Install¶
jira-cli ships as a single static Go binary. Pick a method below; each tab is self-contained. Working on jira itself? See Contributing instead.
Install methods¶
Recommended on macOS (Apple Silicon) and Linux (amd64/arm64).
The formula lives in
matcra587/homebrew-tap
and tracks the latest GitHub release.
No Homebrew?
Use the one-line installer:
Intel macOS / build from source
No darwin/amd64 bottle is published. brew install --HEAD
matcra587/tap/jira compiles the latest main with the Go toolchain
and embeds version metadata. It's the one Homebrew path that works on
Intel macOS.
Recommended on Windows (amd64/arm64). Add the bucket once, then install:
The manifest lives in
matcra587/scoop-bucket
and tracks the latest GitHub release.
Works anywhere mise runs. It downloads the release binary from GitHub Releases:
List versions with mise ls-remote github:matcra587/jira-cli. mise pulls the
release archives, so there's no Intel-macOS build; for checksum and signature
verification, use the Pre-built binaries tab.
For Linux (amd64/arm64) and Apple Silicon macOS. A POSIX-sh installer
auto-detects OS and architecture, resolves the release tag, verifies the
SHA-256 against the published checksums.txt (and the cosign signature when
cosign is on PATH), and installs into $HOME/.local/bin.
Pin a version with the tag: … | sh -s v0.5.9. Native Windows isn't covered
(the installer is POSIX-sh). Use the Scoop or mise tab, or run it
under WSL.
Environment overrides
The positional version argument is the common case; everything else is controlled by environment variables.
| Variable | Effect |
|---|---|
JIRA_CLI_VERSION |
Pin a release tag (same effect as the positional argument; the positional argument wins when both are set). |
JIRA_CLI_INSTALL_DIR |
Install directory. Default: $HOME/.local/bin. Use /usr/local/bin for a system-wide install. |
JIRA_CLI_NO_VERIFY |
Set to 1 to skip cosign verification when cosign is unavailable. SHA-256 still runs. |
Example, system-wide install:
What curl | sh actually runs
The installer's source lives at docs/install.sh, about 130 lines of POSIX sh. Inspect it before piping into sh if you don't already trust the source:
Any Go platform supported by jira's dependencies, including Intel macOS.
Installs the latest tagged release into $(go env GOBIN) (or
$(go env GOPATH)/bin).
Version metadata
This path embeds limited version metadata: jira version reports dev
or git-derived values because the version package relies on compile-time
-X ldflag overrides that go install does not supply. For accurate
jira version output, use Homebrew, mise, or the pre-built binaries.
GitHub Releases ship checksummed archives for Linux (amd64/arm64) and macOS
arm64 as .tar.gz, and Windows (amd64/arm64) as .zip. Reach for these for
a scripted pipeline, a stricter audit trail, or to avoid piping curl into
sh.
The GitHub CLI resolves the latest release and fetches the archive plus checksums (Linux amd64 shown):
gh release download --repo matcra587/jira-cli \
--pattern 'jira_*_linux_amd64.tar.gz' \
--pattern 'checksums.txt'
sha256sum -c checksums.txt --ignore-missing
tar xzf jira_*_linux_amd64.tar.gz
sudo install jira /usr/local/bin/
Swap the arch and OS in --pattern for your platform (Windows ships a
.zip). To check the signature too, add --pattern
'checksums.txt.sigstore.json' and follow the Cosign signature
verification note.
