Use the Get a repository endpoint (GET /repos/{owner}/{repo}) to retrieve full repository metadata.

This endpoint requires you to authenticate and limits you to 10 requests per minute.

  • github-pp-cli github-search commits - Find commits via various criteria on the default branch (usually main). This method returns up to 100 results per page.

When searching for commits, you can get text match metadata for the message field when you provide the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to find commits related to CSS in the octocat/Spoon-Knife repository. Your query would look something like this:

q=repo:octocat/Spoon-Knife+css

  • github-pp-cli github-search issues-and-pull-requests - Find issues by state and keyword. This method returns up to 100 results per page.

When searching for issues, you can get text match metadata for the issue title, issue body, and issue comment body fields when you pass the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to find the oldest unresolved Python bugs on Windows. Your query might look something like this.

q=windows+label:bug+language:python+state:open&sort=created&order=asc

This query searches for the keyword windows, within any open issue that is labeled as bug. The search runs across repositories whose primary language is Python. The results are sorted by creation date in ascending order, which means the oldest issues appear first in the search results.

Note

For requests made by GitHub Apps with a user access token, you can't retrieve a combination of issues and pull requests in a single query. Requests that don't include the is:issue or is:pull-request qualifier will receive an HTTP 422 Unprocessable Entity response. To get results for both issues and pull requests, you must send separate queries for issues and pull requests. For more information about the is qualifier, see "Searching only issues or pull requests."

  • github-pp-cli github-search labels - Find labels in a repository with names or descriptions that match search keywords. Returns up to 100 results per page.

When searching for labels, you can get text match metadata for the label name and description fields when you pass the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to find labels in the linguist repository that match bug, defect, or enhancement. Your query might look like this:

q=bug+defect+enhancement&repository_id=64778136

The labels that best match the query appear first in the search results.

  • github-pp-cli github-search repos - Find repositories via various criteria. This method returns up to 100 results per page.

When searching for repositories, you can get text match metadata for the name and description fields when you pass the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to search for popular Tetris repositories written in assembly code, your query might look like this:

q=tetris+language:assembly&sort=stars&order=desc

This query searches for repositories with the word tetris in the name, the description, or the README. The results are limited to repositories where the primary language is assembly. The results are sorted by stars in descending order, so that the most popular repositories appear first in the search results.

  • github-pp-cli github-search topics - Find topics via various criteria. Results are sorted by best match. This method returns up to 100 results per page. See "Searching topics" for a detailed list of qualifiers.

When searching for topics, you can get text match metadata for the topic's short_description, description, name, or display_name field when you pass the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to search for topics related to Ruby that are featured on https://github.com/topics. Your query might look like this:

q=ruby+is:featured

This query searches for topics with the keyword ruby and limits the results to find only topics that are featured. The topics that are the best match for the query appear first in the search results.

  • github-pp-cli github-search users - Find users via various criteria. This method returns up to 100 results per page.

When searching for users, you can get text match metadata for the issue login, public email, and name fields when you pass the text-match media type. For more details about highlighting search results, see Text match metadata. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you're looking for a list of popular users, you might try this query:

q=tom+repos:%3E42+followers:%3E1000

This query searches for users with the name tom. The results are restricted to users with more than 42 repositories and over 1,000 followers.

This endpoint does not accept authentication and will only include publicly visible users. As an alternative, you can use the GraphQL API. The GraphQL API requires authentication and will return private users, including Enterprise Managed Users (EMUs), that you are authorized to view. For more information, see "GraphQL Queries."

gitignore

View gitignore templates

  • github-pp-cli gitignore get-all-templates - List all templates available to pass as an option when creating a repository.
  • github-pp-cli gitignore get-template - Get the content of a gitignore template.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw .gitignore contents.

installation

Manage installation

  • github-pp-cli installation apps-list-repos-accessible-to - List repositories that an app installation can access.
  • github-pp-cli installation apps-revoke-access-token - Revokes the installation token you're using to authenticate as an installation and access this endpoint.

Once an installation token is revoked, the token is invalidated and cannot be used. Other endpoints that require the revoked installation token must have a new installation token to work. You can create a new token using the "Create an installation access token for an app" endpoint.

issues

Interact with GitHub Issues.

