fix: setup-cli on Linux musl containers (#431 )

## Summary Fixes setup-cli in Alpine/Linux musl containers after the Supabase CLI v2.99+ release layout introduced a Bun/TypeScript `supabase` shim alongside `supabase-go`. This keeps the v2 action on Bun, but makes the musl paths explicit: - Detect Linux musl before running `oven-sh/setup-bun` and pass the matching `bun-linux-*-musl.zip` via `bun-download-url`. - Use POSIX `sh` for composite shell steps so the action can run in minimal Alpine containers without `bash`. - Detect Linux musl in the CLI installer and download the existing `.apk` release asset for CLI v2.99+. - Add the extracted APK `usr/bin` directory to PATH. - Keep existing tar/zip behavior for glibc Linux, macOS, and Windows. ## Root Cause `oven-sh/setup-bun` does not currently include libc detection in its automatic release asset selection, so Alpine containers received a glibc Bun binary. Separately, setup-cli downloaded the generic Linux `.tar.gz` Supabase CLI asset, whose `supabase` shim is glibc-linked in v2.99+; the `.apk` asset contains the musl-linked shim. ## Testing - `bun run ci` - Manual GitHub workflow in https://github.com/jgoux/setup-cli-testing/actions/runs/2616196598653
fix: authenticate latest release lookup (#430 )
2026-06-28 01:46:58 +00:00 · 2026-05-20 15:15:47 +02:00 · 2026-05-20 15:06:17 +02:00 · 2026-05-18 13:09:18 +02:00 · 2026-05-06 20:16:03 +02:00 · 2026-05-06 16:52:27 +00:00
44 changed files with 1800 additions and 20698 deletions
--- a/.bun-version
+++ b/.bun-version
@@ -0,0 +1 @@
 1.3.10
--- a/.eslintignore
+++ b/.eslintignore
@@ -1,4 +0,0 @@
 dist/
 lib/
 node_modules/
 jest.config.js
--- a/.eslintrc.json
+++ b/.eslintrc.json
@@ -1,55 +0,0 @@
 {
    "plugins": ["jest", "@typescript-eslint"],
    "extends": ["plugin:github/recommended"],
    "parser": "@typescript-eslint/parser",
    "parserOptions": {
      "ecmaVersion": 9,
      "sourceType": "module",
      "project": "./tsconfig.json"
    },
    "rules": {
      "i18n-text/no-en": "off",
      "eslint-comments/no-use": "off",
      "import/no-namespace": "off",
      "no-unused-vars": "off",
      "@typescript-eslint/no-unused-vars": "error",
      "@typescript-eslint/explicit-member-accessibility": ["error", {"accessibility": "no-public"}],
      "@typescript-eslint/no-require-imports": "error",
      "@typescript-eslint/array-type": "error",
      "@typescript-eslint/await-thenable": "error",
      "@typescript-eslint/ban-ts-comment": "error",
      "camelcase": "off",
      "@typescript-eslint/consistent-type-assertions": "error",
      "@typescript-eslint/explicit-function-return-type": ["error", {"allowExpressions": true}],
      "@typescript-eslint/func-call-spacing": ["error", "never"],
      "@typescript-eslint/no-array-constructor": "error",
      "@typescript-eslint/no-empty-interface": "error",
      "@typescript-eslint/no-explicit-any": "error",
      "@typescript-eslint/no-extraneous-class": "error",
      "@typescript-eslint/no-for-in-array": "error",
      "@typescript-eslint/no-inferrable-types": "error",
      "@typescript-eslint/no-misused-new": "error",
      "@typescript-eslint/no-namespace": "error",
      "@typescript-eslint/no-non-null-assertion": "warn",
      "@typescript-eslint/no-unnecessary-qualifier": "error",
      "@typescript-eslint/no-unnecessary-type-assertion": "error",
      "@typescript-eslint/no-useless-constructor": "error",
      "@typescript-eslint/no-var-requires": "error",
      "@typescript-eslint/prefer-for-of": "warn",
      "@typescript-eslint/prefer-function-type": "warn",
      "@typescript-eslint/prefer-includes": "error",
      "@typescript-eslint/prefer-string-starts-ends-with": "error",
      "@typescript-eslint/promise-function-async": "error",
      "@typescript-eslint/require-array-sort-compare": "error",
      "@typescript-eslint/restrict-plus-operands": "error",
      "semi": "off",
      "@typescript-eslint/semi": ["error", "never"],
      "@typescript-eslint/type-annotation-spacing": "error",
      "@typescript-eslint/unbound-method": "error"
    },
    "env": {
      "node": true,
      "es6": true,
      "jest/globals": true
    }
  }
--- a/.gitattributes
+++ b/.gitattributes
@@ -1 +0,0 @@
 dist/** -diff linguist-generated=true 
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
 * @supabase/cli
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -3,9 +3,34 @@ updates:
  - package-ecosystem: github-actions
    directory: /
    schedule:
-      interval: daily
+      interval: weekly
      day: tuesday
      time: "09:00"
      timezone: Europe/Paris
    open-pull-requests-limit: 1
    groups:
      actions-minor-patch:
        patterns:
          - "*"
        update-types:
          - minor
          - patch
-  - package-ecosystem: npm
+  - package-ecosystem: bun
    directory: /
    schedule:
-      interval: daily
+      interval: weekly
      day: tuesday
      time: "09:00"
      timezone: Europe/Paris
    open-pull-requests-limit: 1
    cooldown:
      semver-minor-days: 7
      semver-patch-days: 2
    groups:
      bun-minor-patch:
        patterns:
          - "*"
        update-types:
