Skip to content

cli

Subscribe to all “cli” posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

Introducing support for multiple GitHub accounts on a single host within the CLI! Log in with your work and personal accounts to manage your projects, wherever they're happening.

To add multiple accounts in the CLI, use the gh auth login command just as before. Now, instead of replacing your previous account, you will see the addition of a new account under gh auth status. This account will be marked as active, to indicate that gh will use it when communicating with GitHub. Run gh auth switch to change the active account, or gh auth logout to remove an account. Further details can be found in the v2.40.0 release notes.

Install or update the GitHub CLI today from your preferred source.

See more

copilot in the cli banner image

Learn your way around the command line with GitHub Copilot by your side!

We’re excited to announce the launch of a brand new GitHub CLI extension that’s now available as public beta — GitHub Copilot in the CLI.

GitHub Copilot in the CLI brings GitHub Copilot right to your terminal, where you can ask it to do things like explain how a command works or suggest a command for a task you want to perform. Learn more about the extension in our docs and provide us your feedback on our repo.

See more

GitHub Actions Importer now supports migrations from Bitbucket, Bamboo Server, and Bamboo Data Center. Companies using those tools can plan, test, and automate the migration of pipelines to GitHub Actions more easily than ever before.

GitHub Actions Importer is available via the GitHub CLI or IssueOps. To get started, please visit our docs. For questions and feedback, check out the GitHub Actions Importer community.

See more

Support for migrating Jenkins Scripted Pipelines to GitHub Actions is now available as a private beta! If you use Scripted Pipelines in your Jenkins instances, you can now automate the migration of your pipelines to GitHub Actions using GitHub Actions Importer.

To get started, please reach out to your GitHub account manager or contact our sales team! For questions and feedback about the private beta, please visit the GitHub Actions Importer community.

See more

Bamboo Server and Data Center migrations to GitHub Actions are now in public beta! You can now plan, test, and automate the migration of your Bamboo pipelines to GitHub Actions easily and for free using GitHub Actions Importer.

For details on how to get started, check out our documentation. For questions and feedback about the public beta, please visit the GitHub Actions Importer community.

See more

Caching dependencies and other commonly reused files enables developers to speed up their GitHub Actions workflows and make them more efficient.
We have now enabled Cache Management from the web interface to enable developers to get more transparency and control over their cache usage within their GitHub repositories.

Actions users who use actions/cache can now:

  • View a list of all cache entries for a repository.
  • Filter and sort the list of caches using specific metadata such as cache size, creation time, or last accessed time.
  • Delete a corrupt or a stale cache entry
  • Monitor aggregate cache usage for repositories and organizations.

In addition to the Cache Management UX that we have now enabled, you could also use our Cache APIs or install the GitHub CLI extension for Actions cache to manage your caches from your terminal.

Learn more about dependency caching to speed up your Actions workflows.
For questions or to share your feedback, visit the GitHub Actions community.

See more

Today's Changelog brings you roadmap markers and command line support for Projects!

📍 Markers on roadmaps

Keep track of upcoming dates in your roadmap by visualizing the due dates of your milestones, iteration durations and breaks, and additional date fields as vertical markers. Configure these from the Markers menu to display them on the view.

💻 Manage projects from the command line

Interact with projects, items, and fields from your favorite terminal with the GitHub CLI projects extension.

To install the extension in gh:

$ gh extension install github/gh-projects

Usage:

$ gh projects -h
Work with GitHub Projects. Note that the token you are using must have 'project' scope, which is not set by default. You can verify your token scope by running 'gh auth status' and add the project scope by running 'gh auth refresh -s project'.

Usage:
  projects [command]

Available Commands:
  close        Close a project
  copy         Copy a project
  create       Create a project
  delete       Delete a project
  edit         Edit a project
  field-create Create a field in a project
  field-delete Delete a field in a project
  field-list   List the fields in a project
  help         Help about any command
  item-add     Add a pull request or an issue to a project
  item-archive Archive an item in a project
  item-create  Create a draft issue item in a project
  item-delete  Delete an item from a project
  item-edit    Edit a draft issue in a project
  item-list    List the items in a project
  list         List the projects for a user or organization
  view         View a project

Flags:
  -h, --help   help for projects

Use "projects [command] --help" for more information about a command.

Share your feedback in the repository.

