@juppytt/fws 0.1.3 → 0.3.0

package/.claude/settings.local.json

@@ -71,7 +71,19 @@
       "Bash(sed:*)",
       "Bash(gh issue:*)",
       "Bash(gh pr:*)",
-      "Bash(npm version:*)"
+      "Bash(npm version:*)",
+      "Bash(fws:*)",
+      "Bash(gh --help)",
+      "Bash(gh environment:*)",
+      "Bash(gh api:*)",
+      "Bash(GH_TOKEN=fake GH_HOST=localhost:4200 gh api /user)",
+      "Bash(gh config:*)",
+      "Bash(GH_TOKEN=fake GH_HOST=localhost:4200 HTTPS_PROXY=http://localhost:4101 SSL_CERT_FILE=/home/juhee/.local/share/fws/certs/ca.crt gh api /user)",
+      "Bash(export GH_TOKEN=fake)",
+      "Bash(curl -s http://localhost:4100/user)",
+      "Bash(curl -s http://localhost:4100/repos/testuser/my-project/issues)",
+      "Bash(export GH_REPO=testuser/my-project)",
+      "Bash(curl -s -X POST http://localhost:4100/graphql -H 'Content-Type: application/json' -d '{\"query\":\"query { repository\\(owner:\\\\\"testuser\\\\\",name:\\\\\"my-project\\\\\"\\) { issue: issueOrPullRequest\\(number:1\\) { ...on Issue { number title state body } } } }\",\"variables\":{}}')"
     ]
   }
 }

package/README.md

@@ -1,22 +1,29 @@
-# fws — Fake Google Workspace
+# fws — Fake Web Services
 
-A local mock server that redirects the `gws` CLI, enabling Google Workspace testing without OAuth authentication.
+A local mock server for testing CLI tools and agents against fake web services without real credentials. Supports Google Workspace (`gws` CLI), GitHub (`gh` CLI), and more.
 
 Built with [Claude Code](https://claude.ai/code).
 
 ## How it works
 
-`gws` sends API requests to the `rootUrl` defined in its discovery cache (`~/.config/gws/cache/*.json`). fws rewrites these URLs to `http://localhost:4100/` and sets `GOOGLE_WORKSPACE_CLI_TOKEN=fake` to bypass auth.
+fws runs a local HTTP mock server (port 4100) and a MITM CONNECT proxy (port 4101) that intercepts HTTPS traffic to `*.googleapis.com` and `api.github.com`, forwarding it to the mock server.
 
-For helper commands (`+triage`, `+send`, `+reply`, etc.) that hardcode `googleapis.com` URLs, fws runs a MITM CONNECT proxy on port 4101 that intercepts HTTPS traffic and forwards it to the local mock server.
+For `gws`: discovery cache URLs are rewritten to localhost, and `GOOGLE_WORKSPACE_CLI_TOKEN=fake` bypasses auth.
+For `gh`: `HTTPS_PROXY` routes traffic through the MITM proxy, and `GH_TOKEN=fake` bypasses auth.
 
 All data lives **in memory**. When the server stops, everything is lost unless you save a snapshot first. Use `fws snapshot save` to persist state.
 
 ## Install
 
 ```bash
-npm install
-npm link     # makes `fws` command available globally
+npm install -g @juppytt/fws
+```
+
+Or from source:
+
+```bash
+git clone https://github.com/juppytt/fws.git && cd fws
+npm install && npm link
 ```
 
 ## Quick Start
@@ -30,21 +37,23 @@ export GOOGLE_WORKSPACE_CLI_CONFIG_DIR=~/.local/share/fws/config
 export GOOGLE_WORKSPACE_CLI_TOKEN=fake
 export HTTPS_PROXY=http://localhost:4101
 export SSL_CERT_FILE=~/.local/share/fws/certs/ca.crt
+export GH_TOKEN=fake
 
-# Try some commands
-gws gmail users messages list --params '{"userId":"me"}'
+# Try gws commands
 gws gmail +triage
 gws calendar events list --params '{"calendarId":"primary"}'
 gws drive files list
-gws tasks tasklists list
-gws sheets spreadsheets get --params '{"spreadsheetId":"sheet001"}'
-gws people people connections list --params '{"resourceName":"people/me","personFields":"names"}'
+
+# Try gh commands
+gh issue list                                      # requires GH_REPO=testuser/my-project
+gh api /repos/testuser/my-project/issues
+gh api /user
 
 # When done
 fws server stop
 ```
 
-The server starts with sample seed data (5 emails, 4 calendar events, 5 drive files, 2 tasks, 1 spreadsheet, 2 contacts) so you can try gws commands immediately.
+The server starts with sample seed data so you can try commands immediately.
 
 ## Usage
 
@@ -101,17 +110,20 @@ Snapshots are stored in `~/.local/share/fws/snapshots/` (override with `FWS_DATA
 | Tasks    | 1 task list with 2 tasks (1 pending, 1 completed) |
 | Sheets   | 1 spreadsheet ("Budget 2026") |
 | People   | 2 contacts (Alice, Bob), 1 contact group |
+| GitHub   | 1 repo (testuser/my-project), 2 issues, 1 PR, 1 comment |
 
 ## API support
 
-Gmail (28/79 + 5 helpers), Calendar (21/37), Drive (18/57), Tasks (14/14), Sheets (7/17), People (16/24). 135 tests, 89 gws CLI validated.
+**Google Workspace**: Gmail (28/79 + 5 helpers), Calendar (21/37), Drive (18/57), Tasks (14/14), Sheets (7/17), People (16/24).
+**GitHub**: REST (repos, issues, PRs, comments, labels, search) + GraphQL (issue/PR list and view).
 
-See [docs/gws-support.md](docs/gws-support.md) for the full endpoint-by-endpoint table.
+See [docs/gws-support.md](docs/gws-support.md) for endpoint tables.
