bonsai
Health Warn
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 5 GitHub stars
Code Pass
- Code scan — Scanned 1 files during light audit, no dangerous patterns found
Permissions Pass
- Permissions — No dangerous permissions requested
This is a CLI tool designed to manage and clean up Git worktrees. It specifically targets the leftover worktrees generated by AI coding assistants, providing interactive and non-interactive ways to audit, list, and delete them.
Security Assessment
The overall risk is Low. The tool's primary function is executing local Git and GitHub CLI commands to read repository states and delete worktrees. It does not request inherently dangerous system permissions, and the automated code scan found no hardcoded secrets or dangerous patterns. Because the tool integrates with the `gh` CLI, it will inherently access your GitHub authentication token to fetch PR statuses. It also reads local file paths and Git histories, which is expected for a repository management utility.
Quality Assessment
The codebase appears to be actively maintained, with its last push occurring today. It uses the permissive and standard MIT license. However, it currently has very low community visibility with only 5 GitHub stars. This means the tool has not been extensively battle-tested or widely reviewed by the open-source community, leaving a small but typical trust gap for new projects.
Verdict
Safe to use, though you should expect a basic, relatively untested utility rather than a highly polished community standard.
Git worktree manager for AI-assisted workflows. Audit, clean, and finalize worktrees that Claude Code, Cursor, and friends leave behind.
bonsai
A CLI tool for managing git worktrees. git worktree is barebones — as AI-assisted workflows (Claude Code, Cursor, etc.) spawn worktrees per task, they accumulate fast with no good way to audit, clean, or finalize them.
Bonsai fixes that.
Install
# From source
git clone https://github.com/sauravpanda/bonsai
cd bonsai
make install # installs to /usr/local/bin/bonsai
Or with go install:
go install github.com/sauravpanda/bonsai@latest
Requirements: Go 1.21+. GitHub integration requires the gh CLI to be installed and authenticated (gh auth login). Bonsai works without it — PR status will just show as unknown.
Commands
bonsai list
Table view of all worktrees with path, branch, age, last commit, ahead/behind base, and PR status. Columns scale to your terminal width.
# PATH BRANCH AGE LAST COMMIT +/- PR
──────────────────────────────────────────────────────────────────────────────────────────────────────
~/projects/myapp main 2h chore: bump deps +0/-0 —
1 .claude/worktrees/feat-auth feat/auth 3d add OAuth flow +4/-0 open
2 .claude/worktrees/fix-payments fix/payments 21d fix stripe webhook +0/-0 merged
3 .claude/worktrees/feat-dashboard feat/dashboard 8d WIP: new dashboard +2/-0 none
──────────────────────────────────────────────────────────────────────────────────────────────────────
4 worktree(s) · 3 added · * unpushed commits
| Flag | Description |
|---|---|
--no-pr |
Filter: show only worktrees with no PR |
--offline |
Skip GitHub PR lookup (faster) |
bonsai rm <n> [n...]
Delete worktrees by the numbers shown in bonsai list.
bonsai rm 2 # delete worktree #2
bonsai rm 1 3 5 # delete multiple at once
bonsai rm --force 2 # delete even if branch has unpushed commits
bonsai rm --dry-run 2 # preview without deleting
Refuses to delete worktrees with unpushed commits unless --force is passed.
bonsai clean
Interactive TUI picker. Shows deletion candidates (merged PR, stale, no unpushed commits) and lets you toggle which ones to remove.
bonsai clean # candidates only (merged/stale/no unpushed)
bonsai clean --all # show all worktrees
bonsai clean --stale 7 # override stale threshold to 7 days
bonsai clean --force # allow dirty removes
Keys: ↑/↓ navigate · space toggle · a select all · n select none · enter confirm · q quit
bonsai prune
Non-interactive version of clean. Shows each candidate with its reason and asks for confirmation before deleting.
bonsai prune # interactive per-item confirmation
bonsai prune --dry-run # list candidates, no deletions
bonsai prune -y # auto-confirm all
bonsai prune --stale 7 # override stale threshold
bonsai push [branch-or-path]
Push a worktree's branch to the remote. If no argument is given, uses the current working directory.
bonsai push # push current worktree's branch
bonsai push feat/auth # push by branch name
bonsai push --pr # push + open PR via gh
bonsai push --web # push + open PR creation in browser
bonsai push --remove # push then remove the worktree
bonsai push --pr --remove # push, open PR, then clean up
bonsai push --dry-run # preview only
Configuration
Bonsai reads ~/.config/bonsai/config.toml on startup. Missing keys fall back to defaults.
stale_threshold_days = 14 # worktrees older than this are prune candidates
default_remote = "origin"
default_base = "main"
Design decisions
- Never deletes worktrees with unpushed commits without explicit
--force - PR merge detection is the killer feature — if the remote branch is merged, zero-friction delete
--dry-runon all destructive commands- Delegates to
ghCLI for GitHub auth and PR status — no token management - Gracefully degrades when
ghis not installed or not authenticated - Single binary, no runtime dependencies
GitHub integration
Bonsai uses the gh CLI to check PR status and open PRs. It never manages GitHub tokens directly.
gh auth login # one-time setup
bonsai list # PR column now shows open/merged/closed/none
Without gh auth, the PR column shows ? and prune/clean candidates are based on staleness only.
License
MIT
Made with ♥ by Saurav Panda
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found