          - minor
          - patch
--- a/.github/workflows/check-dist.yml
+++ b/.github/workflows/check-dist.yml
@@ -1,54 +0,0 @@
 # `dist/index.js` is a special file in Actions.
 # When you reference an action with `uses:` in a workflow,
 # `index.js` is the code that will run.
 # For our project, we generate this file through a build process from other source files.
 # We need to make sure the checked-in `index.js` actually matches what we expect it to be.
 name: Check dist/
 on:
  push:
    branches:
      - main
    paths-ignore:
      - '**.md'
  pull_request:
    paths-ignore:
      - '**.md'
  workflow_dispatch:
 jobs:
  check-dist:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Set Node.js 20.x
        uses: actions/setup-node@v4.0.1
        with:
          node-version: 20.x
          cache: npm
      - name: Install dependencies
        run: npm ci
      - name: Rebuild the dist/ directory
        run: |
          npm run build
          npm run package
      - name: Compare the expected and actual dist/ directories
        run: |
          if ! git diff --ignore-space-at-eol --exit-code --quiet dist/; then
            echo "Detected uncommitted changes after build.  See status below:"
            git diff
            exit 1
          fi
        id: diff
      # If index.js was different than expected, upload the expected version as an artifact
      - uses: actions/upload-artifact@v4
        if: ${{ failure() && steps.diff.conclusion == 'failure' }}
        with:
          name: dist
          path: dist/
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,69 @@
 name: CI
 on:
  pull_request:
    types:
      - opened
      - synchronize
      - reopened
      - ready_for_review
      - converted_to_draft
  push:
    branches:
      - main
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 permissions:
  contents: read
 defaults:
  run:
    shell: bash
 jobs:
  validate:
    if: ${{ github.event_name != 'pull_request' || !github.event.pull_request.draft }}
    runs-on: ubuntu-latest
    timeout-minutes: 15
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
        with:
          bun-version-file: .bun-version
      - run: bun install --frozen-lockfile
      - run: bun run ci
  test:
    if: ${{ github.event_name != 'pull_request' || !github.event.pull_request.draft }}
    runs-on: ${{ matrix.os }}
    timeout-minutes: 20
    strategy:
      fail-fast: false
      matrix:
        os: [macos-latest, windows-latest, ubuntu-latest]
        version: [1.0.0, latest]
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - uses: ./
        with:
          version: ${{ matrix.version }}
          github-token: ${{ github.token }}
      - run: supabase -h
  ci:
    if: ${{ always() && github.event_name == 'pull_request' }}
    name: CI
    runs-on: ubuntu-latest
    needs: [validate, test]
    timeout-minutes: 5
    steps:
      - run: |
          validate_result="${{ needs.validate.result }}"
          test_result="${{ needs.test.result }}"
          [[ "$validate_result" == "success" || "$validate_result" == "skipped" ]]
          [[ "$test_result" == "success" || "$test_result" == "skipped" ]]
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -1,71 +0,0 @@
 # For most projects, this workflow file will not need changing; you simply need
 # to commit it to your repository.
 #
 # You may wish to alter this file to override the set of languages analyzed,
 # or to provide custom queries or build logic.
 #
 # ******** NOTE ********
 # We have attempted to detect the languages in your repository. Please check
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
 name: 'CodeQL'
 on:
  push:
    branches: [ main ]
  pull_request:
    # The branches below must be a subset of the branches above
    branches: [ main ]
  schedule:
    - cron: '31 7 * * 3'
 jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    strategy:
      fail-fast: false
      matrix:
        language: [ 'TypeScript' ]
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Learn more about CodeQL language support at https://git.io/codeql-language-support
    steps:
    - name: Checkout repository
      uses: actions/checkout@v4
    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
      uses: github/codeql-action/init@v3
      with:
        languages: ${{ matrix.language }}
        source-root: src
        # If you wish to specify custom queries, you can do so here or in a config file.
        # By default, queries listed here will override any specified in a config file.
        # Prefix the list here with "+" to use these queries and those in the config file.
        # queries: ./path/to/local/query, your-org/your-repo/queries@main
    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
    # If this step fails, then you should remove it and run the build manually (see below)
    - name: Autobuild
      uses: github/codeql-action/autobuild@v3
    # ℹ️ Command-line programs to run using the OS shell.
    # 📚 https://git.io/JvXDl
    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
    #    and modify them (or add more) to build your code if your project
    #    uses a compiled language
    #- run: |
    #   make bootstrap
    #   make release
    - name: Perform CodeQL Analysis
      uses: github/codeql-action/analyze@v3
--- a/.github/workflows/dependabot.yml
+++ b/.github/workflows/dependabot.yml
@@ -3,6 +3,10 @@ name: Dependabot auto-merge
 on: pull_request
 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true
 permissions:
  pull-requests: write
  contents: write
@@ -10,30 +14,33 @@ permissions:
 jobs:
  dependabot:
    runs-on: ubuntu-latest
-    # Checking the actor will prevent your Action run failing on non-Dependabot
+    timeout-minutes: 10
-    # PRs but also ensures that it only does work for Dependabot PRs.
+    # Only act on PRs opened by Dependabot from branches in this repository.
-    if: ${{ github.actor == 'dependabot[bot]' }}
+    if: github.actor == 'dependabot[bot]' && github.repository == github.event.pull_request.head.repo.full_name
    steps:
-      # This first step will fail if there's no metadata and so the approval
+      # Metadata drives the non-major gating used for approval and auto-merge.
-      # will not occur.
+      - id: meta
-      - name: Dependabot metadata
+        uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98 # v3.1.0
        id: dependabot-metadata
        uses: dependabot/fetch-metadata@v1.6.0
        with:
-          github-token: '${{ secrets.GITHUB_TOKEN }}'
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
      - name: Generate token
        id: app-token
        if: ${{ steps.meta.outputs.update-type == null || steps.meta.outputs.update-type == 'version-update:semver-patch' || steps.meta.outputs.update-type == 'version-update:semver-minor' }}
        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
        with:
