diff --git a/ci/README.md b/ci/README.md
index deea4c8f..da3a9f6d 100644
--- a/ci/README.md
+++ b/ci/README.md
@@ -24,8 +24,7 @@ Any file or directory in this subdirectory should be documented here.
    - It will upload them to the draft release.
 6. Run some basic sanity tests on one of the released packages.
    - Especially make sure the terminal works fine.
-7. Make sure the github release tag is the commit with the artifacts. This is a bug in
-   `hub` where uploading assets in step 5 will break the tag.
+7. Make sure the github release tag is the commit with the artifacts.
 8. Publish the release and merge the PR.
    1. CI will automatically grab the artifacts and then:
       1. Publish the NPM package from `npm-package`.
@@ -106,10 +105,10 @@ You can disable minification by setting `MINIFY=`.
 - [./ci/build/code-server.service](./build/code-server.service)
   - systemd user service packaged into the `.deb` and `.rpm`.
 - [./ci/build/release-github-draft.sh](./build/release-github-draft.sh) (`yarn release:github-draft`)
-  - Uses [hub](https://github.com/github/hub) to create a draft release with a template description.
+  - Uses [gh](https://github.com/cli/cli) to create a draft release with a template description.
 - [./ci/build/release-github-assets.sh](./build/release-github-assets.sh) (`yarn release:github-assets`)
   - Downloads the release-package artifacts for the current commit from CI.
-  - Uses [hub](https://github.com/github/hub) to upload the artifacts to the release
+  - Uses [gh](https://github.com/cli/cli) to upload the artifacts to the release
     specified in `package.json`.
 - [./ci/build/npm-postinstall.sh](./build/npm-postinstall.sh)
   - Post install script for the npm package.
diff --git a/ci/build/release-github-assets.sh b/ci/build/release-github-assets.sh
index 7fba6770..a025ee59 100755
--- a/ci/build/release-github-assets.sh
+++ b/ci/build/release-github-assets.sh
@@ -15,7 +15,7 @@ main() {
   for i in "${!assets[@]}"; do
     assets[$i]="--attach=${assets[$i]}"
   done
-  EDITOR=true hub release edit --draft "${assets[@]}" "v$VERSION"
+  EDITOR=true gh release upload "v$VERSION" "${assets[@]}"
 }
 
 main "$@"
diff --git a/ci/build/release-github-draft.sh b/ci/build/release-github-draft.sh
index d9facac5..4cd65d59 100755
--- a/ci/build/release-github-draft.sh
+++ b/ci/build/release-github-draft.sh
@@ -7,10 +7,10 @@ main() {
   cd "$(dirname "$0")/../.."
   source ./ci/lib.sh
 
-  hub release create \
-    --file - \
-    -t "$(git rev-parse HEAD)" \
-    --draft "v$VERSION" <<EOF
+  gh release create "v$VERSION" \
+    --notes-file - \
+    --target "$(git rev-parse HEAD)" \
+    --draft <<EOF
 v$VERSION
 
 VS Code v$(vscode_version)
diff --git a/ci/build/release-prep.sh b/ci/build/release-prep.sh
index 4e30a2fd..f0b0334b 100755
--- a/ci/build/release-prep.sh
+++ b/ci/build/release-prep.sh
@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 # Description: This is a script to make the release process easier
 # Run it with `yarn release:prep` and it will do the following:
-# 1. Check that you have a $GITHUB_TOKEN set and hub installed
+# 1. Check that you have gh installed and that you're signed in
 # 2. Update the version of code-server (package.json, docs, etc.)
 # 3. Update the code coverage badge in the README
 # 4. Open a draft PR using the release_template.md and view in browser
@@ -19,19 +19,11 @@ main() {
 
   cd "$(dirname "$0")/../.."
 
