ghorg
ghorg is a command-line tool written in Go that bulk-clones or backs up repositories from GitHub, GitLab, Bitbucket, Gitea, and Sourcehut into a single local directory. It automates repository synchronization, making it useful for searching codebases, creating backups, and onboarding team members across multiple SCM providers.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | gabrie30/ghorg |
| Owner | gabrie30 |
| Primary language | Go |
| License | Apache-2.0 — OSI-approved |
| Stars | 2.1k |
| Forks | 185 |
| Open issues | 11 |
| Latest release | v1.11.12 (2026-06-27) |
| Last updated | 2026-07-04 |
| Source | https://github.com/gabrie30/ghorg |
What ghorg is
ghorg uses API calls to enumerate repositories from SCM providers and performs batch git clone/pull operations into a unified directory structure. It supports configuration via YAML files and CLI flags, token-based authentication, filtering/selective cloning, and metrics tracking. Default behavior performs git pull and git clean on existing repos to maintain synchronization.
Get the ghorg source
Clone the repository and explore it locally.
git clone https://github.com/gabrie30/ghorg.gitcd ghorg# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- API token must be created with appropriate scopes per SCM provider (repo scopes for GitHub, read_api for GitLab, etc.) and stored securely; SAML SSO orgs require extra token authorization.
- Default configuration will overwrite local changes via git clean on re-runs; teams must use --no-clean flag or separate directories if they plan to work in the cloned area.
- Disk space and network bandwidth scale with repository count and size; consider filtering by repo pattern or topic to reduce scope for large organizations.
- Configuration precedence: CLI flags override YAML config, which defaults to $HOME/.config/ghorg/conf.yaml; XDG_CONFIG_HOME is respected for non-standard paths.
- Self-hosted GitHub/GitLab/Gitea instances require --base-url flag; test connectivity and token validity before scheduling automated runs.
When to avoid it — and what to weigh
- Real-time Repository Mirroring Required — ghorg is pull-based and relies on scheduled execution; it is not designed for continuous real-time mirroring of repository changes as they happen.
- Managing Very Large Monorepos or Massive Organizations — While ghorg can handle scale, cloning hundreds of large repositories into a single directory can consume significant disk space and network bandwidth; consider git mirrors or federation strategies for extreme scale.
- Write-Heavy Collaborative Workflows in Clone Directory — ghorg applies git clean and pull by default, overwriting local changes; unsuitable if teams intend to develop directly in the cloned directory without explicit --no-clean flag management.
- Complex Authentication or Private Networking — Token-based auth works well for standard setups, but complex SAML SSO, OAuth flows, or air-gapped networks may require careful configuration and are not explicitly detailed in provided docs.
License & commercial use
Licensed under Apache License 2.0 (SPDX: Apache-2.0), a permissive OSI-approved license that permits commercial use, modification, and distribution with minimal restrictions. See https://opensource.org/licenses/Apache-2.0 for full terms.
Apache 2.0 is a permissive OSI license that explicitly permits commercial use without royalty or special agreement. No proprietary restrictions apply. However, users should review the license directly to confirm their specific use case aligns with attribution and liability disclaimers.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Low |
| DEV.co fit | Strong |
| Assessment confidence | High |
Token-based authentication (API tokens or GitHub App private keys) is required and must be stored securely; guidance on secure storage mechanisms is not detailed in the provided excerpt. Users handling multiple tokens for different SCM providers should employ secrets management. The tool performs git operations over HTTPS/SSH; ensure underlying git configuration on the system is secure. Disk-based credential storage (conf.yaml) should be protected with appropriate file permissions. No security audit details, CVE history, or formal security policy are provided in the data.
Alternatives to consider
Gitea / Forgejo Repository Mirroring
Self-hosted git forge with built-in repository mirroring and synchronization; better for continuous real-time mirroring but requires running a Forgejo/Gitea instance.
git-repo / repo (Android/Google)
Multi-repository tool designed for large monorepo workspaces; more sophisticated dependency and manifest management but steeper learning curve and primarily Android-ecosystem focused.
Custom Bash/Python Scripts + git clone loops
Direct API calls and git commands offer full control and flexibility; suitable for one-off or highly specialized workflows, but requires in-house maintenance and error handling.
Build on ghorg with DEV.co software developers
ghorg is a lightweight, active CLI tool for DevOps teams and auditors. Install via Homebrew or prebuilt binary, configure your SCM token, and start syncing today.
Talk to DEV.coRelated on DEV.co
Explore the category and the services that help you build with it.
ghorg FAQ
Will ghorg overwrite my local work if I edit files in the cloned directory?
Does ghorg support GitHub Enterprise or self-hosted GitLab?
How do I schedule ghorg to run automatically?
What SCM providers does ghorg support?
Custom software development services
DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If ghorg is part of your open-source devops roadmap, our team can implement, customize, migrate, and maintain it.
Ready to bulk-clone your organization's repositories?
ghorg is a lightweight, active CLI tool for DevOps teams and auditors. Install via Homebrew or prebuilt binary, configure your SCM token, and start syncing today.