GitHub CLI now collects pseudoanonymous telemetry
ingve
433 points
316 comments
April 22, 2026
Related Discussions
Found 5 related stories in 47.5ms across 5,335 title embeddings via pgvector HNSW
- Updates to GitHub Copilot interaction data usage policy prefork · 269 pts · March 25, 2026 · 49% similar
- I audited the privacy of popular free dev tools, the results are terrifying WaitWaitWha · 52 pts · March 03, 2026 · 46% similar
- Hacker News CLI (2014) rolph · 46 pts · April 15, 2026 · 45% similar
- Show HN: I replaced Google Analytics with my own tool – no cookies, <1KB script VictorChanet · 12 pts · April 06, 2026 · 45% similar
- Show HN: A CLI that writes its own integration code adinagoerres · 15 pts · April 14, 2026 · 44% similar
Discussion Highlights (20 comments)
embedding-shape
Love it when a PR is brief: https://github.com/cli/cli/pull/13254 > Removes the env var that gates telemetry, so it will be on by default.
neobrain
tl;dr for opt-out as per https://cli.github.com/telemetry#how-to-opt-out (any of these work individually): export GH_TELEMETRY=false export DO_NOT_TRACK=true gh config set telemetry disabled (starting from version 2.91.0, which this announcement refers to)
Kim_Bruning
what's the last version before telemetry... will want to pin there.
wild_pointer
pseudoanonymous, meaning not anonymous? lol
delf
Creator of GitSocial here, check it out if you'd like to have better control of your data and be protected from such things: https://github.com/gitsocial-org/gitsocial
bugrasan
doesn't this need to be opt-in according to EU GDPR?
msla
I wonder how robust they are against people sending them fake data.
sammy2255
Today I learned GitHub has a CLI. I guess that's like Pornhub having a CLI
a2128
Why we collect telemetry ...our team needs visibility into how features are being used in practice. We use this data to prioritize our work and evaluate whether features are meeting real user needs. I'm curious why corporate development teams always feel the need to spy on their users? Is it not sufficient to employ good engineering and design practices? Git has served us well for 20+ years without detailed analytics over who exactly is using which features and commands. Would Git have been significantly better if it had collected telemetry, or would the data not have just been a distraction?
djdillon
FWIW, looks to remain disabled by default for enterprise users.
traceroute66
I suggest anyone who cares, and certainly anybody in the EU mails privacy@github.com and also opens a support ticket to let them know exactly what you think
mghackerlady
can someone explain why github has a CLI? why wouldn't you just use git?
bakies
So happy I deployed gitea to my homelab last month. It's got an import feature from github and honestly just faster and better uptime that github. Claude can use it just fine with tea cli and git. It's pretty much a knockoff github, but I think it's better so far.
ImJasonH
Do people think that GitHub isn't already collecting and aggregating all the requests sent to their servers, which is after all the entire point of the gh CLI? If you don't want your requests tracked, you're going to have to opt out of a lot more than this one setting.
grugdev42
Remember that thing Microsoft does? Embrace, extend, extinguish. The first two have been done. I give it five years before the GH CLI is the only way to interact with GitHub repos. Then the third will also be done, and the cycle is complete.
varispeed
pseudoanonymous = euphemism for not anonoymous. Regulators should wake up and fine them hard, so hard to become existential. Make an example for others not to follow.
0x3o3
just use Radicle and never look back with centralised platforms.
CMay
If you have 3 of your developers spending 80% of their time in an area of the codebase that gets no usage and you don't see a path forward that realistically is likely to increase usage, it can be a better use of developer time to focus them elsewhere or even rethink the feature. The problem I have with a lot of these analytics is that while there are harmless ways to use it, there is this understanding that they could be tying your unique identifier to behavioral patterns which could be used to reconstruct your identity with machine learning. It's even worse if they include timestamps. Why not just expose exactly what telemetry is being sent when it's sent? Like add an option that makes telemetry verbose, but doesn't send it unless you enable it. That way you can evaluate it before you decide to turn it on. Whenever you do the Steam Hardware survey it'll show you what gets sent. This is the right way to do it.
Kim_Bruning
dev tools and especially libraries must not have telemetry unless absolutely strictly necessary (and even then!). * Dev tools because you need to be able to trust they don't leak while you're working. Not all sites/locations/customers/projects allow leaks, and it's easier to just blacklist anything that does leak, so you know you can trust your tools, and the same habits, justfiles, etc work everywhere. * libraries that leak deserve a special kind of hell. You add a library to your project, and now it might be leaking without warning. If a lot of libraries decide to leak, your application is now an unmanageable sieve. If you do need to run telemetry, make it opt in or end user only. But if you as developer don't even have control then that's the worst.
raverbashing
Do you know what doesn't collect telemetry? the old git command in your terminal I think I'll keep using that