gh is GitHub on the command line. It brings pull requests, issues, and other GitHub concepts to the terminal next to where you are already working with git and your code.

GitHub CLI is supported for users on GitHub.com, GitHub Enterprise Cloud, and GitHub Enterprise Server 2.20+ with support for macOS, Windows, and Linux.

For installation options see below, for usage instructions see the manual.

If anything feels off or if you feel that some functionality is missing, please check out the contributing page. There you will find instructions for sharing your feedback, building the tool locally, and submitting pull requests to the project.

If you are a hubber and are interested in shipping new commands for the CLI, check out our doc on internal contributions

• Homebrew
• Precompiled binaries on releases page

For additional macOS packages and installers, see community-supported docs

• Debian, Raspberry Pi, Ubuntu
• Amazon Linux, CentOS, Fedora, openSUSE, RHEL, SUSE
• Precompiled binaries on releases page

For additional Linux & Unix packages and installers, see community-supported docs

• WinGet
• Precompiled binaries on releases page

For additional Windows packages and installers, see community-supported docs

See here on how to build GitHub CLI from source.

To add GitHub CLI to your codespace, add the following to your devcontainer file:

"features": {
  "ghcr.io/devcontainers/features/github-cli:1": {}
}

GitHub-hosted runners have the GitHub CLI pre-installed, which is updated weekly.

If a specific version is needed, your GitHub Actions workflow will need to install it based on the macOS, Linux & Unix, or Windows instructions above.

For information on all pre-installed tools, see actions/runner-images

Since version 2.50.0, gh has been producing Build Provenance Attestation, enabling a cryptographically verifiable paper-trail back to the origin GitHub repository, git revision, and build instructions used. The build provenance attestations are signed and rely on Public Good Sigstore for PKI.

There are two common ways to verify a downloaded release, depending on whether gh is already installed or not. If gh is installed, it's trivial to verify a new release:

• Option 1: Using gh if already installed:

  $ gh at verify -R cli/cli gh_2.62.0_macOS_arm64.zip
  Loaded digest sha256:fdb77f31b8a6dd23c3fd858758d692a45f7fc76383e37d475bdcae038df92afc for file://gh_2.62.0_macOS_arm64.zip
  Loaded 1 attestation from GitHub API
  ✓ Verification succeeded!
  
  sha256:fdb77f31b8a6dd23c3fd858758d692a45f7fc76383e37d475bdcae038df92afc was attested by:
  REPO     PREDICATE_TYPE                  WORKFLOW
  cli/cli  https://slsa.dev/provenance/v1  .github/workflows/deployment.yml@refs/heads/trunk

• Option 2: Using Sigstore cosign:

  To perform this, download the attestation for the downloaded release and use cosign to verify the authenticity of the downloaded release:

  $ cosign verify-blob-attestation --bundle cli-cli-attestation-3120304.sigstore.json \
        --new-bundle-format \
        --certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
        --certificate-identity="https://github.com/cli/cli/.github/workflows/deployment.yml@refs/heads/trunk" \
        gh_2.62.0_macOS_arm64.zip
  Verified OK

For many years, hub was the unofficial GitHub CLI tool. gh is a new project that helps us explore what an official GitHub CLI tool can look like with a fundamentally different design. While both tools bring GitHub to the terminal, hub behaves as a proxy to git, and gh is a standalone tool. Check out our more detailed explanation to learn more.