Learn more about extensions (and how to build your own!) in this GitHub blog.

Bug fixes and improvements

  • Implemented auto-scrolling in a board column when reordering items
  • Fixed a bug where an existing workflow couldn't be renamed
  • Fixed a clipped tooltip for the top item in a roadmap view
  • Fixed a bug where an auto-add workflow with / in the name couldn't be duplicated (Enterprise users only)
  • Added a confirmation dialog when deleting an additional auto-add workflow (Enterprise users only)

See how to use GitHub for project planning with GitHub Issues, check out what's on the roadmap, and learn more in the docs.

See more

GitHub Actions Importer is now generally available to all GitHub users. You can now easily plan, forecast, and automate migrations from Azure DevOps, CircleCI, GitLab, Jenkins, and Travis CI to GitHub Actions. GitHub Actions Importer is a free extension of the official GitHub CLI and provides you with the confidence to migrate your CI/CD pipelines to continue delivering software efficiently.

gh-actions-importer

For details on how to get started, please check out our documentation. For questions and feedback, visit the GitHub Actions Importer community.

See more

GitHub Security was recently notified about a caching issue affecting npm. This bug had been present since 2016 and sporadically caused npm maintainers to be re-invited upon removal from packages or organizations. Our Security team investigated potential instances of the issue and believe this bug only occurred if a user was removed, followed shortly by the addition of a different member. This bug affected npm-cli version 6 and above, and was fixed in version 7+.

Out of an abundance of caution, we are recommending all npm users review the maintainers of their projects and organizations for any discrepancies that may be a result of this bug and remove any unexpected members. Please feel free to reach out to us with any additional questions or concerns through the following contact form: https://www.npmjs.com/support.

See more

npm-v9

The npm CLI v9 is now generally available! As of today, running npm i -g npm will install the latest version (v9.1.1). Details on the major breaking changes, features and bug fixes of v9 can be found in our last changelog post.

A huge shout out to all of the contributors who helped make this release possible and who continue to make npm awesome.

Learn more about v9.1.1 in the release notes. You can also find references to previous releases in the project's CHANGELOG.md.

See more

The npm CLI team has been working hard over the past few months and are happy to announce the release of the next major version – v9.0.0

Installation

You can start using npm v9.0.0 today by running:

$ npm i -g npm@9

About this release

Our goal with this major release was to standardize appropriate defaults and clean up legacy configurations where possible. We believe the changes made lay the ground-work for future improvements to the default npm experience long-term. Notably, Docker users should find this release to to be beneficial as we simplifie file permissions (ref. #5703 & #5704).

Timeline to GA

Although we have published v9.0.0, we are not immediately setting this release to latest in the npm registry or considering this “Generally Available.” Our team has been coordinating with the Node.js Release WG on a phased approach to making v9 the next major version of the CLI available to the widest audience; this means ensuring v9 can be safely backported to as many Node.js LTS versions as possible. With that in mind, we’ve put together a phased roll-out plan outlined below:

  • Wednesday Oct. 19th
    • npm@9.0.0 was released & set to the next-9 dist-tag (previously used for pre-releases)
    • The CLI team will continue to cut minor & patch versions of v9.x, addressing any feedback or unexpected issues arising from the breaking changes (outlined below)
  • Wednesday Nov. 9th (General Availability)
    • To ensure npm@9.x is considered "non-breaking" for Node.js LTS we will codify a set of exit criteria in collaboration with the Release WG
    • npm@9.x will be set to the latest dist-tag (becoming the latest, maintained version of npm)
    • A PR will be opened to land npm@9.x in nodejs/node's main branch (exposing experimental/nightly users to this latest version)
  • Wednesday Dec. 7th (~4 weeks after GA)
    • A PR will be opened to backport npm@9.x in node@19
  • Wednesday Jan. 18th (~6 weeks after node@19 backport)
    • A PR will be opened to backport npm@9.x in node@18

