For checking what collaborators, hooks, deploy keys, and protected branched you have added on all your GitHub repositories. This also scans all an organizations repos you have permission to view. Because nobody has enough RAM in their brain to remember this stuff for 100+ repos.
Check out genuinetools/pepper for setting all your GitHub repos master branches to be protected. Even has settings for organizations and a dry-run flag for the paranoid.
$ go get github.com/genuinetools/audit
$ audit -h _ _ _ __ _ _ _ __| (_) |_ / _` | | | |/ _` | | __| | (_| | |_| | (_| | | |_ \__,_|\__,_|\__,_|_|\__| Auditing what collaborators, hooks, and deploy keys you have added on all your GitHub repositories. Version: v0.4.0 Build: ffe8aac -d run in debug mode -owner only audit repos the token owner owns -token GitHub API token (or env var GITHUB_TOKEN) -v print version and exit (shorthand) -version print version and exit
$ audit --token 12345 genuinetools/apk-file -> Hooks (1): travis - active:true (https://api.github.com/repos/genuinetools/apk-file/hooks/8426605) Protected Branches (1): master -- genuinetools/apparmor-docs -> Keys (1): jenkins - ro:false (https://api.github.com/repos/genuinetools/apparmor-docs/keys/18549738) Unprotected Branches (1): master -- genuinetools/bane -> Hooks (1): travis - active:true (https://api.github.com/repos/genuinetools/bane/hooks/6178025) Protected Branches (1): master -- genuinetools/battery -> Hooks (1): travis - active:true (https://api.github.com/repos/genuinetools/battery/hooks/8388640) Protected Branches (1): master Unprotected Branches (1): WIP -- genuinetools/irssi -> Collaborators (3): tianon, genuinetools, docker-library-bot Hooks (1): docker - active:true (https://api.github.com/repos/genuinetools/irssi/hooks/3918042) Protected Branches (1): master --