Without the GitHub CLI (curl + SHA-256)
The archives follow jira_<version>_<os>_<arch>.tar.gz (Windows uses
.zip). Resolve the latest tag, download, and verify by hand:
VERSION=$(curl -fsSLI -o /dev/null -w '%{url_effective}' \
https://github.com/matcra587/jira-cli/releases/latest | sed 's#.*/tag/##')
OS=$(uname -s | tr '[:upper:]' '[:lower:]')
ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/')
curl -fsSLO "https://github.com/matcra587/jira-cli/releases/download/${VERSION}/jira_${VERSION#v}_${OS}_${ARCH}.tar.gz"
curl -fsSLO "https://github.com/matcra587/jira-cli/releases/download/${VERSION}/checksums.txt"
grep "_${OS}_${ARCH}.tar.gz$" checksums.txt | sha256sum -c
tar xzf "jira_${VERSION#v}_${OS}_${ARCH}.tar.gz"
sudo install jira /usr/local/bin/
set VERSION (curl -fsSLI -o /dev/null -w '%{url_effective}' \
https://github.com/matcra587/jira-cli/releases/latest | string replace -r '.*/tag/' '')
set OS (uname -s | string lower)
set ARCH (uname -m | string replace x86_64 amd64 | string replace aarch64 arm64)
set NUM (string replace -r '^v' '' $VERSION)
set TARBALL (printf 'jira_%s_%s_%s.tar.gz' $NUM $OS $ARCH)
curl -fsSLO "https://github.com/matcra587/jira-cli/releases/download/$VERSION/$TARBALL"
curl -fsSLO "https://github.com/matcra587/jira-cli/releases/download/$VERSION/checksums.txt"
grep (printf '_%s_%s.tar.gz$' $OS $ARCH) checksums.txt | sha256sum -c
tar xzf $TARBALL
sudo install jira /usr/local/bin/
Cosign signature verification
checksums.txt is signed with cosign
keyless signing; a checksums.txt.sigstore.json bundle ships next to the
release artifacts. The one-line installer verifies it automatically when
cosign is on PATH. To verify by hand:
curl -fsSLO "https://github.com/matcra587/jira-cli/releases/download/${VERSION}/checksums.txt.sigstore.json"
cosign verify-blob \
--bundle checksums.txt.sigstore.json \
--certificate-identity-regexp "https://github.com/matcra587/jira-cli/" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
checksums.txt
curl -fsSLO "https://github.com/matcra587/jira-cli/releases/download/$VERSION/checksums.txt.sigstore.json"
cosign verify-blob \
--bundle checksums.txt.sigstore.json \
--certificate-identity-regexp "https://github.com/matcra587/jira-cli/" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
checksums.txt
The archives themselves are not individually signed; the checksum bundle covers them transitively.
Verify the install¶
Prints the installed version, commit, branch, build time, and built by (one of
goreleaser, homebrew, or the local user for a dev build).
If jira: command not found, the binary isn't on PATH. Homebrew and mise
handle this for you; the one-line installer prints a PATH-fix hint; for
go install make sure $(go env GOBIN) (or $(go env GOPATH)/bin) is on your
PATH.
Update jira¶
The binary updates itself — reach for jira update first, or pass --dry-run
to report the installed and latest versions without changing anything:
It detects how the binary was installed: Homebrew and release-archive installs
are updated directly (checksum-verified, rollback-safe), while Scoop, mise, and
go install binaries are owned by their installer — jira update prints the
exact command to run instead of touching them.
Prefer to drive the installer yourself? The per-channel commands:
Re-download the latest archive with --clobber to overwrite the existing
files (Linux amd64 shown), then reinstall over the binary on your PATH:
Uninstall jira¶
Removing the binary doesn't drop stored credentials or your local config. Clean those up explicitly if you're walking away from jira entirely.
- Installed to a custom
JIRA_CLI_INSTALL_DIR? Remove it there instead, e.g.sudo rm -f /usr/local/bin/jira.
Credentials and config are not removed
The binary uninstall leaves your stored API tokens in the OS keyring (or 1Password vault) and your config TOML on disk. To remove them:
jira auth logout <profile> # (1)!
rm -rf "${XDG_CONFIG_HOME:-$HOME/.config}/jira-cli" # (2)!
rm -rf "${XDG_CACHE_HOME:-$HOME/.cache}/jira-cli" # (3)!
- Drop the stored credential for every profile, one at a time.
- Remove the config file.
- Remove the local cache.
On Windows the equivalent dirs are %AppData%\jira-cli (config and queries)
and %LocalAppData%\cache\jira-cli (cache). If you've already uninstalled
the binary, remove the keyring or 1Password item by hand through the OS
keychain app or op item delete.