          app-id: ${{ secrets.APP_ID }}
          private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
      # Here the PR gets approved.
      - name: Approve a PR
-        if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }}
+        if: ${{ steps.meta.outputs.update-type == null || steps.meta.outputs.update-type == 'version-update:semver-patch' || steps.meta.outputs.update-type == 'version-update:semver-minor' }}
        run: gh pr review --approve "$PR_URL"
        env:
          PR_URL: ${{ github.event.pull_request.html_url }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
      # Finally, this sets the PR to allow auto-merging for patch and minor
      # updates if all checks pass
      - name: Enable auto-merge for Dependabot PRs
-        if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }}
+        if: ${{ steps.meta.outputs.update-type == null || steps.meta.outputs.update-type == 'version-update:semver-patch' || steps.meta.outputs.update-type == 'version-update:semver-minor' }}
        run: gh pr merge --auto --squash "$PR_URL"
        env:
          PR_URL: ${{ github.event.pull_request.html_url }}
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -0,0 +1,71 @@
 name: E2E
 on:
  pull_request:
    types:
      - opened
      - synchronize
      - reopened
      - ready_for_review
      - converted_to_draft
  push:
    branches:
      - main
    tags:
      - "v[0-9]+.[0-9]+.[0-9]+"
  schedule:
    # * is a special character in YAML so you have to quote this string
    - cron: "30 1,9 * * *"
  workflow_dispatch:
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 defaults:
  run:
    shell: bash
 permissions:
  contents: read
 jobs:
  e2e: # make sure the action works on a clean machine without building
    if: ${{ github.event_name != 'pull_request' || !github.event.pull_request.draft }}
    runs-on: ubuntu-latest
    timeout-minutes: 45
    strategy:
      fail-fast: false
      matrix:
        version:
          - 1.178.2
          - 2.33.0
          - latest
        pg_major:
          - 14
          - 15
          - 17
        exclude:
          - version: 1.178.2
            pg_major: 17
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - uses: ./
        with:
          version: ${{ matrix.version }}
      - run: supabase init
      - run: |
          sed -i -E "s|^(major_version) .*|\\1 = ${{ matrix.pg_major }}|" supabase/config.toml
      - run: supabase start
  e2e-check:
    if: ${{ always() && github.event_name == 'pull_request' }}
    name: E2E
    runs-on: ubuntu-latest
    needs: [e2e]
    timeout-minutes: 5
    steps:
      - run: |
          e2e_result="${{ needs.e2e.result }}"
          [[ "$e2e_result" == "success" || "$e2e_result" == "skipped" ]]
--- a/.github/workflows/licensed.yml
+++ b/.github/workflows/licensed.yml
@@ -0,0 +1,147 @@
 # This workflow refreshes and checks dependency license records used in this
 # action with the help of the Licensed tool. If any licenses are invalid or
 # missing, this workflow will fail. See: https://github.com/licensee/licensed
 name: Licensed
 on:
  pull_request:
  push:
    branches:
      - main
    paths:
      - .github/workflows/licensed.yml
      - .licensed.yml
      - .licenses/**
      - bun.lock
      - package.json
  workflow_dispatch:
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 jobs:
  check-licenses:
    if: ${{ github.event_name != 'workflow_dispatch' }}
    name: Licensed
    runs-on: ubuntu-latest
    timeout-minutes: 15
    permissions:
      contents: read
      pull-requests: read
    steps:
      - name: Detect license inputs
        id: license-inputs
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
          REPOSITORY: ${{ github.repository }}
        run: |
          if [[ "${{ github.event_name }}" != "pull_request" ]]; then
            echo "changed=true" >> "$GITHUB_OUTPUT"
            exit 0
          fi
          gh api "repos/${REPOSITORY}/pulls/${PR_NUMBER}/files" --paginate --jq '.[].filename' > changed-files.txt
          if grep -Eq '^(\.github/workflows/licensed\.yml|\.licensed\.yml|\.licenses/.*|bun\.lock|package\.json)$' changed-files.txt; then
            echo "changed=true" >> "$GITHUB_OUTPUT"
          else
            echo "changed=false" >> "$GITHUB_OUTPUT"
          fi
      - name: Checkout
        id: checkout
        if: steps.license-inputs.outputs.changed == 'true'
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - name: Setup Bun
        id: setup-bun
        if: steps.license-inputs.outputs.changed == 'true'
        uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
        with:
          bun-version-file: .bun-version
      - name: Install Dependencies
        id: bun-install
        if: steps.license-inputs.outputs.changed == 'true'
        run: bun install --frozen-lockfile
      - name: Setup Ruby
        id: setup-ruby
        if: steps.license-inputs.outputs.changed == 'true'
        uses: ruby/setup-ruby@7372622e62b60b3cb750dcd2b9e32c247ffec26a # v1.302.0
        with:
          ruby-version: ruby
      - uses: licensee/setup-licensed@0d52e575b3258417672be0dff2f115d7db8771d8 # v1.3.2
        if: steps.license-inputs.outputs.changed == 'true'
        with:
          version: 4.x
          github_token: ${{ secrets.GITHUB_TOKEN }}
      - name: Refresh License Cache
        id: refresh-license-cache
        if: steps.license-inputs.outputs.changed == 'true'
        run: licensed cache
      - name: Check Licenses
        id: check-licenses
        if: steps.license-inputs.outputs.changed == 'true'
        run: licensed status
  update-licenses:
    if: ${{ github.event_name == 'workflow_dispatch' }}
    name: Update Licenses
    runs-on: ubuntu-latest
    timeout-minutes: 15
    permissions:
      contents: write
    steps:
      - name: Checkout
        id: checkout
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - name: Setup Bun
        id: setup-bun
        uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
        with:
          bun-version-file: .bun-version
      - name: Install Dependencies
        id: bun-install
        run: bun install --frozen-lockfile
      - name: Setup Ruby
        id: setup-ruby
        uses: ruby/setup-ruby@7372622e62b60b3cb750dcd2b9e32c247ffec26a # v1.302.0
        with:
          ruby-version: ruby
      - uses: licensee/setup-licensed@0d52e575b3258417672be0dff2f115d7db8771d8 # v1.3.2
        with:
          version: 4.x
          github_token: ${{ secrets.GITHUB_TOKEN }}
      - name: Update License Cache
        id: update-licenses
        run: licensed cache
      - name: Format License Files
        id: format-licenses
        run: bun x oxfmt --write .licensed.yml .licenses
      - name: Commit Licenses
        id: commit-licenses
        run: |
          git config --local user.email "licensed-ci@users.noreply.github.com"
          git config --local user.name "licensed-ci"
          git add .licenses .licensed.yml
          if git diff --cached --quiet; then
            echo "No license cache changes to commit."
            exit 0
          fi
          git commit -m "Auto-update license files"
          git push
--- a/.github/workflows/start.yml
+++ b/.github/workflows/start.yml
@@ -1,35 +0,0 @@
 name: CLI Start
 on:
  push:
    branches:
      - main
    tags:
      - 'v[0-9]+.[0-9]+.[0-9]+'
  schedule:
    # * is a special character in YAML so you have to quote this string
    - cron: '30 1,9 * * *'
  workflow_dispatch:
 defaults:
  run:
    shell: bash
 jobs:
  e2e: # make sure the action works on a clean machine without building
    runs-on: ubuntu-latest
    strategy:
      matrix:
        version:
          - 1.136.3
          - latest
        pg_major:
          - 14
          - 15
    steps:
      - uses: actions/checkout@v4
      - uses: ./
        with:
          version: ${{ matrix.version }}
      - run: supabase init
      - run: sed -i -E "s|^(major_version) .*|\1 = ${{ matrix.pg_major }}|" supabase/config.toml
      - run: supabase start
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -1,38 +0,0 @@
 name: 'build-test'
 on: # rebuild any PRs and main branch changes
  pull_request:
  push:
    branches:
      - main
 defaults:
  run:
    shell: bash
 jobs:
  build: # make sure build/ci work properly
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - run: npm install
      - run: npm run all
  test: # make sure the action works on a clean machine without building
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [macos-latest, windows-latest, ubuntu-latest]
        version: [1.0.0, latest]
    steps:
      - uses: actions/checkout@v4
      - uses: ./
        with:
          version: ${{ matrix.version }}
      - run: supabase -h
  check:
    if: ${{ always() && github.event.pull_request }}
    runs-on: ubuntu-latest
    needs: [test]
    steps:
      - run: |
          result="${{ needs.test.result }}"
          [[ $result == "success" || $result == "skipped" ]]
--- a/.gitignore
+++ b/.gitignore
@@ -1,7 +1,6 @@
 # Dependency directory
 node_modules
-
+bun.lockb
 # Rest pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
 # Logs
 logs
 *.log
@@ -96,4 +95,7 @@ Thumbs.db
 # Ignore built ts files
 __tests__/runner/*
-lib/**/*
+
 # IDE files
 .idea
 *.code-workspace
--- a/.licensed.yml
+++ b/.licensed.yml
@@ -0,0 +1,16 @@
 # See: https://github.com/licensee/licensed/blob/main/docs/configuration.md
 sources:
  npm: true
 allowed:
  - apache-2.0
  - bsd-2-clause
  - bsd-3-clause
  - isc
  - mit
  - cc0-1.0
  - other
 ignored:
  npm: []
--- a/.licenses/npm/@actions/core.dep.yml
+++ b/.licenses/npm/@actions/core.dep.yml
@@ -0,0 +1,20 @@
 ---
 name: "@actions/core"
 version: 3.0.0
 type: npm
 summary: Actions core lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/core
 license: mit
 licenses:
  - sources: LICENSE.md
    text: |-
      The MIT License (MIT)
      Copyright 2019 GitHub
      Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
      The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
      THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 notices: []
--- a/.licenses/npm/@actions/exec.dep.yml
+++ b/.licenses/npm/@actions/exec.dep.yml
@@ -0,0 +1,20 @@
 ---
 name: "@actions/exec"
 version: 3.0.0
 type: npm
 summary: Actions exec lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/exec
 license: mit
 licenses:
  - sources: LICENSE.md
    text: |-
      The MIT License (MIT)
      Copyright 2019 GitHub
      Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
      The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
      THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 notices: []
--- a/.licenses/npm/@actions/http-client.dep.yml
+++ b/.licenses/npm/@actions/http-client.dep.yml
@@ -0,0 +1,32 @@
 ---
 name: "@actions/http-client"
 version: 4.0.0
 type: npm
 summary: Actions Http Client
 homepage: https://github.com/actions/toolkit/tree/main/packages/http-client
 license: other
 licenses:
  - sources: LICENSE
    text: |
      Actions Http Client for Node.js
      Copyright (c) GitHub, Inc.
      All rights reserved.
      MIT License
      Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
      associated documentation files (the "Software"), to deal in the Software without restriction,
      including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
      and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so,
      subject to the following conditions:
      The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
      THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
      LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
      NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
      WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
      SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 notices: []
--- a/.licenses/npm/@actions/io.dep.yml
+++ b/.licenses/npm/@actions/io.dep.yml
@@ -0,0 +1,20 @@
 ---
 name: "@actions/io"
 version: 3.0.2
 type: npm
 summary: Actions io lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/io
 license: mit
 licenses:
  - sources: LICENSE.md
    text: |-
      The MIT License (MIT)
      Copyright 2019 GitHub
      Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
      The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
      THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 notices: []
--- a/.licenses/npm/@actions/tool-cache.dep.yml
+++ b/.licenses/npm/@actions/tool-cache.dep.yml
@@ -0,0 +1,20 @@
 ---
 name: "@actions/tool-cache"
 version: 4.0.0
 type: npm
 summary: Actions tool-cache lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/tool-cache
 license: mit
 licenses:
  - sources: LICENSE.md
    text: |-
      The MIT License (MIT)
      Copyright 2019 GitHub
      Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
      The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
      THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 notices: []
--- a/.licenses/npm/semver.dep.yml
+++ b/.licenses/npm/semver.dep.yml
@@ -0,0 +1,26 @@
 ---
 name: semver
 version: 7.7.4
 type: npm
 summary: The semantic version parser used by npm.
 homepage:
 license: isc
 licenses:
  - sources: LICENSE
    text: |
      The ISC License
      Copyright (c) Isaac Z. Schlueter and Contributors
      Permission to use, copy, modify, and/or distribute this software for any
      purpose with or without fee is hereby granted, provided that the above
      copyright notice and this permission notice appear in all copies.
      THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
      WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
      MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
      ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
      WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
      ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
      IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 notices: []
--- a/.licenses/npm/tunnel.dep.yml
+++ b/.licenses/npm/tunnel.dep.yml
@@ -0,0 +1,35 @@
 ---
 name: tunnel
 version: 0.0.6
 type: npm
 summary: Node HTTP/HTTPS Agents for tunneling proxies
 homepage: https://github.com/koichik/node-tunnel/
 license: mit
 licenses:
  - sources: LICENSE
    text: |
      The MIT License (MIT)
      Copyright (c) 2012 Koichi Kobayashi
      Permission is hereby granted, free of charge, to any person obtaining a copy
      of this software and associated documentation files (the "Software"), to deal
      in the Software without restriction, including without limitation the rights
      to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
      copies of the Software, and to permit persons to whom the Software is
      furnished to do so, subject to the following conditions:
      The above copyright notice and this permission notice shall be included in
      all copies or substantial portions of the Software.
      THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
      IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
      FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
      AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
      LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
      OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
      THE SOFTWARE.
  - sources: README.md
    text: Licensed under the [MIT](https://github.com/koichik/node-tunnel/blob/master/LICENSE)
      license.
 notices: []
--- a/.licenses/npm/undici.dep.yml
+++ b/.licenses/npm/undici.dep.yml
@@ -0,0 +1,34 @@
 ---
 name: undici
 version: 6.24.1
 type: npm
 summary: An HTTP/1.1 client, written from scratch for Node.js
 homepage: https://undici.nodejs.org
 license: mit
 licenses:
  - sources: LICENSE
    text: |
      MIT License
      Copyright (c) Matteo Collina and Undici contributors
      Permission is hereby granted, free of charge, to any person obtaining a copy
      of this software and associated documentation files (the "Software"), to deal
      in the Software without restriction, including without limitation the rights
      to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
      copies of the Software, and to permit persons to whom the Software is
      furnished to do so, subject to the following conditions:
      The above copyright notice and this permission notice shall be included in all
      copies or substantial portions of the Software.
      THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
      IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
      FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
      AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
      LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
      OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
      SOFTWARE.
  - sources: README.md
    text: MIT
 notices: []
--- a/.prettierignore
+++ b/.prettierignore
@@ -1,3 +0,0 @@
 dist/
 lib/
 node_modules/
--- a/.prettierrc.json
+++ b/.prettierrc.json
@@ -1,10 +0,0 @@
 {
  "printWidth": 80,
  "tabWidth": 2,
  "useTabs": false,
  "semi": false,
  "singleQuote": true,
  "trailingComma": "none",
  "bracketSpacing": false,
  "arrowParens": "avoid"
 }
--- a/1
+++ b/1
@@ -1 +0,0 @@
 * @soedirgo @sweatybridge
--- a/README.md
+++ b/README.md
@@ -1,13 +1,22 @@
 # :gear: Supabase CLI Action
-![](https://github.com/supabase/setup-cli/workflows/build-test/badge.svg)
+[![CI](https://github.com/supabase/setup-cli/actions/workflows/ci.yml/badge.svg)](https://github.com/supabase/setup-cli/actions/workflows/ci.yml)
-![](https://github.com/supabase/setup-cli/workflows/CodeQL/badge.svg)
+[![E2E](https://github.com/supabase/setup-cli/actions/workflows/e2e.yml/badge.svg)](https://github.com/supabase/setup-cli/actions/workflows/e2e.yml)
 [![CodeQL](https://github.com/supabase/setup-cli/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/supabase/setup-cli/actions/workflows/codeql-analysis.yml)
 ## About
-This action sets up the Supabase CLI, [`supabase`](https://github.com/supabase/cli), on GitHub's hosted Actions runners. Other CI runners like [BitBucket](https://bitbucket.org/supabase-cli/setup-cli/src/master/bitbucket-pipelines.yml) and [GitLab](https://gitlab.com/sweatybridge/setup-cli/-/blob/main/.gitlab-ci.yml) are supported via their respective pipelines.
+This composite action sets up the Supabase CLI,
 [`supabase`](https://github.com/supabase/cli), on GitHub's hosted Actions
 runners. Other CI runners like
 [Bitbucket](https://bitbucket.org/supabase-cli/setup-cli/src/master/bitbucket-pipelines.yml)
 and
 [GitLab](https://gitlab.com/sweatybridge/setup-cli/-/blob/main/.gitlab-ci.yml)
 are supported via their respective pipelines.
-This action can be run on `ubuntu-latest`, `windows-latest`, and `macos-latest` GitHub Actions runners, and will install and expose a specified version of the `supabase` CLI on the runner environment.
+This action can be run on `ubuntu-latest`, `windows-latest`, and `macos-latest`
 GitHub Actions runners, and will install and expose a specified version of the
 `supabase` CLI on the runner environment.
 ## Usage
@@ -15,38 +24,45 @@ Setup the `supabase` CLI:
 ```yaml
 steps:
-  - uses: supabase/setup-cli@v1
+  - uses: supabase/setup-cli@v2
 ```
 If `version` is omitted, the action checks the repository root for `bun.lock`,
 `pnpm-lock.yaml`, or `package-lock.json` and uses the declared `supabase`
 version. If no supported lockfile is present, it falls back to `latest`.
 A specific version of the `supabase` CLI can be installed:
 ```yaml
 steps:
-  - uses: supabase/setup-cli@v1
+  - uses: supabase/setup-cli@v2
    with:
-      version: 1.136.3
+      version: 2.84.2
 ```
 Run `supabase db start` to execute all migrations on a fresh database:
 ```yaml
 steps:
-  - uses: supabase/setup-cli@v1
+  - uses: supabase/setup-cli@v2
    with:
      version: latest
      github-token: ${{ github.token }}
  - run: supabase init
  - run: supabase db start
 ```
-Since Supabase CLI relies on Docker Engine API, additional setup may be required on Windows and macOS runners.
+Since Supabase CLI relies on Docker Engine API, additional setup may be required
 on Windows and macOS runners.
 ## Inputs
-The actions supports the following inputs:
+The action supports the following inputs:
-| Name      | Type   | Description                        | Default   | Required |
+| Name           | Type   | Description                                                                | Default                           | Required |
-| --------- | ------ | ---------------------------------- | --------- | -------- |
+| -------------- | ------ | -------------------------------------------------------------------------- | --------------------------------- | -------- |
-| `version` | String | Supabase CLI version (or `latest`) | `1.136.3` | false    |
+| `version`      | String | Supabase CLI version (or `latest`)                                         | Root lockfile version or `latest` | false    |
 | `github-token` | String | GitHub token used to resolve `latest` without unauthenticated API limiting |                                   | false    |
 ## Advanced Usage
@@ -54,7 +70,7 @@ Check generated TypeScript types are up-to-date with Postgres schema:
 ```yaml
 steps:
-  - uses: supabase/setup-cli@v1
+  - uses: supabase/setup-cli@v2
  - run: supabase init
  - run: supabase db start
  - name: Verify generated types match Postgres schema
@@ -76,59 +92,82 @@ env:
  # Retrieve <project-id> from dashboard url: https://app.supabase.com/project/<project-id>
  PROJECT_ID: <project-id>
- steps:
+steps:
-   - uses: supabase/setup-cli@v1
+  - uses: supabase/setup-cli@v2
-   - run: supabase link --project-ref $PROJECT_ID
+  - run: supabase link --project-ref $PROJECT_ID
-   - run: supabase db push
+  - run: supabase db push
 ```
 Export local Supabase env vars for app tests:
 ```yaml
 steps:
