Skip to content

bounded-systems/gh

BranchesTags

Repository files navigation

@bounded-systems/gh

A wrapper around the GitHub CLI (gh) with policy enforcement, rate-limit gating, and budget audit logging.

Every gh invocation routes through here: the subcommand is policy-checked, the call is gated against its rate-limit budget (via @bounded-systems/github-budget), and the spend is audit-logged. So GitHub access is authorized, bounded, and accountable rather than scattered shell-outs.

Install

npm install @bounded-systems/gh @bounded-systems/env @bounded-systems/proc @bounded-systems/policy @bounded-systems/github-budget

Usage

// Policy-checked, budget-gated gh calls; the spend is recorded to the audit
// trail. The subcommand allowlist is enforced before the process is spawned.

Design

  • One gated entry point. Subcommand policy + rate-limit budget gating + audit logging wrap every gh call.
  • Spawns via @bounded-systems/proc. External invocation goes through the sanctioned subprocess capability. An extractability test enforces the dependency set (env, proc, policy, github-budget).

License

MIT © Bounded Systems

About

GitHub CLI wrapper with policy enforcement, rate-limit gating, and budget audit logging

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

 
 
 

Contributors

Languages