Skip to content
List (or plunder) private repos/gists to which a token has access, including those of other users
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
pkg/gitls adds asynchronous cloning and progress indicator Jul 20, 2019
.gitignore ignore data dir used in testing May 19, 2019
go.mod update deps Jul 20, 2019
go.sum update deps Jul 20, 2019
main.go for the pirate in you: happy plundering Jul 19, 2019


Explore github content given a valid token.


The token is read from the GITHUB_TOKEN environment variable. I chose this so I don't end up putting tokens in HISTFILEs. Your options are to source it from a file with source .env or go ahead and prepend it like so: GITHUB_TOKEN=xyz git-ls user.

Run git-ls with no arguments to see what data can be listed.


Below are some useful filters to use with jq, the CLI json parser.

# Just private gists
❯❯ git-ls gists | jq '.[] | select(.Private == true)'

# Just repo names
❯❯ git-ls repos | jq -r '.[].Name'

# Repos that don't belong to the GITHUB_TOKEN owner
❯❯ git-ls repos | jq '.[] | select(.Owner != "audibleblink")'


I tried to select the most useful properties returned by the GitHub API to keep noise low. These are the properties that you can filter on with jq


  • Owner
  • Description
  • GitPullUrl
  • Files
  • Private


  • Name
  • Description
  • URL
  • Owner
  • Organization
  • StargazersConut
  • Private

Accessing Data

If you have the API token that got you this far, it can be placed into an HTTP clone request.

git clone https://${GITHUB_TOKEN}

If you just want all the secret repos the token has access to

git-ls plunder

You can’t perform that action at this time.