 
 ## Documentation
 
 - [docs/cli-reference.md](docs/cli-reference.md) — Full CLI reference with all flags, HTTP API equivalents, and examples
-- [docs/gws-support.md](docs/gws-support.md) — Endpoint-by-endpoint support table
+- [docs/gws-support.md](docs/gws-support.md) — Google Workspace endpoint support table
+- [docs/gh-support.md](docs/gh-support.md) — GitHub endpoint support table
 
 ## Structure
 

package/bin/fws.ts

@@ -29,11 +29,14 @@ async function ensureDir(dir: string): Promise<void> {
   await fs.mkdir(dir, { recursive: true });
 }
 
+import { createRequire } from 'node:module';
+const pkg = createRequire(import.meta.url)('../package.json');
+
 const program = new Command();
 program
   .name('fws')
-  .description('Fake Google Workspace — local mock server for gws CLI testing')
-  .version('0.1.0');
+  .description('Fake Web Services — local mock server for testing CLI tools and agents without real credentials')
+  .version(pkg.version);
 
 // === Server commands ===
 const serverCmd = program.command('server');
@@ -144,16 +147,20 @@ serverCmd
       const caPath = serverInfo.caPath || path.join(getDataDir(), 'certs', 'ca.crt');
 
       console.log(`fws server started on port ${port} (pid ${child.pid})\n`);
-      console.log(`To use with gws:\n`);
+      console.log(`Run this to configure your shell:\n`);
+      console.log(`  eval $(fws server env)\n`);
+      console.log(`Or set manually:\n`);
       console.log(`  export GOOGLE_WORKSPACE_CLI_CONFIG_DIR=${configDir}`);
       console.log(`  export GOOGLE_WORKSPACE_CLI_TOKEN=fake`);
       console.log(`  export HTTPS_PROXY=http://localhost:${proxyPort}`);
-      console.log(`  export SSL_CERT_FILE=${caPath}\n`);
+      console.log(`  export SSL_CERT_FILE=${caPath}`);
+      console.log(`  export GH_TOKEN=fake`);
+      console.log(`  export GH_REPO=testuser/my-project\n`);
       console.log(`Then try:\n`);
-      console.log(`  gws gmail users messages list --params '{"userId":"me"}'`);
       console.log(`  gws gmail +triage`);
-      console.log(`  gws calendar events list --params '{"calendarId":"primary"}'`);
-      console.log(`  gws drive files list\n`);
+      console.log(`  gws drive files list`);
+      console.log(`  gh issue list`);
+      console.log(`  gh api /user\n`);
       console.log(`Stop with: fws server stop`);
     } else {
       const log = await fs.readFile(logFile, 'utf-8').catch(() => '');
@@ -178,6 +185,28 @@ serverCmd
     }
   });
 
+serverCmd
+  .command('env')
+  .description('Print export statements for shell (use with eval)')
+  .action(async () => {
+    try {
+      const info = JSON.parse(await fs.readFile(getServerInfoPath(), 'utf-8'));
+      const configDir = path.join(getDataDir(), 'config');
+      const caPath = info.caPath || path.join(getDataDir(), 'certs', 'ca.crt');
+      const proxyPort = info.proxyPort || info.port + 1;
+
+      console.log(`export GOOGLE_WORKSPACE_CLI_CONFIG_DIR=${configDir}`);
+      console.log(`export GOOGLE_WORKSPACE_CLI_TOKEN=fake`);
+      console.log(`export HTTPS_PROXY=http://localhost:${proxyPort}`);
+      console.log(`export SSL_CERT_FILE=${caPath}`);
+      console.log(`export GH_TOKEN=fake`);
+      console.log(`export GH_REPO=testuser/my-project`);
+    } catch {
+      console.error('No running server found. Start with: fws server start');
+      process.exit(1);
+    }
+  });
+
 serverCmd
   .command('status')
   .description('Show server status')

package/docs/gh-support.md

@@ -0,0 +1,63 @@
+# GitHub API Support Status
+
+fws mocks the GitHub REST API and a subset of GraphQL, accessed via the `gh` CLI through the MITM proxy.
+
+All supported endpoints are validated through actual `gh` CLI commands in `test/gh-validation.test.ts` (15 tests).
+
+## Setup
+
+```bash
+fws server start
+eval $(fws server env)
+
+# gh commands now hit the local mock
+gh issue list
+gh api /user
+```
+
+Requires: `GH_TOKEN=fake`, `HTTPS_PROXY`, `SSL_CERT_FILE` (set by `fws server env`).
+Optional: `GH_REPO=testuser/my-project` (needed for `gh issue list`, `gh pr list`).
+
+## REST API
+
+| gh command | Method | Path | Status |
+|------------|--------|------|--------|
+| `gh api /user` | GET | /user | ✅ gh-tested |
+| `gh api /users/:username` | GET | /users/:username | ✅ gh-tested |
+| `gh api /user/repos` | GET | /user/repos | ✅ gh-tested |
+| `gh api /user/repos` | POST | /user/repos | ✅ gh-tested |
+| `gh api /repos/:owner/:repo` | GET | /repos/:owner/:repo | ✅ gh-tested |
+| `gh api /repos/.../issues` | GET | /repos/:owner/:repo/issues | ✅ gh-tested |
+| `gh api /repos/.../issues` | POST | /repos/:owner/:repo/issues | ✅ gh-tested |
+| `gh api /repos/.../issues/:n` | GET | /repos/:owner/:repo/issues/:number | ✅ gh-tested |
+| `gh api /repos/.../issues/:n` | PATCH | /repos/:owner/:repo/issues/:number | ✅ gh-tested |
+| `gh api /repos/.../issues/:n/comments` | GET | /repos/:owner/:repo/issues/:number/comments | ✅ gh-tested |
+| `gh api /repos/.../issues/:n/comments` | POST | /repos/:owner/:repo/issues/:number/comments | ✅ gh-tested |
+| `gh api /repos/.../pulls` | GET | /repos/:owner/:repo/pulls | ✅ gh-tested |
+| `gh api /repos/.../pulls` | POST | /repos/:owner/:repo/pulls | ✅ gh-tested |
+| `gh api /repos/.../pulls/:n` | GET | /repos/:owner/:repo/pulls/:number | ✅ gh-tested |
+| `gh api /repos/.../pulls/:n` | PATCH | /repos/:owner/:repo/pulls/:number | ✅ gh-tested |
+| `gh api /repos/.../pulls/:n/merge` | PUT | /repos/:owner/:repo/pulls/:number/merge | ✅ gh-tested |
+| `gh api /repos/.../labels` | GET | /repos/:owner/:repo/labels | ✅ gh-tested |
+| `gh api /search/issues` | GET | /search/issues?q=... | ✅ gh-tested |
+
+## GraphQL
+
+| gh command | Query | Status |
+|------------|-------|--------|
+| `gh issue list` | repository.issues | ✅ gh-tested |
+| `gh issue view N` | repository.issueOrPullRequest | ✅ gh-tested |
+| `gh pr list` | repository.pullRequests | ✅ gh-tested |
+| `gh pr view N` | repository.pullRequest | ✅ gh-tested |
+| Project items queries | repository.issue/pullRequest.projectItems | ✅ stub (returns empty) |
+
+## Seed data
+
+| Resource | Data |
+|----------|------|
