Automic VaultAutomic Vault

brew / 承認ゲート

gh を Homebrew, chocolatey, apt, dnf, MacPorts, Nix, zypper, scoop, winget でインストール

gh のインストール経路、実行ファイル、メタデータ、AI エージェント向けセキュリティノートを確認します。

エージェント安全性

エージェント安全性の回答

gh is the GitHub control-plane CLI for repositories, releases, issues, and authenticated developer state.

認証情報アクセス

Reads GitHub CLI tokens and can print or use them for API calls.

リモート変更

Can modify repositories, pull requests, releases, secrets, and organization state.

公開/成果物リスク

Can create releases, upload assets, and trigger release automation.

推奨コントロール

Use GitHub token protection plus approval gates for write and token-display commands.

エージェント利用ガイダンス

Permit status and read-only queries; require approval for token output, release creation, repo writes, and workflow dispatch.

インストール

追加のインストールコマンド

macOS

Homebrew確認済み · 100%
brew install gh

local Homebrew formula metadata

MacPorts確認済み · 94%
sudo port install gh

MacPorts ports tree · devel/gh/Portfile · ソース: api.github.com

Linux

Debian apt確認済み · 92%
sudo apt install gh

Debian stable package indexes · gh · ソース: deb.debian.org

Fedora dnf確認済み · 92%
sudo dnf install gh

Fedora Rawhide package metadata · gh · ソース: dl.fedoraproject.org

Nix確認済み · 92%
nix profile install nixpkgs#gh

nixpkgs package indexes · pkgs/by-name/gh/gh/package.nix · ソース: api.github.com

openSUSE zypper確認済み · 92%
sudo zypper install gh

openSUSE Tumbleweed package metadata · gh · ソース: download.opensuse.org

概要

パッケージ概要

GitHub command-line tool

履歴

プロジェクトの歴史と使われ方

GitHub CLI, invoked as `gh`, is GitHub's official command-line tool for working with pull requests, issues, repositories, releases, Actions, authentication, and GitHub API data from a terminal.

プロジェクトの歴史

GitHub created the cli/cli repository in October 2019 and opened the project as a new official CLI distinct from the older community `hub` tool. GitHub announced the beta in February 2020 and released GitHub CLI 1.0 in September 2020.

The README frames `gh` as a standalone tool that brings GitHub concepts next to `git` and source code work. The project grew into a cross-platform Go CLI with first-party manuals, release binaries, package repositories, GitHub Enterprise support, extension support, API helpers, and later supply-chain features such as build provenance attestations for release artifacts.

採用の歴史

GitHub CLI has broad adoption because it is distributed through GitHub's own package repositories and release binaries, package managers such as Homebrew and WinGet, and GitHub-hosted Actions runner images. Its first-party status made it a standard automation interface for GitHub workflows in shells and CI jobs.

使われ方

Practitioners use `gh` to create and review pull requests, triage issues, clone and browse repositories, trigger or inspect Actions workflows, manage releases and gists, authenticate to GitHub hosts, call the GitHub API, and script repository operations without leaving the command line.

パッケージ好きにとっての重要性

For package and automation ecosystems, `gh` is important because it gives GitHub an official, versioned executable surface. Package maintainers can depend on consistent commands across macOS, Linux, and Windows, while CI authors can use a preinstalled or easily installed binary instead of hand-rolling API calls.

タイムライン

  • 2019: The cli/cli repository was created.
  • 2020: GitHub announced GitHub CLI beta.
  • 2020: GitHub CLI 1.0.0 was published.
  • 2024: The README records release build provenance attestations beginning with version 2.50.0.

Related projects

  • The README compares GitHub CLI with `hub`, noting that `hub` behaves as a proxy to `git` while `gh` is a standalone tool for GitHub workflows.

承認ゲート

危険なコマンドの人手レビュー用メタデータ

ローカルの承認ゲートシードには gh 用のルールが 7 件含まれます。対象エントリポイント: gh。重大度ラベル: 重大, 高。カバレッジ: partial、レビュー日: 2026-05-21。

ゲート対象アクション例

  • Print the active GitHub authentication token.
  • Create or refresh local GitHub authentication state.
  • Delete a GitHub repository.
  • Change repository settings, visibility, topics, or metadata.
  • Merge a pull request.
  • Create, upload to, edit, or delete GitHub releases.
  • Trigger a GitHub Actions workflow.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
$XDG_CONFIG_HOME/gh/config.yml~/.config/gh/config.yml
Windows
%AppData%\GitHub CLI\config.yml

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
$XDG_CONFIG_HOME/gh/hosts.yml~/.config/gh/hosts.yml
Windows
%AppData%\GitHub CLI\hosts.yml

実行可能ファイル

インストールされる実行可能ファイル

コマンド種類公開範囲メモ
ghcliグローバル実行可能ファイル

鮮度

バージョンと鮮度

これらの信号は、ページ生成時期、パッケージマネージャの活動、上流リリース比較を分けて示します。バージョン遅れは、証拠 URL と比較可能なバージョンがある場合だけ警告されます。