  - uses: supabase/setup-cli@v2
  - run: supabase init
  - run: supabase start
  - name: Export local Supabase env vars
    run: |
      # Customize the variable names as needed for your app.
      supabase status -o env \
        --override-name api.url=SUPABASE_URL \
        --override-name auth.service_role_key=SUPABASE_SERVICE_ROLE_KEY \
        >> .env.test
  - run: bun test
 ```
 ## Develop
-> Requires `node >= 16`
+After you've cloned the repository to your local machine or codespace, you'll
 need to perform a few setup steps before you can work on the action.
-Install the dependencies
+> [!NOTE]
 >
 > You'll need a recent version of [Bun](https://bun.sh) for local development.
 > This repository includes a `.bun-version` file for tools that can auto-switch
 > Bun versions.
-```bash
+1. :hammer_and_wrench: Install the dependencies
 $ npm install
 ```
-Build the typescript and package it for distribution
+   ```bash
   bun install
   ```
-```bash
+1. :white_check_mark: Run the tests
 $ npm run build && npm run package
 ```
-Run the tests :heavy_check_mark:
+   ```bash
   bun test
   ```
-```bash
+1. :mag: Run the full local CI suite
 $ npm test
- PASS  __tests__/main.test.ts
+   ```bash
-  ✓ gets download url to binary (3 ms)
+   bun run ci
-  ✓ test runs (891 ms)
+   ```
-...
+## Publish
 ```
 ## Publish to a distribution branch
 Actions are run from GitHub repos so we will checkin the packed dist folder.
 1. Create a new GitHub release
-2. Rebase `v1` branch on `main`
+2. Rebase `v2` branch on `main`
 Your action is now published! :rocket:
-See the [versioning documentation](https://github.com/actions/toolkit/blob/master/docs/action-versioning.md)
+See the
 [versioning documentation](https://github.com/actions/toolkit/blob/master/docs/action-versioning.md)
 ## Validate
-You can now validate the action by referencing `./` in a workflow in your repo (see [test.yml](.github/workflows/test.yml))
+Validate changes by exercising the action from a workflow in this repository
 (see [ci.yml](.github/workflows/ci.yml) and [e2e.yml](.github/workflows/e2e.yml)).
 ```yaml
-uses: ./
+steps:
-with:
+  - uses: ./
-  version: latest
+    with:
      version: latest
      github-token: ${{ github.token }}
 ```
-See the [actions tab](https://github.com/actions/typescript-action/actions) for runs of this action! :rocket:
+The CI workflow provides fast smoke coverage across GitHub-hosted runners, and
 the E2E workflow verifies `supabase init` and `supabase start` against supported
 Postgres versions. See the [actions tab](https://github.com/supabase/setup-cli/actions)
 for recent runs.
--- a/tests/main.test.ts
+++ b/tests/main.test.ts
@@ -1,55 +0,0 @@
 import {getDownloadUrl} from '../src/utils'
 import {CLI_CONFIG_REGISTRY} from '../src/main'
 import * as os from 'os'
 import * as process from 'process'
 import * as cp from 'child_process'
 import * as path from 'path'
 import * as fs from 'fs'
 import * as yaml from 'js-yaml'
 import {expect, test} from '@jest/globals'
 test('gets download url to binary', async () => {
  const url = await getDownloadUrl('1.28.0')
  expect(
    url.startsWith(
      'https://github.com/supabase/cli/releases/download/v1.28.0/supabase_'
    )
  ).toBeTruthy()
  expect(url.endsWith('.tar.gz')).toBeTruthy()
  expect(url).not.toContain('_1.28.0_')
 })
 test('gets legacy download url to binary', async () => {
  const url = await getDownloadUrl('0.1.0')
  expect(
    url.startsWith(
      `https://github.com/supabase/cli/releases/download/v0.1.0/supabase_0.1.0_`
    )
  ).toBeTruthy()
  expect(url.endsWith('.tar.gz')).toBeTruthy()
 })
 test('gets download url to latest version', async () => {
  const url = await getDownloadUrl('latest')
  expect(url).toMatch(
    'https://github.com/supabase/cli/releases/latest/download/'
  )
 })
 // shows how the runner will run a javascript action with env / stdout protocol
 test('test runs', () => {
  process.env['RUNNER_TEMP'] = os.tmpdir()
  const config = path.join(__dirname, '..', 'action.yml')
  const action: any = yaml.load(fs.readFileSync(config, 'utf8'))
  process.env['INPUT_VERSION'] = action.inputs.version.default
  const np = process.execPath
  const ip = path.join(__dirname, '..', 'lib', 'main.js')
  const options: cp.ExecFileSyncOptions = {
    env: process.env
  }
  const stdout = cp.execFileSync(np, [ip], options).toString()
  console.log(stdout)
  expect
    .stringContaining(`::set-env name=${CLI_CONFIG_REGISTRY}::`)
    .asymmetricMatch(stdout)
 })
--- a/action.yml
+++ b/action.yml
@@ -3,12 +3,69 @@ description: Setup Supabase CLI, supabase, on GitHub Actions runners
 author: Supabase
 inputs:
  version:
-    description: Version of Supabase CLI to install
+    description: Version of Supabase CLI to install. If omitted, detect from the root lockfile and otherwise use latest.
    required: false
  github-token:
    description: GitHub token used to resolve the latest Supabase CLI release without hitting unauthenticated API limits.
    required: false
    default: 1.136.3
 outputs:
  version:
    description: Version of installed Supabase CLI
    value: ${{ steps.setup-cli.outputs.version }}
 runs:
-  using: node20
+  using: composite
-  main: dist/index.js
+  steps:
    - id: bun-download
      name: Resolve Bun Download URL
      shell: sh
      working-directory: ${{ github.action_path }}
      run: |
        set -eu
        if [ "${RUNNER_OS}" != "Linux" ]; then
          exit 0
        fi
        # setup-bun does not detect Linux musl yet, so Alpine-like containers need the musl asset explicitly.
        is_musl=false
        if [ -f /etc/alpine-release ]; then
          is_musl=true
        elif command -v ldd >/dev/null 2>&1 && ldd --version 2>&1 | grep -qi musl; then
          is_musl=true
        fi
        if [ "${is_musl}" != "true" ]; then
          exit 0
        fi
        version="$(cat .bun-version)"
        case "$(uname -m)" in
          x86_64) arch="x64" ;;
          aarch64|arm64) arch="aarch64" ;;
          *)
            echo "Unsupported Linux musl architecture: $(uname -m)" >&2
            exit 1
            ;;
        esac
        echo "url=https://github.com/oven-sh/bun/releases/download/bun-v${version}/bun-linux-${arch}-musl.zip" >> "$GITHUB_OUTPUT"
    - name: Setup Bun
      uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
      with:
        bun-version-file: ${{ github.action_path }}/.bun-version
        bun-download-url: ${{ steps.bun-download.outputs.url }}
    - name: Install Action Dependencies
      shell: sh
      working-directory: ${{ github.action_path }}
      run: bun install --frozen-lockfile --production
    - id: setup-cli
      name: Setup Supabase CLI
      shell: sh
      working-directory: ${{ github.action_path }}
      env:
        INPUT_VERSION: ${{ inputs.version }}
        SUPABASE_CLI_GITHUB_TOKEN: ${{ inputs.github-token }}
      run: bun src/main.ts
--- a/bun.lock
+++ b/bun.lock
@@ -0,0 +1,162 @@
 {
  "lockfileVersion": 1,
  "configVersion": 1,
  "workspaces": {
    "": {
      "name": "setup-cli",
      "dependencies": {
        "@actions/core": "^3.0.1",
        "@actions/tool-cache": "^4.0.0",
      },
      "devDependencies": {
        "@tsconfig/bun": "^1.0.10",
        "@types/bun": "^1.3.13",
        "@typescript/native-preview": "^7.0.0-dev.20260410.1",
        "oxfmt": "^0.46.0",
        "oxlint": "^1.61.0",
        "oxlint-tsgolint": "^0.21.1",
      },
    },
  },
  "packages": {
    "@actions/core": ["@actions/core@3.0.1", "", { "dependencies": { "@actions/exec": "^3.0.0", "@actions/http-client": "^4.0.0" } }, "sha512-a6d/Nwahm9fliVGRhdhofo40HjHQasUPusmc7vBfyky+7Z+P2A1J68zyFVaNcEclc/Se+eO595oAr5nwEIoIUA=="],
    "@actions/exec": ["@actions/exec@3.0.0", "", { "dependencies": { "@actions/io": "^3.0.2" } }, "sha512-6xH/puSoNBXb72VPlZVm7vQ+svQpFyA96qdDBvhB8eNZOE8LtPf9L4oAsfzK/crCL8YZ+19fKYVnM63Sl+Xzlw=="],
    "@actions/http-client": ["@actions/http-client@4.0.0", "", { "dependencies": { "tunnel": "^0.0.6", "undici": "^6.23.0" } }, "sha512-QuwPsgVMsD6qaPD57GLZi9sqzAZCtiJT8kVBCDpLtxhL5MydQ4gS+DrejtZZPdIYyB1e95uCK9Luyds7ybHI3g=="],
    "@actions/io": ["@actions/io@3.0.2", "", {}, "sha512-nRBchcMM+QK1pdjO7/idu86rbJI5YHUKCvKs0KxnSYbVe3F51UfGxuZX4Qy/fWlp6l7gWFwIkrOzN+oUK03kfw=="],
    "@actions/tool-cache": ["@actions/tool-cache@4.0.0", "", { "dependencies": { "@actions/core": "^3.0.0", "@actions/exec": "^3.0.0", "@actions/http-client": "^4.0.0", "@actions/io": "^3.0.0", "semver": "^7.7.3" } }, "sha512-L8P9HbXvpvqjZDveb/fdsa55IVC0trfPgQ4ZwGo6r5af6YDVdM9vMGPZ7rgY2fAT9gGj4PSYd6bYlg3p3jD78A=="],
    "@oxfmt/binding-android-arm-eabi": ["@oxfmt/binding-android-arm-eabi@0.46.0", "", { "os": "android", "cpu": "arm" }, "sha512-b1doV4WRcJU+BESSlCvCjV+5CEr/T6h0frArAdV26Nir+gGNFNaylvDiiMPfF1pxeV0txZEs38ojzJaxBYg+ng=="],
    "@oxfmt/binding-android-arm64": ["@oxfmt/binding-android-arm64@0.46.0", "", { "os": "android", "cpu": "arm64" }, "sha512-v6+HhjsoV3GO0u2u9jLSAZrvWfTraDxKofUIQ7/ktS7tzS+epVsxdHmeM+XxuNcAY/nWxxU1Sg4JcGTNRXraBA=="],
