Download Latest Version
gh_2.81.0_linux_386.tar.gz (16.9 MB)
Get an email when there's a new version of cli
Support for GitHub Release Attestations
This release introduces the release verify and release verify-asset commands for verifying GitHub Release attestations. Part of the Immutable Releases initiative, a release attestation provides a signed, timestamped binding between a release, its git tag, and any associated assets. These new commands provide a convenient way to verify the integrity of an immutable release against its attestation.
- Verify the latest release has a valid attestation:
gh release verify - Verify a specific release by tag:
gh release verify v1.2.3 - Verify an asset from the latest release:
gh release verify-asset my-asset.zip - Verify a local asset file originated from a specific release:
gh release verify-asset v1.2.3 my-asset.zip
These commands help ensure that releases and their assets are authentic and haven’t been tampered with, providing an additional layer of security for your software supply chain.
gh auth status Supports JSON Output
This release adds support for the --json flag in gh auth status. Run gh auth status --help for more information and usage examples.
What's Changed
✨ Features
- Add alias
coforpr checkoutby @babakks in https://github.com/cli/cli/pull/11804 - Add JSON output to
gh auth statusby @benjlevesque in https://github.com/cli/cli/pull/11544 release verifyandrelease verify-assetare now visible by @ejahnGithub in https://github.com/cli/cli/pull/11801
🐛 Fixes
- Fix no tagname logic for release verify-asset by @ejahnGithub in https://github.com/cli/cli/pull/11798
📚 Docs & Chores
- refactor: use strings.FieldsFuncSeq to reduce memory allocations by @juejinyuxitu in https://github.com/cli/cli/pull/11805
New Contributors
- @juejinyuxitu made their first contribution in https://github.com/cli/cli/pull/11805
Full Changelog: https://github.com/cli/cli/compare/v2.80.0...v2.81.0