  • github-pp-cli issues list - List issues assigned to the authenticated user across all visible repositories including owned repositories, member repositories, and organization repositories. You can use the filter query parameter to fetch issues that are not necessarily assigned to you.

Note

GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.

licenses

View various OSS licenses.

  • github-pp-cli licenses get - Gets information about a specific license. For more information, see "Licensing a repository ."
  • github-pp-cli licenses get-all-commonly-used - Lists the most commonly used licenses on GitHub. For more information, see "Licensing a repository ."

markdown

Render GitHub flavored Markdown

  • github-pp-cli markdown render - Depending on what is rendered in the Markdown, you may need to provide additional token scopes for labels, such as issues:read or pull_requests:read.
  • github-pp-cli markdown render-raw - You must send Markdown as plain text (using a Content-Type header of text/plain or text/x-markdown) to this endpoint, rather than using JSON format. In raw mode, GitHub Flavored Markdown is not supported and Markdown will be rendered in plain format like a README.md file. Markdown content must be 400 KB or less.

marketplace-listing

Manage marketplace listing

  • github-pp-cli marketplace-listing apps-get-subscription-plan-for-account - Shows whether the user or organization account actively subscribes to a plan listed by the authenticated GitHub App. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

  • github-pp-cli marketplace-listing apps-get-subscription-plan-for-account-stubbed - Shows whether the user or organization account actively subscribes to a plan listed by the authenticated GitHub App. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

  • github-pp-cli marketplace-listing apps-list-accounts-for-plan - Returns user and organization accounts associated with the specified plan, including free plans. For per-seat pricing, you see the list of accounts that have purchased the plan, including the number of seats purchased. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

  • github-pp-cli marketplace-listing apps-list-accounts-for-plan-stubbed - Returns repository and organization accounts associated with the specified plan, including free plans. For per-seat pricing, you see the list of accounts that have purchased the plan, including the number of seats purchased. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

  • github-pp-cli marketplace-listing apps-list-plans - Lists all plans that are part of your GitHub Marketplace listing.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

  • github-pp-cli marketplace-listing apps-list-plans-stubbed - Lists all plans that are part of your GitHub Marketplace listing.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

meta

Endpoints that give information about the API.

  • github-pp-cli meta get - Returns meta information about GitHub, including a list of GitHub's IP addresses. For more information, see "About GitHub's IP addresses."

The API's response also includes a list of GitHub's domain names.

The values shown in the documentation's response are example values. You must always query the API directly to get the latest values.

Note

This endpoint returns both IPv4 and IPv6 addresses. However, not all features support IPv6. You should refer to the specific documentation for each feature to determine if IPv6 is supported.

networks

Manage networks

notifications

Manage notifications

  • github-pp-cli notifications activity-delete-thread-subscription - Mutes all future notifications for a conversation until you comment on the thread or get an @mention. If you are watching the repository of the thread, you will still receive notifications. To ignore future notifications for a repository you are watching, use the Set a thread subscription endpoint and set ignore to true.
  • github-pp-cli notifications activity-get-thread - Gets information about a notification thread.
  • github-pp-cli notifications activity-get-thread-subscription-for-authenticated-user - This checks to see if the current user is subscribed to a thread. You can also get a repository subscription.

Note that subscriptions are only generated if a user is participating in a conversation--for example, they've replied to the thread, were @mentioned, or manually subscribe to a thread.

  • github-pp-cli notifications activity-list-for-authenticated-user - List all notifications for the current user, sorted by most recently updated.
  • github-pp-cli notifications activity-mark-as-read - Marks all notifications as "read" for the current user. If the number of notifications is too large to complete in one request, you will receive a 202 Accepted status and GitHub will run an asynchronous process to mark notifications as "read." To check whether any "unread" notifications remain, you can use the List notifications for the authenticated user endpoint and pass the query parameter all=false.
  • github-pp-cli notifications activity-mark-thread-as-done - Marks a thread as "done." Marking a thread as "done" is equivalent to marking a notification in your notification inbox on GitHub as done: https://github.com/notifications.
  • github-pp-cli notifications activity-mark-thread-as-read - Marks a thread as "read." Marking a thread as "read" is equivalent to clicking a notification in your notification inbox on GitHub: https://github.com/notifications.
  • github-pp-cli notifications activity-set-thread-subscription - If you are watching a repository, you receive notifications for all threads by default. Use this endpoint to ignore future notifications for threads until you comment on the thread or get an @mention.

You can also use this endpoint to subscribe to threads that you are currently not receiving notifications for or to subscribed to threads that you have previously ignored.

Unsubscribing from a conversation in a repository that you are not watching is functionally equivalent to the Delete a thread subscription endpoint.

octocat

Manage octocat

  • github-pp-cli octocat meta-get - Get the octocat as ASCII art

organizations

Manage organizations

  • github-pp-cli organizations orgs-list - Lists all organizations, in the order that they were created.

Note

Pagination is powered exclusively by the since parameter. Use the Link header to get the URL for the next page of organizations.

orgs

Interact with organizations.

  • github-pp-cli orgs delete - Deletes an organization and all its repositories.

The organization login will be unavailable for 90 days after deletion.

Please review the Terms of Service regarding account deletion before using this endpoint:

https://docs.github.com/site-policy/github-terms/github-terms-of-service

  • github-pp-cli orgs enable-or-disable-security-product-on-all-repos - > [!WARNING]

Closing down notice: The ability to enable or disable a security feature for all eligible repositories in an organization is closing down. Please use code security configurations instead. For more information, see the changelog.

Enables or disables the specified security feature for all eligible repositories in an organization. For more information, see "Managing security managers in your organization."

The authenticated user must be an organization owner or be member of a team with the security manager role to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:org, write:org, or repo scopes to use this endpoint.

  • github-pp-cli orgs get - Gets information about an organization.

When the value of two_factor_requirement_enabled is true, the organization requires all members, billing managers, outside collaborators, guest collaborators, repository collaborators, or everyone with access to any repository within the organization to enable two-factor authentication.

To see the full details about an organization, the authenticated user must be an organization owner.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to see the full details about an organization.

To see information about an organization's GitHub plan, GitHub Apps need the Organization plan permission.

  • github-pp-cli orgs update - > [!WARNING]

Closing down notice: GitHub will replace and discontinue members_allowed_repository_creation_type in favor of more granular permissions. The new input parameters are members_can_create_public_repositories, members_can_create_private_repositories for all organizations and members_can_create_internal_repositories for organizations associated with an enterprise account using GitHub Enterprise Cloud or GitHub Enterprise Server 2.20+. For more information, see the blog post.

Warning

Closing down notice: Code security product enablement for new repositories through the organization API is closing down. Please use code security configurations to set defaults instead. For more information on setting a default security configuration, see the changelog.

Updates the organization's profile and member privileges.

The authenticated user must be an organization owner to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:org or repo scope to use this endpoint.

rate-limit

Check your current rate limit status.

  • github-pp-cli rate-limit get - > [!NOTE]

Accessing this endpoint does not count against your REST API rate limit.

Some categories of endpoints have custom rate limits that are separate from the rate limit governing the other REST API endpoints. For this reason, the API response categorizes your rate limit. Under resources, you'll see objects relating to different categories:

  • The core object provides your rate limit status for all non-search-related resources in the REST API.
  • The search object provides your rate limit status for the REST API for searching (excluding code searches). For more information, see "Search."
  • The code_search object provides your rate limit status for the REST API for searching code. For more information, see "Search code."
  • The graphql object provides your rate limit status for the GraphQL API. For more information, see "Resource limitations."
  • The integration_manifest object provides your rate limit status for the POST /app-manifests/{code}/conversions operation. For more information, see "Creating a GitHub App from a manifest."
  • The dependency_snapshots object provides your rate limit status for submitting snapshots to the dependency graph. For more information, see "Dependency graph."
  • The dependency_sbom object provides your rate limit status for requesting SBOMs from the dependency graph. For more information, see "Dependency graph."
  • The code_scanning_upload object provides your rate limit status for uploading SARIF results to code scanning. For more information, see "Uploading a SARIF file to GitHub."
  • The actions_runner_registration object provides your rate limit status for registering self-hosted runners in GitHub Actions. For more information, see "Self-hosted runners."
  • The source_import object is no longer in use for any API endpoints, and it will be removed in the next API version. For more information about API versions, see "API Versions."

Note

The rate object is closing down. If you're writing new API client code or updating existing code, you should use the core object instead of the rate object. The core object contains the same information that is present in the rate object.

repos

Interact with GitHub Repos.