+| User | `testuser` (Test User, testuser@example.com) |
+| Repo | `testuser/my-project` (TypeScript, public, 2 open issues) |
+| Issue #1 | "Fix login bug" (open, bug label, assigned to testuser, 1 comment from bob) |
+| Issue #2 | "Add dark mode support" (open, enhancement label) |
+| PR #3 | "Fix SSO login flow" (open, fix/sso-login -> main, Fixes #1) |
+| Comment | bob on issue #1: "I can reproduce this. Happens with Google SSO specifically." |

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@juppytt/fws",
-  "version": "0.1.3",
-  "description": "Fake Google Workspace — local mock server for gws CLI testing",
+  "version": "0.3.0",
+  "description": "Fake Web Services — local mock server for testing CLI tools and agents without real credentials",
   "type": "module",
   "bin": {
     "fws": "bin/fws-cli.js"

package/src/proxy/mitm.ts

@@ -5,7 +5,8 @@ import crypto from 'node:crypto';
 import fs from 'node:fs/promises';
 import path from 'node:path';
 
-const GOOGLEAPIS_HOSTS = [
+const INTERCEPTED_HOSTS = [
+  // Google Workspace
   'gmail.googleapis.com',
   'www.googleapis.com',
   'tasks.googleapis.com',
@@ -20,6 +21,8 @@ const GOOGLEAPIS_HOSTS = [
   'people.googleapis.com',
   'sheets.googleapis.com',
   'admin.googleapis.com',
+  // GitHub
+  'api.github.com',
 ];
 
 interface CertPair {
@@ -149,7 +152,7 @@ export function startMitmProxy(mockPort: number, proxyPort: number): http.Server
     const port = parseInt(portStr) || 443;
 
     // Only intercept googleapis.com hosts
-    if (!GOOGLEAPIS_HOSTS.some(h => hostname === h || hostname.endsWith('.' + h))) {
+    if (!INTERCEPTED_HOSTS.some(h => hostname === h || hostname.endsWith('.' + h))) {
       // Pass through to real server
       const serverSocket = net.connect(port, hostname, () => {
         clientSocket.write('HTTP/1.1 200 Connection Established\r\n\r\n');

package/src/server/app.ts

@@ -5,6 +5,7 @@ import { driveRoutes } from './routes/drive.js';
 import { tasksRoutes } from './routes/tasks.js';
 import { sheetsRoutes } from './routes/sheets.js';
 import { peopleRoutes } from './routes/people.js';
+import { githubRoutes } from './routes/github.js';
 import { controlRoutes } from './routes/control.js';
 import { errorHandler } from './middleware.js';
 
@@ -19,6 +20,7 @@ export function createApp(): express.Express {
   app.use(tasksRoutes());
   app.use(sheetsRoutes());
   app.use(peopleRoutes());
+  app.use(githubRoutes());
 
   app.use(errorHandler);
 

package/src/server/routes/github.ts

@@ -0,0 +1,571 @@
+import { Router } from 'express';
+import { getStore } from '../../store/index.js';
+import { generateId } from '../../util/id.js';
+
+export function githubRoutes(): Router {
+  const r = Router();
+  // gh api sends to api.github.com without prefix
+  // GH Enterprise uses /api/v3/ prefix
+  // Support both
+  const P = '';
+
+  // === GraphQL ===
+  // gh issue list, gh pr list, etc. use GraphQL
+  r.post('/graphql', (req, res) => {
+    const store = getStore();
+    const query = req.body.query || '';
+    const variables = req.body.variables || {};
+
+    // Detect what the query is asking for and return appropriate data
+
+    // Single PR by number (gh pr view)
+    if (query.includes('pullRequest(number:') && !query.includes('pullRequests(') && !query.includes('projectItems')) {
+      const repoOwner = variables.owner || store.github.user.login;
+      const repoName = variables.repo || Object.values(store.github.repos)[0]?.name || '';
+      const key = `${repoOwner}/${repoName}`;
+      const num = variables.pr_number || variables.number || 0;
+
+      const pull = store.github.pulls[key]?.[num];
+      if (!pull) {
+        return res.json({ data: { repository: { pullRequest: null } } });
+      }
+
+      const commentsKey = `${key}/issues/${num}`;
+      const comments = store.github.comments[commentsKey] || [];
+
+      return res.json({
+        data: {
+          repository: {
+            pullRequest: {
+              __typename: 'PullRequest',
+              number: pull.number,
+              url: pull.html_url,
+              title: pull.title,
+              body: pull.body || '',
+              state: pull.state === 'merged' ? 'MERGED' : pull.state.toUpperCase(),
+              createdAt: pull.created_at,
+              isDraft: pull.draft,
+              maintainerCanModify: true,
+              mergeable: pull.mergeable ? 'MERGEABLE' : 'CONFLICTING',
+              additions: 10,
+              deletions: 3,
+              headRefName: pull.head.ref,
+              baseRefName: pull.base.ref,
+              headRepositoryOwner: { id: `U_${pull.user.id}`, login: pull.user.login, name: pull.user.login },
+              headRepository: { id: 'R_1', name: repoName },
+              isCrossRepository: false,
+              id: `PR_${pull.id}`,
+              author: { login: pull.user.login, id: `U_${pull.user.id}`, name: pull.user.login },
+              autoMergeRequest: null,
+              reviewRequests: { nodes: [] },
+              reviews: { nodes: [], pageInfo: { hasNextPage: false, endCursor: null }, totalCount: 0 },
+              assignees: { nodes: [], totalCount: 0 },
+              labels: { nodes: [], totalCount: 0 },
+              milestone: null,
+              comments: {
+                nodes: comments.map(c => ({
+                  id: `C_${c.id}`,
+                  author: { login: c.user.login, id: `U_${c.user.id}`, name: c.user.login },
+                  authorAssociation: 'NONE',
+                  body: c.body,
+                  createdAt: c.created_at,
+                  includesCreatedEdit: false,
+                  isMinimized: false,
+                  minimizedReason: '',
+                  reactionGroups: [],
+                  url: c.html_url,
+                  viewerDidAuthor: false,
+                })),
+                pageInfo: { hasNextPage: false, endCursor: null },
+                totalCount: comments.length,
+              },
+              reactionGroups: [],
+              commits: { totalCount: 1 },
