For checking what collaborators, hooks, deploy keys, and protected branched you have added on all your GitHub repositories. This also scans all an organizations repos you have permission to view. Because nobody has enough RAM in their brain to remember this stuff for 100+ repos.
Check out jessfraz/pepper for setting all your GitHub repos master branches to be protected. Even has settings for organizations and a dry-run flag for the paranoid.
- darwin 386 / amd64
- freebsd 386 / amd64
- linux 386 / amd64 / arm / arm64
- solaris amd64
- windows 386 / amd64
$ go get github.com/jessfraz/audit$ audit -h
_ _ _
__ _ _ _ __| (_) |_
/ _` | | | |/ _` | | __|
| (_| | |_| | (_| | | |_
\__,_|\__,_|\__,_|_|\__|
Auditing what collaborators, hooks, and deploy keys you have added on all your GitHub repositories.
Version: v0.3.0
Build: ffe8aac
-d run in debug mode
-owner only audit repos the token owner owns
-token GitHub API token (or env var GITHUB_TOKEN)
-v print version and exit (shorthand)
-version print version and exit$ audit --token 12345
jessfraz/apk-file ->
Hooks (1):
travis - active:true (https://api.github.com/repos/jessfraz/apk-file/hooks/8426605)
Protected Branches (1): master
--
jessfraz/apparmor-docs ->
Keys (1):
jenkins - ro:false (https://api.github.com/repos/jessfraz/apparmor-docs/keys/18549738)
Unprotected Branches (1): master
--
jessfraz/bane ->
Hooks (1):
travis - active:true (https://api.github.com/repos/jessfraz/bane/hooks/6178025)
Protected Branches (1): master
--
jessfraz/battery ->
Hooks (1):
travis - active:true (https://api.github.com/repos/jessfraz/battery/hooks/8388640)
Protected Branches (1): master
Unprotected Branches (1): WIP
--
jessfraz/irssi ->
Collaborators (3): tianon, jessfraz, docker-library-bot
Hooks (1):
docker - active:true (https://api.github.com/repos/jessfraz/irssi/hooks/3918042)
Protected Branches (1): master
--