ページ生成日2026-07-10
マネージャ版2.96.0
マネージャ更新日2026-07-03
ローカルデータOK
上流最新
検出された最新v2.96.0

https://github.com/cli/cli

  • OK鮮度警告は生成されていません。

インストールメタデータ

パッケージメタデータ

パッケージキーbrew:gh
バージョン2.96.0
パッケージマネージャHomebrew
パッケージマネージャページhttps://formulae.brew.sh/formula/gh
ホームページhttps://cli.github.com/
リポジトリhttps://github.com/cli/cli
上流ドキュメントhttps://cli.github.com/manual/gh
ライセンスMIT
ソースアーカイブhttps://github.com/cli/cli/archive/refs/tags/v2.96.0.tar.gz
最終更新2026-07-03T00:29:16Z
Pulseupdated
ビルド依存関係go
Bottle利用可能 (対象 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-install未定義
サービス宣言なし

レジストリ情報

ソースデータベース詳細

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namegh
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

ソースデータベース一致

他のパッケージマネージャ記録

一致は外部パッケージマネージャインデックスから取得され、ローカルの Automic Vault パッケージリンクとは分けて表示されます。

Debian apt95%

gh 2.46.0-3

GitHub CLI, GitHub’s official command line tool

https://cli.github.com/

sudo apt install gh
  • Section: utils
  • Architecture: amd64
  • 1 依存関係
  • normalized package name match
  • 一致条件: Gh
Debian stable package indexes · deb.debian.org · Debian stable package indexes: gh from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Nix95%

gh

nix profile install nixpkgs#gh
  • normalized package name match
  • 一致条件: Gh
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/gh/gh/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
Ubuntu apt95%

gh 2.45.0-1build1

GitHub CLI, GitHub’s official command line tool

https://cli.github.com/

sudo apt install gh
  • Section: universe/utils
  • Architecture: amd64
  • 1 依存関係
  • normalized package name match
  • 一致条件: Gh
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: gh from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
dnf95%

gh 2.93.0-1.fc45

GitHub's official command line tool

https://github.com/cli/cli

sudo dnf install gh
  • License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND ISC AND MIT AND MPL-2.0 AND Unlicense
  • Category: Unspecified
  • Architecture: x86_64
  • Source Package: gh
  • 4 依存関係
  • 2 提供
  • normalized package name match
  • 一致条件: Gh
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: gh from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst
zypper95%

gh 2.93.0-1.1

The official CLI for GitHub

https://cli.github.com/

sudo zypper install gh
  • License: MIT
  • Category: Unspecified
  • Architecture: x86_64
  • Source Package: gh
  • 2 依存関係
  • 1 提供
  • normalized package name match
  • 一致条件: Gh
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: gh from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
zypper95%

gh-bash-completion 2.93.0-1.1

Bash Completion for gh

https://cli.github.com/

sudo zypper install gh-bash-completion
  • License: MIT
  • Category: Unspecified
  • Architecture: noarch
  • Source Package: gh
  • 2 依存関係
  • 1 提供
  • normalized package name match
  • 一致条件: Gh
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: gh-bash-completion from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
zypper95%

gh-fish-completion 2.93.0-1.1

Fish completion for gh

https://cli.github.com/

sudo zypper install gh-fish-completion
  • License: MIT
  • Category: Unspecified
  • Architecture: noarch
  • Source Package: gh
  • 1 依存関係
  • 1 提供
  • normalized package name match
  • 一致条件: Gh
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: gh-fish-completion from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
zypper95%

gh-zsh-completion 2.93.0-1.1

ZSH Completion for gh

https://cli.github.com/

sudo zypper install gh-zsh-completion
  • License: MIT
  • Category: Unspecified
  • Architecture: noarch
  • Source Package: gh
  • 1 依存関係
  • 1 提供
  • normalized package name match
  • 一致条件: Gh
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: gh-zsh-completion from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
MacPorts95%

gh

sudo port install gh
  • normalized package name match
  • 一致条件: Gh
MacPorts ports tree · api.github.com · MacPorts ports tree: devel/gh/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1
Chocolatey95%

gh

choco install gh
  • normalized package name match
  • 一致条件: Gh
Chocolatey community package catalog · community.chocolatey.org · Chocolatey community package catalog: gh from http://community.chocolatey.org/api/v2/Packages?$filter=IsLatestVersion&$select=Id&$top=1000&$skiptoken='11','gawk'
Scoop95%

main/gh

scoop install main/gh
  • normalized package name match
  • 一致条件: Gh
Scoop official bucket manifest trees · api.github.com · Scoop official bucket manifest trees: bucket/gh.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1
winget95%

GitHub.cli

winget install --id GitHub.cli -e
  • normalized package name match
  • 一致条件: Gh
Windows Package Manager source index · cdn.winget.microsoft.com · Windows Package Manager source index: GitHub.cli from https://cdn.winget.microsoft.com/cache/source.msix

ソース経路

リポジトリデータから生成

このページは scripts/generate-pkg-sqlite.py が生成した非公開のパッケージ SQLite アーティファクトから av-web によって提供されます。

Combined YAML source

View the package source record on GitHub.

combined/gh.yml

使用ソース

  • Geiger risk classifier
  • Nucleus package database
  • approval-gate seed metadata
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated agent safety answer
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment