A read-only GitHub dashboard that shows which pull requests need your attention, and for how long — across your personal account and every organization you can access. Three lists, oldest first:
- Ready to merge — PRs GitHub reports as mergeable now. Out-of-date branches still count and get a "Needs update" hint (a bot/manual update handles them).
- Waiting on your review — PRs you're blocking others on.
- Stuck on checks — your open PRs with failing/pending checks, or otherwise blocked from merging (required checks, review, or conflicts).
- Tracked checks → Awaiting. GitHub's API hides "expected" required checks
(e.g. a manually-triggered
qa/smokeor automation) from non-admins. Name the checks you care about — org defaults plus per-repo overrides, with a type-to-search repo picker — and PRison shows them as "⏳ Awaiting: <name>" on a blocked PR until they report. - Grouping — flat, by repository, or by check.
- Light / dark theme, responsive two-column layout, minute-level ages, color-coded lists, and a Refresh button.
- Personal account + per-org filter in the top-right switcher.
- Your own access — sign in with the GitHub CLI or a token; no third-party app to approve. Every row deep-links to GitHub; PRison never writes anything.
PRison runs on your own machine — no third-party app to approve. The easiest way is Docker (one command); or run it locally with Node.
Warning
Sign-in mints a session from the host's GitHub credentials (your gh CLI token
or a GITHUB_TOKEN). PRison is designed to run on your own machine — do NOT
expose a gh-authenticated or GITHUB_TOKEN-configured instance on a reachable
network without adding your own access control.
Zero-config — AUTH_SECRET is auto-generated and persisted in a volume (nothing to set):
GITHUB_TOKEN="$(gh auth token)" docker compose up --build # http://localhost:3000Passing your gh token signs you in automatically — needed for SSO-restricted orgs
(e.g. useinsider) where classic PATs are blocked. The token rotates, so re-run when
it expires. Without GITHUB_TOKEN, just open the app and paste a token.
npm install
npm run dev # http://localhost:3000npm run dev generates AUTH_SECRET into .env.local on first run (it encrypts
the session cookie) — nothing to configure. Open the app and click Sign in with
GitHub CLI; the server reads your CLI token and stores it only in an encrypted,
httpOnly cookie — never in the browser.
If gh isn't installed or signed in, the app falls back to a paste-a-token form:
- Go to github.com/settings/tokens → Generate new token (classic).
- Select the
read:organdreposcopes, generate, and copy it.
Note
For SAML SSO orgs, click Configure SSO on the token and Authorize it — self-service, no org owner approval. Some orgs forbid classic PATs entirely; there the GitHub CLI token is the only way in.
Sign in with the GitHub CLI or paste a token. In the top-right: the switcher scopes to All / your personal account / a single org; the sliders icon opens Tracked checks (name the required checks to see as "Awaiting"); the sun/moon toggles the theme; Sign Out clears the stored token. Click a PR title (or a suggested-action link) to jump to GitHub. Use Flat / By repo / By check to group, Hide drafts to filter, and Refresh to re-fetch without reloading.
- CONTRIBUTING.md — conventions, tests, and CI setup
- docs/DESIGN.md — design system
- docs/UI-AUDIT.md — UI/UX audit notes
Licensed under MIT.