+              statusCheckRollup: { nodes: [{ commit: { statusCheckRollup: { contexts: { nodes: [], pageInfo: { hasNextPage: false, endCursor: null } } } } }] },
+            },
+          },
+        },
+      });
+    }
+
+    // Single issue/PR by number (gh issue view)
+    if (query.includes('issueOrPullRequest')) {
+      const repoOwner = variables.owner || store.github.user.login;
+      const repoName = variables.repo || Object.values(store.github.repos)[0]?.name || '';
+      const key = `${repoOwner}/${repoName}`;
+      const num = variables.number || 0;
+
+      if (!num) {
+        return res.json({ data: { repository: { issue: null } } });
+      }
+
+      const issue = store.github.issues[key]?.[num];
+      const pull = store.github.pulls[key]?.[num];
+      const item = issue || pull;
+
+      if (item) {
+        const isIssue = !!issue;
+        const commentsKey = `${key}/issues/${num}`;
+        const comments = store.github.comments[commentsKey] || [];
+
+        const node = {
+                __typename: isIssue ? 'Issue' : 'PullRequest',
+                number: item.number,
+                url: (item as any).html_url,
+                state: (item as any).state === 'merged' ? 'MERGED' : (item as any).state.toUpperCase(),
+                stateReason: null,
+                createdAt: item.created_at,
+                title: item.title,
+                body: item.body || '',
+                id: `ID_${item.id}`,
+                author: { login: item.user.login, id: `U_${item.user.id}`, name: item.user.login },
+                milestone: null,
+                assignees: {
+                  nodes: isIssue ? (issue!.assignees || []).map(a => ({ id: `U_${a.id}`, login: a.login, name: a.login, databaseId: a.id })) : [],
+                  totalCount: isIssue ? (issue!.assignees || []).length : 0,
+                },
+                labels: {
+                  nodes: isIssue ? (issue!.labels || []).map(l => ({ id: `L_${l.id}`, name: l.name, description: '', color: l.color })) : [],
+                  totalCount: isIssue ? (issue!.labels || []).length : 0,
+                },
+                reactionGroups: [],
+                comments: {
+                  nodes: comments.slice(-1).map(c => ({
+                    author: { login: c.user.login, id: `U_${c.user.id}`, name: c.user.login },
+                    authorAssociation: 'NONE',
+                    body: c.body,
+                    createdAt: c.created_at,
+                    includesCreatedEdit: false,
+                    isMinimized: false,
+                    minimizedReason: '',
+                    reactionGroups: [],
+                  })),
+                  totalCount: comments.length,
+                },
+                // PR-specific fields
+                ...(pull ? {
+                  headRefName: pull.head.ref,
+                  baseRefName: pull.base.ref,
+                  isDraft: pull.draft,
+                  mergeable: pull.mergeable ? 'MERGEABLE' : 'CONFLICTING',
+                } : {}),
+        };
+        return res.json({ data: { repository: { issue: node } } });
+      }
+
+      return res.json({ data: { repository: { issue: null, issueOrPullRequest: null } } });
+    }
+
+    // Issue list query (not single issue or project items)
+    if ((query.includes('issues(') || query.includes('issues {')) && !query.includes('projectItems')) {
+      const repoOwner = variables.owner || store.github.user.login;
+      const repoName = variables.repo || Object.values(store.github.repos)[0]?.name || '';
+      const key = `${repoOwner}/${repoName}`;
+      const issues = Object.values(store.github.issues[key] || {});
+      const states = variables.states || ['OPEN'];
+
+      const filteredIssues = issues.filter(i => {
+        const gqlState = i.state.toUpperCase();
+        return states.includes(gqlState);
+      });
+
+      return res.json({
+        data: {
+          repository: {
+            hasIssuesEnabled: true,
+            issues: {
+              totalCount: filteredIssues.length,
+              nodes: filteredIssues.map(i => ({
+                number: i.number,
+                title: i.title,
+                state: i.state.toUpperCase(),
+                createdAt: i.created_at,
+                updatedAt: i.updated_at,
+                author: { login: i.user.login },
+                labels: { nodes: i.labels.map(l => ({ name: l.name, color: l.color })) },
+                assignees: { nodes: i.assignees.map(a => ({ login: a.login })) },
+                url: i.html_url,
+              })),
+              pageInfo: { hasNextPage: false, endCursor: null },
+            },
+          },
+        },
+      });
+    }
+
+    if (query.includes('pullRequests(') || query.includes('pullRequests {')) {
+      const repoOwner = variables.owner || store.github.user.login;
+      const repoName = variables.repo || Object.values(store.github.repos)[0]?.name || '';
+      const key = `${repoOwner}/${repoName}`;
+      const pulls = Object.values(store.github.pulls[key] || {});
+      const states = variables.states || ['OPEN'];
+
+      const filteredPulls = pulls.filter(p => {
+        const gqlState = p.state === 'merged' ? 'MERGED' : p.state.toUpperCase();
+        return states.includes(gqlState);
+      });
+
+      return res.json({
+        data: {
+          repository: {
+            pullRequests: {
+              totalCount: filteredPulls.length,
+              nodes: filteredPulls.map(p => ({
+                number: p.number,
+                title: p.title,
+                state: p.state === 'merged' ? 'MERGED' : p.state.toUpperCase(),
+                createdAt: p.created_at,
+                updatedAt: p.updated_at,
+                author: { login: p.user.login },
+                headRefName: p.head.ref,
+                baseRefName: p.base.ref,
+                isDraft: p.draft,
+                url: p.html_url,
+              })),
+              pageInfo: { hasNextPage: false, endCursor: null },
+            },
+          },
+        },
+      });
+    }
+
+    // Project items query stub
+    if (query.includes('projectItems')) {
+      const projectItems = { totalCount: 0, nodes: [], pageInfo: { hasNextPage: false, endCursor: null } };
+      // Return only the field the query asks for
+      const repoData: any = {};
+      if (query.includes('issue(')) repoData.issue = { projectItems };
+      if (query.includes('pullRequest(')) repoData.pullRequest = { projectItems };
+      return res.json({ data: { repository: repoData } });
+    }
+
+    // Fallback for unknown queries
+    res.json({ data: {} });
+  });
+
+  // === User ===
+
+  r.get(`${P}/user`, (_req, res) => {
+    res.json(getStore().github.user);
+  });
+
+  r.get(`${P}/users/:username`, (req, res) => {
+    const store = getStore();
+    if (req.params.username === store.github.user.login) {
+      return res.json(store.github.user);
+    }
+    res.status(404).json({ message: 'Not Found' });
+  });
+
+  // === Repos ===
+
+  r.get(`${P}/repos/:owner/:repo`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const repo = getStore().github.repos[key];
+    if (!repo) {
+      return res.status(404).json({ message: 'Not Found' });
+    }
+    res.json(repo);
+  });
+
+  r.get(`${P}/user/repos`, (_req, res) => {
+    res.json(Object.values(getStore().github.repos));
+  });
+
+  r.post(`${P}/user/repos`, (req, res) => {
+    const store = getStore();
+    const name = req.body.name || 'new-repo';
+    const fullName = `${store.github.user.login}/${name}`;
+    const now = new Date().toISOString();
+    const repo = {
+      id: Math.floor(Math.random() * 100000),
+      name,
+      full_name: fullName,
+      owner: { login: store.github.user.login, id: store.github.user.id, type: 'User' },
+      private: req.body.private || false,
+      html_url: `https://github.com/${fullName}`,
+      description: req.body.description || null,
+      fork: false,
+      created_at: now,
+      updated_at: now,
+      pushed_at: now,
+      default_branch: 'main',
+      open_issues_count: 0,
+      language: null,
+      topics: [],
+    };
+    store.github.repos[fullName] = repo;
+    store.github.issues[fullName] = {};
+    store.github.pulls[fullName] = {};
+    res.status(201).json(repo);
+  });
+
+  // === Issues ===
+
+  r.get(`${P}/repos/:owner/:repo/issues`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const issuesMap = getStore().github.issues[key];
+    if (!issuesMap) {
+      return res.status(404).json({ message: 'Not Found' });
+    }
+    let issues = Object.values(issuesMap);
+    const state = req.query.state as string || 'open';
+    if (state !== 'all') {
+      issues = issues.filter(i => i.state === state);
+    }
+    // Include PRs unless filtered out
+    const pullsMap = getStore().github.pulls[key] || {};
+    if (state !== 'all') {
+      const prs = Object.values(pullsMap).filter(p => p.state === state);
+      const prIssues = prs.map(p => ({
+        ...p,
+        labels: [],
+        assignees: [],
+        comments: 0,
+        pull_request: { url: `${P}/repos/${key}/pulls/${p.number}` },
+      }));
+      issues = [...issues, ...prIssues as any];
+    }
+    issues.sort((a, b) => new Date(b.created_at).getTime() - new Date(a.created_at).getTime());
+    res.json(issues);
+  });
+
+  r.get(`${P}/repos/:owner/:repo/issues/:number`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const num = parseInt(req.params.number);
+    const issue = getStore().github.issues[key]?.[num];
+    if (!issue) {
+      // Check pulls
+      const pull = getStore().github.pulls[key]?.[num];
+      if (pull) return res.json({ ...pull, pull_request: { url: '' } });
+      return res.status(404).json({ message: 'Not Found' });
+    }
+    res.json(issue);
+  });
+
+  r.post(`${P}/repos/:owner/:repo/issues`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const store = getStore();
+    if (!store.github.issues[key]) store.github.issues[key] = {};
+
+    const existing = Object.values(store.github.issues[key]);
+    const existingPulls = Object.values(store.github.pulls[key] || {});
+    const maxNum = Math.max(0, ...existing.map(i => i.number), ...existingPulls.map(p => p.number));
+    const num = maxNum + 1;
+    const now = new Date().toISOString();
+
+    const issue = {
+      id: Math.floor(Math.random() * 100000),
+      number: num,
+      title: req.body.title || '',
+      body: req.body.body || null,
+      state: 'open' as const,
+      labels: (req.body.labels || []).map((l: string, i: number) => ({ id: i + 100, name: l, color: '000000' })),
+      assignees: (req.body.assignees || []).map((a: string) => ({ login: a, id: 0 })),
+      user: { login: store.github.user.login, id: store.github.user.id },
+      created_at: now,
+      updated_at: now,
+      closed_at: null,
+      html_url: `https://github.com/${key}/issues/${num}`,
+      comments: 0,
+    };
+    store.github.issues[key][num] = issue;
+
+    // Update repo issue count
+    const repo = store.github.repos[key];
+    if (repo) repo.open_issues_count++;
+
+    res.status(201).json(issue);
+  });
+
+  r.patch(`${P}/repos/:owner/:repo/issues/:number`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const num = parseInt(req.params.number);
+    const store = getStore();
+    const issue = store.github.issues[key]?.[num];
+    if (!issue) {
+      return res.status(404).json({ message: 'Not Found' });
+    }
+    const wasOpen = issue.state === 'open';
+    Object.assign(issue, req.body, { number: num, id: issue.id });
+    issue.updated_at = new Date().toISOString();
+    if (req.body.state === 'closed' && !issue.closed_at) {
+      issue.closed_at = new Date().toISOString();
+    }
+    // Update count
+    const repo = store.github.repos[key];
+    if (repo) {
+      if (wasOpen && issue.state === 'closed') repo.open_issues_count--;
+      if (!wasOpen && issue.state === 'open') repo.open_issues_count++;
+    }
+    res.json(issue);
+  });
+
+  // === Issue Comments ===
+
+  r.get(`${P}/repos/:owner/:repo/issues/:number/comments`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}/issues/${req.params.number}`;
+    const comments = getStore().github.comments[key] || [];
+    res.json(comments);
+  });
+