  • github-pp-cli repos delete - Deleting a repository requires admin access.

If an organization owner has configured the organization to prevent members from deleting organization-owned repositories, you will get a 403 Forbidden response.

OAuth app tokens and personal access tokens (classic) need the delete_repo scope to use this endpoint.

  • github-pp-cli repos get - The parent and source objects are present when the repository is a fork. parent is the repository this repository was forked from, source is the ultimate source for the network.

Note

  • In order to see the security_and_analysis block for a repository you must have admin permissions for the repository or be an owner or security manager for the organization that owns the repository. For more information, see "Managing security managers in your organization."
  • To view merge-related settings, you must have the contents:read and contents:write permissions.

repositories

Manage repositories

  • github-pp-cli repositories repos-list-public - Lists all public repositories in the order that they were created.

Note:

  • For GitHub Enterprise Server, this endpoint will only list repositories available to all users on the enterprise.
  • Pagination is powered exclusively by the since parameter. Use the Link header to get the URL for the next page of repositories.

teams

Interact with GitHub Teams.

  • github-pp-cli teams delete-legacy - > [!WARNING]

Endpoint closing down notice: This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new Delete a team endpoint.

To delete a team, the authenticated user must be an organization owner or team maintainer.

If you are an organization owner, deleting a parent team will delete all of its child teams as well.

  • github-pp-cli teams get-legacy - > [!WARNING]

Endpoint closing down notice: This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the Get a team by name endpoint.

  • github-pp-cli teams update-legacy - > [!WARNING]

Endpoint closing down notice: This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new Update a team endpoint.

To edit a team, the authenticated user must either be an organization owner or a team maintainer.

Note

With nested teams, the privacy for parent teams cannot be secret.

user

Interact with and view information about users and also current user.

  • github-pp-cli user add-email-for-authenticated - OAuth app tokens and personal access tokens (classic) need the user scope to use this endpoint.
  • github-pp-cli user codespaces-create-for-authenticated - Creates a new codespace, owned by the authenticated user.

This endpoint requires either a repository_id OR a pull_request but not both.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

  • github-pp-cli user codespaces-list-for-authenticated - Lists the authenticated user's codespaces.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

  • github-pp-cli user create-gpg-key-for-authenticated - Adds a GPG key to the authenticated user's GitHub account.

OAuth app tokens and personal access tokens (classic) need the write:gpg_key scope to use this endpoint.

  • github-pp-cli user delete-email-for-authenticated - OAuth app tokens and personal access tokens (classic) need the user scope to use this endpoint.
  • github-pp-cli user get-authenticated - OAuth app tokens and personal access tokens (classic) need the user scope in order for the response to include private profile information.
  • github-pp-cli user list-blocked-by-authenticated - List the users you've blocked on your personal account.
  • github-pp-cli user list-emails-for-authenticated - Lists all of your email addresses, and specifies which one is visible to the public.

OAuth app tokens and personal access tokens (classic) need the user:email scope to use this endpoint.

  • github-pp-cli user list-followed-by-authenticated - Lists the people who the authenticated user follows.
  • github-pp-cli user list-followers-for-authenticated - Lists the people following the authenticated user.
  • github-pp-cli user list-gpg-keys-for-authenticated - Lists the current user's GPG keys.

OAuth app tokens and personal access tokens (classic) need the read:gpg_key scope to use this endpoint.

  • github-pp-cli user update-authenticated - Note: If your email is set to private and you send an email parameter as part of this request to update your profile, your privacy settings are still enforced: the email address will not be displayed on your public profile or via the API.

users

Interact with and view information about users and also current user.

  • github-pp-cli users get-by-username - Provides publicly available information about someone with a GitHub account.

If you are requesting information about an Enterprise Managed User, or a GitHub App bot that is installed in an organization that uses Enterprise Managed Users, your requests must be authenticated as a user or GitHub App that has access to the organization to view that account's information. If you are not authorized, the request will return a 404 Not Found status.

The email key in the following response is the publicly visible email address from your GitHub profile page. When setting up your profile, you can select a primary email address to be public which provides an email entry for this endpoint. If you do not set a public email address for email, then it will have a value of null. You only see publicly visible email addresses when authenticated with GitHub. For more information, see Authentication.