⚠️ Notable Breaking Changes

  • the compatible semver ranges of node have been updated to: ^14.17.0 || ^16.13.0 || >=18.0.0
  • npm will no longer attempt to modify ownership of files it creates
  • the presence of auth related settings that are not scoped to a specific registry found in a config file is no longer supported and will throw errors
  • login, adduser, and auth-type changes
    • legacy auth types sso, saml & legacy have been consolidated into "legacy"
    • auth-type defaults to "web"
    • login and adduser are now separate commands that send different data to
      the registry.
  • npm pack now follows a strict order of operations when applying ignore rules. If a files array is present in the package.json, then rules in .gitignore and .npmignore files from the root will be ignored.
  • links generated from git urls will now use HEAD instead of master as the default ref
  • timing and loglevel changes
    • timing has been removed as a value for --loglevel
    • --timing will show timing information regardless of
      --loglevel, except when --silent
  • --timing file changes:
    • When run with the --timing flag, npm now writes timing data to a
      file alongside the debug log data, respecting the logs-dir option and
      falling back to <CACHE>/_logs/ dir, instead of directly inside the
      cache directory.
    • The timing file data is no longer newline delimited JSON, and instead
      each run will create a uniquely named <ID>-timing.json file, with the
      <ID> portion being the same as the debug log.
    • Finally, the data inside the file now has three top level keys,
      metadata, timers, and unfinishedTimers instead of everything being
      a top level key.
  • npm now outputs some json errors on stdout. Previously npm would output all json formatted errors on stderr, making it difficult to parse as the stderr stream usually has logs already written to it.
  • deprecated boolean install flags in favor of --install-strategy
    • deprecated --global-style, --global now sets --install-strategy=shallow
    • deprecated --legacy-bundling, now sets --install-strategy=nested
  • npm config set will no longer accept deprecated or invalid config options
  • install-links config defaults to "true"
  • node-version config has been removed
  • npm-version config has been removed
  • npm access subcommands have been renamed
  • npm birthday has been removed
  • npm set-script has been removed
  • npm bin has been removed (use npx or npm exec to execute binaries)

Notable Features

  • a09e19d #5696 new npm config fix command (@nlf)
  • 3445da0 npm timings are now written alongside debug log files (@lukekarrys)
  • 6ee5b32 query: now displays queryContext in results (@nlf)
  • 314311c #5550 separated login/adduser (@wraithgar)
  • de2d33f add --install-strategy=hoisted|nested|shallow (#5709) (@fritzy)

For more information about this release, check out the GitHub release notes.

See more

npm query is a new top-level command as of npm v8.16.0 which accepts a Dependency Selector (as defined in the Dependency Selector Syntax Specification) & returns a filtered JSON Array/NodeList of dependencies from your project. We believe this capability has been a missing piece of the package management ecosystem; With its introduction we hope to unlock the potential for developers to self-serve in asking new, complex questions about their dependencies, their relationships & associative metadata.

For many JavaScript developers, the Dependency Selector Syntax will look very familiar as it is actually an adapted form of CSS. We leveraged this existing, known language & its operators to make disparate package information broadly accessible.

Example Uses:

If I wanted to list all of my dependencies (similar to npm list --all) I can run:

npm query "*"

If I wanted to find every version of react & lodash in my project I can run:

npm query "#react, #lodash"

If I wanted to find all react versions not-defined as a peer dependency I can run:

npm query "#react:not(.peer)"

If I wanted to find all the dependencies in my project that used an MIT license I'd change that query to be:

npm query "[license=MIT]"

If I wanted to find all the git dependencies in my project I can run:

npm query ":type(git)"

If I wanted to find out which of my transitive dependencies used a postinstall script I could run:

npm query ":attr(scripts, [postinstall]):not(:root > *)"

Programmatic Usage

We know many developers in the ecosystem will also want to leverage this new syntax themselves, so we've built it right into the programmatic brain of the CLI. Under the hood, we’ve added a new .querySelectorAll() method to the existing Node Class we use in the @npmcli/arborist library. Tooling authors can now load up & query their dependencies just like we do.

// index.js
const Arborist = require('@npmcli/arborist')
const arb = new Arborist({})

arb.loadActual((tree) => {
  // query all workspaces
  const results = await tree.querySelectorAll('.workspace')
  console.log(results)
})

You can learn more about the syntax & usage in our documentation here: https://docs.npmjs.org/cli/v8/using-npm/dependency-selectors

What's next?

Looking ahead we’ve got work planned to add new pseudo states & selectors based on registry metadata that should unlock another host of capabilities aimed at auditing (examples include: :outdated :deprecated :vulnerable :cve() & :cwe()). As documented in the original RFC proposal we will also consider supporting a query flag or reading from stdin to existing commands.