+  r.post(`${P}/repos/:owner/:repo/issues/:number/comments`, (req, res) => {
+    const issueKey = `${req.params.owner}/${req.params.repo}/issues/${req.params.number}`;
+    const store = getStore();
+    if (!store.github.comments[issueKey]) store.github.comments[issueKey] = [];
+
+    const now = new Date().toISOString();
+    const comment = {
+      id: Math.floor(Math.random() * 100000),
+      body: req.body.body || '',
+      user: { login: store.github.user.login, id: store.github.user.id },
+      created_at: now,
+      updated_at: now,
+      html_url: `https://github.com/${req.params.owner}/${req.params.repo}/issues/${req.params.number}#issuecomment-${Date.now()}`,
+    };
+    store.github.comments[issueKey].push(comment);
+
+    // Update issue comment count
+    const repoKey = `${req.params.owner}/${req.params.repo}`;
+    const num = parseInt(req.params.number);
+    const issue = store.github.issues[repoKey]?.[num];
+    if (issue) issue.comments++;
+
+    res.status(201).json(comment);
+  });
+
+  // === Pull Requests ===
+
+  r.get(`${P}/repos/:owner/:repo/pulls`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const pullsMap = getStore().github.pulls[key];
+    if (!pullsMap) {
+      return res.status(404).json({ message: 'Not Found' });
+    }
+    let pulls = Object.values(pullsMap);
+    const state = req.query.state as string || 'open';
+    if (state !== 'all') {
+      pulls = pulls.filter(p => p.state === state);
+    }
+    res.json(pulls);
+  });
+
+  r.get(`${P}/repos/:owner/:repo/pulls/:number`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const num = parseInt(req.params.number);
+    const pull = getStore().github.pulls[key]?.[num];
+    if (!pull) {
+      return res.status(404).json({ message: 'Not Found' });
+    }
+    res.json(pull);
+  });
+
+  r.post(`${P}/repos/:owner/:repo/pulls`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const store = getStore();
+    if (!store.github.pulls[key]) store.github.pulls[key] = {};
+
+    const existingIssues = Object.values(store.github.issues[key] || {});
+    const existingPulls = Object.values(store.github.pulls[key]);
+    const maxNum = Math.max(0, ...existingIssues.map(i => i.number), ...existingPulls.map(p => p.number));
+    const num = maxNum + 1;
+    const now = new Date().toISOString();
+
+    const pull = {
+      id: Math.floor(Math.random() * 100000),
+      number: num,
+      title: req.body.title || '',
+      body: req.body.body || null,
+      state: 'open' as const,
+      head: { ref: req.body.head || 'feature', sha: generateId(8), label: `${store.github.user.login}:${req.body.head || 'feature'}` },
+      base: { ref: req.body.base || 'main', sha: generateId(8), label: `${store.github.user.login}:${req.body.base || 'main'}` },
+      user: { login: store.github.user.login, id: store.github.user.id },
+      created_at: now,
+      updated_at: now,
+      merged_at: null,
+      closed_at: null,
+      html_url: `https://github.com/${key}/pull/${num}`,
+      mergeable: true,
+      draft: req.body.draft || false,
+    };
+    store.github.pulls[key][num] = pull;
+    res.status(201).json(pull);
+  });
+
+  r.patch(`${P}/repos/:owner/:repo/pulls/:number`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const num = parseInt(req.params.number);
+    const store = getStore();
+    const pull = store.github.pulls[key]?.[num];
+    if (!pull) {
+      return res.status(404).json({ message: 'Not Found' });
+    }
+    Object.assign(pull, req.body, { number: num, id: pull.id });
+    pull.updated_at = new Date().toISOString();
+    if (req.body.state === 'closed' && !pull.closed_at) {
+      pull.closed_at = new Date().toISOString();
+    }
+    res.json(pull);
+  });
+
+  // Merge PR
+  r.put(`${P}/repos/:owner/:repo/pulls/:number/merge`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const num = parseInt(req.params.number);
+    const store = getStore();
+    const pull = store.github.pulls[key]?.[num];
+    if (!pull) {
+      return res.status(404).json({ message: 'Not Found' });
+    }
+    if (pull.state !== 'open') {
+      return res.status(405).json({ message: 'Pull request is not mergeable' });
+    }
+    pull.state = 'merged';
+    pull.merged_at = new Date().toISOString();
+    pull.closed_at = pull.merged_at;
+    res.json({
+      sha: generateId(8),
+      merged: true,
+      message: 'Pull Request successfully merged',
+    });
+  });
+
+  // === Labels ===
+
+  r.get(`${P}/repos/:owner/:repo/labels`, (req, res) => {
+    const key = `${req.params.owner}/${req.params.repo}`;
+    const issues = Object.values(getStore().github.issues[key] || {});
+    const labelMap = new Map<string, any>();
+    for (const issue of issues) {
+      for (const label of issue.labels) {
+        labelMap.set(label.name, label);
+      }
+    }
+    res.json(Array.from(labelMap.values()));
+  });
+
+  // === Search ===
+
+  r.get(`${P}/search/issues`, (req, res) => {
+    const q = (req.query.q as string || '').toLowerCase();
+    const store = getStore();
+    const results: any[] = [];
+
+    for (const [repoKey, issuesMap] of Object.entries(store.github.issues)) {
+      for (const issue of Object.values(issuesMap)) {
+        const text = `${issue.title} ${issue.body || ''} ${issue.labels.map(l => l.name).join(' ')}`.toLowerCase();
+        if (text.includes(q) || q.includes(`repo:${repoKey}`)) {
+          results.push(issue);
+        }
+      }
+    }
+
+    res.json({
+      total_count: results.length,
+      incomplete_results: false,
+      items: results,
+    });
+  });
+
+  return r;
+}

package/src/store/seed.ts

@@ -1,4 +1,4 @@
-import type { FwsStore, GmailLabel, GmailMessage, CalendarEvent, DriveFile, TaskList, Task, Spreadsheet, Person, ContactGroup } from './types.js';
+import type { FwsStore, GmailLabel, GmailMessage, CalendarEvent, DriveFile, TaskList, Task, Spreadsheet, Person, ContactGroup, GitHubStore } from './types.js';
 import { generateEtag } from '../util/id.js';
 
 const SYSTEM_LABELS: GmailLabel[] = [
@@ -307,6 +307,103 @@ export function createSeedStore(): FwsStore {
         },
       },
     },
+    github: {