-  # Check that $GITHUB_TOKEN is set
-  if [[ -z ${GITHUB_TOKEN-} ]]; then
-    echo "We couldn't find an environment variable under GITHUB_TOKEN."
-    echo "This is needed for our scripts that use hub."
-    echo -e "See docs regarding GITHUB_TOKEN here under 'GitHub OAuth authentication': https://hub.github.com/hub.1.html"
-    exit
-  fi
-
-  # Check that hub is installed
-  if ! command -v hub &>/dev/null; then
-    echo "hub could not be found."
+  # Check that gh is installed
+  if ! command -v gh &>/dev/null; then
+    echo "gh could not be found."
     echo "We use this with the release-github-draft.sh and release-github-assets.sh scripts."
-    echo -e "See docs here: https://github.com/github/hub#installation"
+    echo -e "See docs here: https://github.com/cli/cli#installation"
     exit
   fi
 
@@ -68,6 +60,14 @@ main() {
     exit
   fi
 
+  # Check that gh is authenticated
+  if ! gh auth status -h github.com &>/dev/null; then
+    echo "gh isn't authenticated to github.com."
+    echo "This is needed for our scripts that use gh."
+    echo -e "See docs regarding authentication: https://cli.github.com/manual/gh_auth_login"
+    exit
+  fi
+
   # Note: we need to set upstream as well or the gh pr create step will fail
   # See: https://github.com/cli/cli/issues/575
   CURRENT_BRANCH=$(git branch | grep '\*' | cut -d' ' -f2-)
diff --git a/ci/lib.sh b/ci/lib.sh
index b1152d16..dbde849b 100755
--- a/ci/lib.sh
+++ b/ci/lib.sh
@@ -49,24 +49,20 @@ arch() {
   esac
 }
 
-curl() {
-  command curl -H "Authorization: token $GITHUB_TOKEN" "$@"
-}
-
 # Grabs the most recent ci.yaml github workflow run that was successful and triggered from the same commit being pushd.
 # This will contain the artifacts we want.
 # https://developer.github.com/v3/actions/workflow-runs/#list-workflow-runs
 get_artifacts_url() {
   local artifacts_url
-  local workflow_runs_url="https://api.github.com/repos/cdr/code-server/actions/workflows/ci.yaml/runs?status=success&event=pull_request"
+  local workflow_runs_url="repos/:owner/:repo/actions/workflows/ci.yaml/runs?status=success&event=pull_request"
   # For releases, we look for run based on the branch name v$code_server_version
   # example: v3.9.3
   local version_branch="v$VERSION"
-  artifacts_url=$(curl -fsSL "$workflow_runs_url" | jq -r ".workflow_runs[] | select(.head_branch == \"$version_branch\") | .artifacts_url" | head -n 1)
+  artifacts_url=$(gh api "$workflow_runs_url" | jq -r ".workflow_runs[] | select(.head_branch == \"$version_branch\") | .artifacts_url" | head -n 1)
   if [[ -z "$artifacts_url" ]]; then
     echo >&2 "ERROR: artifacts_url came back empty"
     echo >&2 "We looked for a successful run triggered by a pull_request with for code-server version: $code_server_version and a branch named $version_branch"
-    echo >&2 "URL used for curl call: $workflow_runs_url"
+    echo >&2 "URL used for gh API call: $workflow_runs_url"
     exit 1
   fi
 
@@ -77,7 +73,7 @@ get_artifacts_url() {
 # https://developer.github.com/v3/actions/artifacts/#list-workflow-run-artifacts
 get_artifact_url() {
   local artifact_name="$1"
-  curl -fsSL "$(get_artifacts_url)" | jq -r ".artifacts[] | select(.name == \"$artifact_name\") | .archive_download_url" | head -n 1
+  gh api "$(get_artifacts_url)" | jq -r ".artifacts[] | select(.name == \"$artifact_name\") | .archive_download_url" | head -n 1
 }
 
 # Uses the above two functions to download a artifact into a directory.
@@ -88,7 +84,7 @@ download_artifact() {
   local tmp_file
   tmp_file="$(mktemp)"
 
-  curl -fsSL "$(get_artifact_url "$artifact_name")" >"$tmp_file"
+  gh api "$(get_artifact_url "$artifact_name")" >"$tmp_file"
   unzip -q -o "$tmp_file" -d "$dst"
   rm "$tmp_file"
 }