The Emails API enables you to list all of your email addresses, and toggle a primary email to be visible publicly. For more information, see Emails API.

  • github-pp-cli users list - Lists all users, in the order that they signed up on GitHub. This list includes personal user accounts and organization accounts.

Note: Pagination is powered exclusively by the since parameter. Use the Link header to get the URL for the next page of users.

versions

Manage versions

  • github-pp-cli versions meta-get-all - Get all supported GitHub API versions.

zen

Manage zen

  • github-pp-cli zen meta-get - Get a random sentence from the Zen of GitHub

Output Formats

# Human-readable table (default in terminal, JSON when piped)
github-pp-cli classrooms list

# JSON for scripting and agents
github-pp-cli classrooms list --json

# Filter to specific fields
github-pp-cli classrooms list --json --select id,name,status

# Dry run — show the request without sending
github-pp-cli classrooms list --dry-run

# Agent mode — JSON + compact + no prompts in one flag
github-pp-cli classrooms list --agent

Agent Usage

This CLI is designed for AI agent consumption:

  • Non-interactive - never prompts, every input is a flag
  • Pipeable - --json output to stdout, errors to stderr
  • Filterable - --select id,name returns only fields you need
  • Previewable - --dry-run shows the request without sending
  • Explicit retries - add --idempotent to create retries and --ignore-missing to delete retries when a no-op success is acceptable
  • Confirmable - --yes for explicit confirmation of destructive actions
  • Piped input - write commands can accept structured input when their help lists --stdin
  • Offline-friendly - sync/search commands can use the local SQLite store when available
  • Agent-safe by default - no colors or formatting unless --human-friendly is set

Exit codes: 0 success, 2 usage error, 3 not found, 5 API error, 7 rate limited, 10 config error.

Use with Claude Code

Install the focused skill — it auto-installs the CLI on first invocation:

npx skills add mvanhorn/printing-press-library/cli-skills/pp-github -g

Then invoke /pp-github <query> in Claude Code. The skill is the most efficient path — Claude Code drives the CLI directly without an MCP server in the middle.

Use as an MCP server in Claude Code (advanced)

If you'd rather register this CLI as an MCP server in Claude Code, install the MCP binary first:

go install github.com/mvanhorn/printing-press-library/library/developer-tools/github/cmd/github-pp-mcp@latest

Then register it:

claude mcp add github github-pp-mcp

Use with Claude Desktop

This CLI ships an MCPB bundle — Claude Desktop's standard format for one-click MCP extension installs (no JSON config required).

To install:

  1. Download the .mcpb for your platform from the latest release.
  2. Double-click the .mcpb file. Claude Desktop opens and walks you through the install.

Requires Claude Desktop 1.0.0 or later. Pre-built bundles ship for macOS Apple Silicon (darwin-arm64) and Windows (amd64, arm64); for other platforms, use the manual config below.

Manual JSON config (advanced)

If you can't use the MCPB bundle (older Claude Desktop, unsupported platform), install the MCP binary and configure it manually.

go install github.com/mvanhorn/printing-press-library/library/developer-tools/github/cmd/github-pp-mcp@latest

Add to your Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json):

{
  "mcpServers": {
    "github": {
      "command": "github-pp-mcp"
    }
  }
}

Health Check

github-pp-cli doctor

Verifies configuration and connectivity to the API.

Configuration

Config file: ~/.config/github-pp-cli/config.toml

Troubleshooting

Not found errors (exit code 3)

  • Check the resource ID is correct
  • Run the list command to see available items

API-specific

  • Commands return rate-limit errors mid-walk — Run github-pp-cli doctor to see remaining budget and reset time. The paginate is adaptive; if you're hitting secondary limits, drop concurrency with --concurrency 1.
  • FTS returns nothing — Run github-pp-cli sync --org <org> --resource issues,prs,commits,releases first; FTS reads the local store.
  • auth status says no token — Either export GITHUB_TOKEN=<pat> or run gh auth login once — github-pp-cli reuses the gh token automatically.
  • pr ship-check exits 2 — Exit 2 means blocked; the JSON output's blockers field names the missing reviews / failing checks / merge-queue position.

Sources & Inspiration

This CLI was built by studying these projects and resources:

Generated by CLI Printing Press