+      user: {
+        login: 'testuser',
+        id: 1,
+        name: 'Test User',
+        email: 'testuser@example.com',
+        avatar_url: 'https://github.com/testuser.png',
+        html_url: 'https://github.com/testuser',
+        type: 'User',
+      },
+      repos: {
+        'testuser/my-project': {
+          id: 101,
+          name: 'my-project',
+          full_name: 'testuser/my-project',
+          owner: { login: 'testuser', id: 1, type: 'User' },
+          private: false,
+          html_url: 'https://github.com/testuser/my-project',
+          description: 'A sample project for testing',
+          fork: false,
+          created_at: '2026-01-01T00:00:00Z',
+          updated_at: '2026-04-07T00:00:00Z',
+          pushed_at: '2026-04-07T00:00:00Z',
+          default_branch: 'main',
+          open_issues_count: 2,
+          language: 'TypeScript',
+          topics: ['testing', 'mock'],
+        },
+      },
+      issues: {
+        'testuser/my-project': {
+          1: {
+            id: 1001,
+            number: 1,
+            title: 'Fix login bug',
+            body: 'Users are getting 401 errors when trying to log in with SSO.',
+            state: 'open',
+            labels: [{ id: 1, name: 'bug', color: 'd73a4a' }],
+            assignees: [{ login: 'testuser', id: 1 }],
+            user: { login: 'alice', id: 2 },
+            created_at: '2026-04-05T10:00:00Z',
+            updated_at: '2026-04-06T14:00:00Z',
+            closed_at: null,
+            html_url: 'https://github.com/testuser/my-project/issues/1',
+            comments: 1,
+          },
+          2: {
+            id: 1002,
+            number: 2,
+            title: 'Add dark mode support',
+            body: 'It would be great to have a dark mode option.',
+            state: 'open',
+            labels: [{ id: 2, name: 'enhancement', color: 'a2eeef' }],
+            assignees: [],
+            user: { login: 'bob', id: 3 },
+            created_at: '2026-04-06T09:00:00Z',
+            updated_at: '2026-04-06T09:00:00Z',
+            closed_at: null,
+            html_url: 'https://github.com/testuser/my-project/issues/2',
+            comments: 0,
+          },
+        },
+      },
+      pulls: {
+        'testuser/my-project': {
+          3: {
+            id: 2001,
+            number: 3,
+            title: 'Fix SSO login flow',
+            body: 'Fixes #1. Updated the auth middleware to handle SSO tokens correctly.',
+            state: 'open',
+            head: { ref: 'fix/sso-login', sha: 'abc1234', label: 'testuser:fix/sso-login' },
+            base: { ref: 'main', sha: 'def5678', label: 'testuser:main' },
+            user: { login: 'testuser', id: 1 },
+            created_at: '2026-04-07T08:00:00Z',
+            updated_at: '2026-04-07T08:00:00Z',
+            merged_at: null,
+            closed_at: null,
+            html_url: 'https://github.com/testuser/my-project/pull/3',
+            mergeable: true,
+            draft: false,
+          },
+        },
+      },
+      comments: {
+        'testuser/my-project/issues/1': [
+          {
+            id: 3001,
+            body: 'I can reproduce this. Happens with Google SSO specifically.',
+            user: { login: 'bob', id: 3 },
+            created_at: '2026-04-06T14:00:00Z',
+            updated_at: '2026-04-06T14:00:00Z',
+            html_url: 'https://github.com/testuser/my-project/issues/1#issuecomment-3001',
+          },
+        ],
+      },
+    },
   };
 }
 

package/src/store/types.ts

@@ -7,6 +7,7 @@ export interface FwsStore {
   tasks: TasksStore;
   sheets: SheetsStore;
   people: PeopleStore;
+  github: GitHubStore;
 }
 
 // === Gmail ===
@@ -223,3 +224,85 @@ export interface ContactGroup {
   memberCount: number;
   memberResourceNames?: string[];
 }
+
+// === GitHub ===
+
+export interface GitHubStore {
+  user: GitHubUser;
+  repos: Record<string, GitHubRepo>;
+  issues: Record<string, Record<number, GitHubIssue>>; // "owner/repo" -> number -> issue
+  pulls: Record<string, Record<number, GitHubPull>>;
+  comments: Record<string, GitHubComment[]>; // "owner/repo/issues/number" -> comments
+}
+
+export interface GitHubUser {
+  login: string;
+  id: number;
+  name: string;
+  email: string;
+  avatar_url: string;
+  html_url: string;
+  type: 'User';
+}
+
+export interface GitHubRepo {
+  id: number;
+  name: string;
+  full_name: string;
+  owner: { login: string; id: number; type: string };
+  private: boolean;
+  html_url: string;
+  description: string | null;
+  fork: boolean;
+  created_at: string;
+  updated_at: string;
+  pushed_at: string;
+  default_branch: string;
+  open_issues_count: number;
+  language: string | null;
+  topics: string[];
+}
+
+export interface GitHubIssue {
+  id: number;
+  number: number;
+  title: string;
+  body: string | null;
+  state: 'open' | 'closed';
+  labels: Array<{ id: number; name: string; color: string }>;
+  assignees: Array<{ login: string; id: number }>;
+  user: { login: string; id: number };
+  created_at: string;
+  updated_at: string;
+  closed_at: string | null;
+  html_url: string;
+  comments: number;
+  pull_request?: { url: string };
+}
+
+export interface GitHubPull {
+  id: number;
+  number: number;
+  title: string;
+  body: string | null;
+  state: 'open' | 'closed' | 'merged';
+  head: { ref: string; sha: string; label: string };
+  base: { ref: string; sha: string; label: string };
+  user: { login: string; id: number };
+  created_at: string;
+  updated_at: string;
+  merged_at: string | null;
+  closed_at: string | null;
+  html_url: string;
+  mergeable: boolean | null;
+  draft: boolean;
+}
+
+export interface GitHubComment {
+  id: number;
+  body: string;
+  user: { login: string; id: number };
+  created_at: string;
+  updated_at: string;
+  html_url: string;
+}

package/test/gh-validation.test.ts

@@ -0,0 +1,130 @@
+import { describe, it, expect, beforeAll, afterAll } from 'vitest';
+import { createTestHarness, type TestHarness } from './helpers/harness.js';
+
+/**
+ * End-to-end validation: GitHub endpoints tested through the actual gh CLI.