See more

You can now manage Actions cache from your terminal by installing the new GitHub CLI extension for Actions cache:

    gh extension install actions/gh-actions-cache 

This extension is built on top of GitHub APIs for cache management and enables you to get:

  • More transparency by listing all the active caches in a repository and sorting by metadata like cache size, creation time or last accessed time.
  • Better control over cache usage by deleting a corrupt or a stale cache entry

Learn more about dependency caching to speed up your Actions workflows.

See more

By default Codespaces time out after 30 minutes of inactivity. We’ve heard from many users that they have a desire to extend this up to an entire workday. You can now set a default idle timeout for your codespaces from five minutes to four hours, as well as override the idle timeout for an individual codespace using the gh CLI.

For more information, see “Setting your timeout period for Codespaces”.

See more

GitHub Codespaces allows teams and organizations to spin-up developer environments directly from a browser or through Visual Studio Code, without the hassle of setting up a brand new environment tailored to a specific repository.

We've been hard at work since our general availability announcement in August making Codespaces the best way for you to develop software, which is why we're so happy to announce several new features at GitHub Universe 2021.

We know that many developers use the gh CLI to speed up or fully automate daily tasks, and we've received dozens of requests to add Codespaces support to the CLI. As of today, the gh codespace (or gh cs for those saving keystrokes) command now allows developers to manage their codespaces from the GitHub CLI. In addition to codespace creation, listing, and starting/stopping, users can forward ports, set port visibility, SSH into their codespaces, and copy files to/from their codespaces.

# Create a new codespace via the CLI
gh codespace create --repo monalisa/octocat --branch main

We're especially excited about ssh access, as it allows developers who prefer to use editors like vim and emacs to more easily develop in Codespaces. Just gh cs ssh into your codespace and launch your editor of choice; we'll set up the environment and grab all your dotfiles so you're ready to develop in seconds.

# SSH into the codespace created above
gh codespace ssh -c monalisa-monalisa-octocat-1337h4x0r

Complimenting the CLI, we are also launching an API in beta. The API provides control plane operations around a user's codespaces including creating, starting/stopping, listing available machine types, and setting user secrets. These APIs will allow developers to build Codespaces integrations into their favorite editors and tools, as well as allow for additional automation around Codespaces.

# Stop a running codespace via the API
curl https://api.github.com/user/codespaces/monalisa-monalisa-octocat-1337h4x0r/stop \
  -H "Authorization: token <Personal Access Token>" \
  -X POST

We also know that security and privacy are critical, and we've gotten a lot of feedback on providing additional visibility options for forwarded ports beyond public and private. Today we're launching a third option: org visible ports, which are accessible to any user in the organization the codespace has been created in. This is great for securely collaborating with your teammates on new and exciting features in your codespaces.

# Make port 80 visible to all users in an org
gh codespace ports visibility 80:org -c monalisa-monalisa-octocat-1337h4x0r

Continuing with security improvements, we have also heard from developers having difficulty launching codespaces from devcontainers stored in private container registries. To make this easier, we are offering streamlined access to containers stored in the GitHub Container Registry; you no longer have to provide a Personal Access Token (PAT).

Speaking of devcontainers, we know that there's a wide gap between using a predefined devcontainer and building a custom devcontainer. To help make that transition a little easier, we're launching the ability to extend devcontainers with features, which include shells, package managers, programming languages, and other common tools. For example, adding Terraform to a supported base image is as easy as adding the following to your devcontainer.json.

"features": {
  "terraform": "latest"
}

If you have any feedback about these features, or Codespaces in general, we'd love to hear from you!

Learn more about all our newly released features:

See more

GitHub CLI 1.9 allows you to work with GitHub Actions in your terminal:

  • List and view workflows and runs with gh workflow list, gh workflow view, gh run list, and gh run view
  • View the logs for a particular run with gh run view --log
  • View the logs for runs with jobs that failed with gh run view --log-failed
  • Download run artifacts with gh run download
  • Re-run runs with failed jobs using gh run rerun
  • Watch runs in progress using gh run watch
  • Trigger workflows with the workflow_dispatch event using gh workflow run
  • Enable and disable workflows with gh workflow enable and gh workflow disable

Learn more about GitHub CLI and check out the blog post to learn more about this release.

See more