+ */
+describe('gh CLI validation', () => {
+  let h: TestHarness;
+
+  beforeAll(async () => {
+    h = await createTestHarness();
+  });
+
+  afterAll(async () => {
+    await h.cleanup();
+  });
+
+  describe('REST API', () => {
+    it('gh api /user', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api /user');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.login).toBe('testuser');
+      expect(data.name).toBe('Test User');
+    });
+
+    it('gh api /repos/testuser/my-project', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api /repos/testuser/my-project');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.full_name).toBe('testuser/my-project');
+    });
+
+    it('gh api /repos/.../issues (list)', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api /repos/testuser/my-project/issues');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.length).toBeGreaterThan(0);
+      expect(data.some((i: any) => i.title === 'Fix login bug')).toBe(true);
+    });
+
+    it('gh api /repos/.../issues/1 (get)', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api /repos/testuser/my-project/issues/1');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.title).toBe('Fix login bug');
+      expect(data.state).toBe('open');
+    });
+
+    it('gh api /repos/.../issues (create)', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api /repos/testuser/my-project/issues -f title="Test Issue" -f body="Created by test"');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.title).toBe('Test Issue');
+      expect(data.number).toBeGreaterThan(0);
+    });
+
+    it('gh api /repos/.../issues/1/comments (create)', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api /repos/testuser/my-project/issues/1/comments -f body="Test comment"');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.body).toBe('Test comment');
+    });
+
+    it('gh api /repos/.../issues/1/comments (list)', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api /repos/testuser/my-project/issues/1/comments');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.length).toBeGreaterThan(0);
+    });
+
+    it('gh api /repos/.../pulls (list)', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api /repos/testuser/my-project/pulls');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.length).toBeGreaterThan(0);
+      expect(data[0].title).toBe('Fix SSO login flow');
+    });
+
+    it('gh api /repos/.../pulls/3 (get)', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api /repos/testuser/my-project/pulls/3');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.title).toBe('Fix SSO login flow');
+      expect(data.head.ref).toBe('fix/sso-login');
+    });
+
+    it('gh api /search/issues', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api "/search/issues?q=bug"');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.total_count).toBeGreaterThan(0);
+    });
+
+    it('gh api issue close (PATCH)', async () => {
+      const { stdout, exitCode } = await h.ghProxy('api /repos/testuser/my-project/issues/2 -X PATCH -f state=closed');
+      expect(exitCode).toBe(0);
+      const data = JSON.parse(stdout);
+      expect(data.state).toBe('closed');
+    });
+  });
+
+  describe('GraphQL (high-level commands)', () => {
+    it('gh issue list', async () => {
+      const { stdout, exitCode } = await h.ghProxyWithRepo('issue list');
+      expect(exitCode).toBe(0);
+      expect(stdout).toContain('Fix login bug');
+    });
+
+    it('gh issue view 1', async () => {
+      const { stdout, exitCode } = await h.ghProxyWithRepo('issue view 1');
+      expect(exitCode).toBe(0);
+      expect(stdout).toContain('Fix login bug');
+      expect(stdout).toContain('OPEN');
+    });
+
+    it('gh pr list', async () => {
+      const { stdout, exitCode } = await h.ghProxyWithRepo('pr list');
+      expect(exitCode).toBe(0);
+      expect(stdout).toContain('Fix SSO login flow');
+    });
+
+    it('gh pr view 3', async () => {
+      const { stdout, exitCode } = await h.ghProxyWithRepo('pr view 3');
+      expect(exitCode).toBe(0);
+      expect(stdout).toContain('Fix SSO login flow');
+      expect(stdout).toContain('OPEN');
+    });
+  });
+});

package/test/helpers/harness.ts

@@ -16,6 +16,10 @@ export interface TestHarness {
   gws: (args: string) => Promise<{ stdout: string; stderr: string; exitCode: number }>;
   /** Run gws command with MITM proxy (for helper commands like +triage) */
   gwsProxy: (args: string) => Promise<{ stdout: string; stderr: string; exitCode: number }>;
+  /** Run gh command with MITM proxy */
+  ghProxy: (args: string) => Promise<{ stdout: string; stderr: string; exitCode: number }>;
+  /** Run gh command with MITM proxy and GH_REPO set */
+  ghProxyWithRepo: (args: string) => Promise<{ stdout: string; stderr: string; exitCode: number }>;
   cleanup: () => Promise<void>;
 }
 
@@ -81,9 +85,9 @@ export async function createTestHarness(): Promise<TestHarness> {
     return result;
   }
 
-  function runGws(args: string, env: Record<string, string | undefined>): Promise<{ stdout: string; stderr: string; exitCode: number }> {
+  function runCmd(bin: string, args: string, env: Record<string, string | undefined>): Promise<{ stdout: string; stderr: string; exitCode: number }> {
     return new Promise((resolve) => {
-      execFile(gwsPath, parseArgs(args), { env, timeout: 10000 }, (err, stdout, stderr) => {
+      execFile(bin, parseArgs(args), { env, timeout: 10000 }, (err, stdout, stderr) => {
         resolve({
           stdout: stdout || '',
           stderr: stderr || '',
@@ -93,12 +97,26 @@ export async function createTestHarness(): Promise<TestHarness> {
     });
   }
 
+  const ghEnv = {
+    ...proxyEnv,
+    GH_TOKEN: 'fake',
+  };
+
+  const ghEnvWithRepo = {
+    ...ghEnv,
+    GH_REPO: 'testuser/my-project',
+  };
+
+  const ghPath = process.env.GH_PATH || 'gh';
+
   return {
     port,
     fetch: (urlPath: string, init?: RequestInit) =>
       globalThis.fetch(`http://localhost:${port}${urlPath}`, init),
-    gws: (args: string) => runGws(args, baseEnv),
-    gwsProxy: (args: string) => runGws(args, proxyEnv),
+    gws: (args: string) => runCmd(gwsPath, args, baseEnv),
+    gwsProxy: (args: string) => runCmd(gwsPath, args, proxyEnv),
+    ghProxy: (args: string) => runCmd(ghPath, args, ghEnv),
+    ghProxyWithRepo: (args: string) => runCmd(ghPath, args, ghEnvWithRepo),
     cleanup: async () => {
       server.close();
       proxyServer.close();