    "@oxfmt/binding-darwin-arm64": ["@oxfmt/binding-darwin-arm64@0.46.0", "", { "os": "darwin", "cpu": "arm64" }, "sha512-3eeooJGrqGIlI5MyryDZsAcKXSmKIgAD4yYtfRrRJzXZ0UTFZtiSveIur56YPrGMYZwT4XyVhHsMqrNwr1XeFA=="],
    "@oxfmt/binding-darwin-x64": ["@oxfmt/binding-darwin-x64@0.46.0", "", { "os": "darwin", "cpu": "x64" }, "sha512-QG8BDM0CXWbu84k2SKmCqfEddPQPFiBicwtYnLqHRWZZl57HbtOLRMac/KTq2NO4AEc4ICCBpFxJIV9zcqYfkQ=="],
    "@oxfmt/binding-freebsd-x64": ["@oxfmt/binding-freebsd-x64@0.46.0", "", { "os": "freebsd", "cpu": "x64" }, "sha512-9DdCqS/n2ncu/Chazvt3cpgAjAmIGQDz7hFKSrNItMApyV/Ja9mz3hD4JakIE3nS8PW9smEbPWnb389QLBY4nw=="],
    "@oxfmt/binding-linux-arm-gnueabihf": ["@oxfmt/binding-linux-arm-gnueabihf@0.46.0", "", { "os": "linux", "cpu": "arm" }, "sha512-Dgs7VeE2jT0LHMhw6tPEt0xQYe54kBqHEovmWsv4FVQlegCOvlIJNx0S8n4vj8WUtpT+Z6BD2HhKJPLglLxvZg=="],
    "@oxfmt/binding-linux-arm-musleabihf": ["@oxfmt/binding-linux-arm-musleabihf@0.46.0", "", { "os": "linux", "cpu": "arm" }, "sha512-Zxn3adhTH13JKnU4xXJj8FeEfF680XjXh3gSShKl57HCMBRde2tUJTgogV/1MSHA80PJEVrDa7r66TLVq3Ia7Q=="],
    "@oxfmt/binding-linux-arm64-gnu": ["@oxfmt/binding-linux-arm64-gnu@0.46.0", "", { "os": "linux", "cpu": "arm64" }, "sha512-+TWipjrgVM8D7aIdDD0tlr3teLTTvQTn7QTE5BpT10H1Fj82gfdn9X6nn2sDgx/MepuSCfSnzFNJq2paLL0OiA=="],
    "@oxfmt/binding-linux-arm64-musl": ["@oxfmt/binding-linux-arm64-musl@0.46.0", "", { "os": "linux", "cpu": "arm64" }, "sha512-aAUPBWJ1lGwwnxZUEDLJ94+Iy6MuwJwPxUgO4sCA5mEEyDk7b+cDQ+JpX1VR150Zoyd+D49gsrUzpUK5h587Eg=="],
    "@oxfmt/binding-linux-ppc64-gnu": ["@oxfmt/binding-linux-ppc64-gnu@0.46.0", "", { "os": "linux", "cpu": "ppc64" }, "sha512-ufBCJukyFX/UDrokP/r6BGDoTInnsDs7bxyzKAgMiZlt2Qu8GPJSJ6Zm6whIiJzKk0naxA8ilwmbO1LMw6Htxw=="],
    "@oxfmt/binding-linux-riscv64-gnu": ["@oxfmt/binding-linux-riscv64-gnu@0.46.0", "", { "os": "linux", "cpu": "none" }, "sha512-eqtlC2YmPqjun76R1gVfGLuKWx7NuEnLEAudZ7n6ipSKbCZTqIKSs1b5Y8K/JHZsRpLkeSmAAjig5HOIg8fQzQ=="],
    "@oxfmt/binding-linux-riscv64-musl": ["@oxfmt/binding-linux-riscv64-musl@0.46.0", "", { "os": "linux", "cpu": "none" }, "sha512-yccVOO2nMXkQLGgy0He3EQEwKD7NF0zEk+/OWmroznkqXyJdN6bfK0LtNnr6/14Bh3FjpYq7bP33l/VloCnxpA=="],
    "@oxfmt/binding-linux-s390x-gnu": ["@oxfmt/binding-linux-s390x-gnu@0.46.0", "", { "os": "linux", "cpu": "s390x" }, "sha512-aAf7fG23OQCey6VRPj9IeCraoYtpgtx0ZyJ1CXkPyT1wjzBE7c3xtuxHe/AdHaJfVVb/SXpSk8Gl1LzyQupSqw=="],
    "@oxfmt/binding-linux-x64-gnu": ["@oxfmt/binding-linux-x64-gnu@0.46.0", "", { "os": "linux", "cpu": "x64" }, "sha512-q0JPsTMyJNjYrBvYFDz4WbVsafNZaPCZv4RnFypRotLqpKROtBZcEaXQW4eb9YmvLU3NckVemLJnzkSZSdmOxw=="],
    "@oxfmt/binding-linux-x64-musl": ["@oxfmt/binding-linux-x64-musl@0.46.0", "", { "os": "linux", "cpu": "x64" }, "sha512-7LsLY9Cw57GPkhSR+duI3mt9baRczK/DtHYSldQ4BEU92da9igBQNl4z7Vq5U9NNPsh1FmpKvv1q9WDtiUQR1A=="],
    "@oxfmt/binding-openharmony-arm64": ["@oxfmt/binding-openharmony-arm64@0.46.0", "", { "os": "none", "cpu": "arm64" }, "sha512-lHiBOz8Duaku7JtRNLlps3j++eOaICPZSd8FCVmTDM4DFOPT71Bjn7g6iar1z7StXlKRweUKxWUs4sA+zWGDXg=="],
    "@oxfmt/binding-win32-arm64-msvc": ["@oxfmt/binding-win32-arm64-msvc@0.46.0", "", { "os": "win32", "cpu": "arm64" }, "sha512-/5ktYUliP89RhgC37DBH1x20U5zPSZMy3cMEcO0j3793rbHP9MWsknBwQB6eozRzWmYrh0IFM/p20EbPvDlYlg=="],
    "@oxfmt/binding-win32-ia32-msvc": ["@oxfmt/binding-win32-ia32-msvc@0.46.0", "", { "os": "win32", "cpu": "ia32" }, "sha512-3WTnoiuIr8XvV0DIY7SN+1uJSwKf4sPpcbHfobcRT9JutGcLaef/miyBB87jxd3aqH+mS0+G5lsgHuXLUwjjpQ=="],
    "@oxfmt/binding-win32-x64-msvc": ["@oxfmt/binding-win32-x64-msvc@0.46.0", "", { "os": "win32", "cpu": "x64" }, "sha512-IXxiQpkYnOwNfP23vzwSfhdpxJzyiPTY7eTn6dn3DsriKddESzM8i6kfq9R7CD/PUJwCvQT22NgtygBeug3KoA=="],
    "@oxlint-tsgolint/darwin-arm64": ["@oxlint-tsgolint/darwin-arm64@0.21.1", "", { "os": "darwin", "cpu": "arm64" }, "sha512-7TLjyWe4wG9saJc992VWmaHq2hwKfOEEVTjheReXJXaDhavMZI4X9a6nKhbEng4IVkYtzjD2jw16vw2WFXLYLw=="],
    "@oxlint-tsgolint/darwin-x64": ["@oxlint-tsgolint/darwin-x64@0.21.1", "", { "os": "darwin", "cpu": "x64" }, "sha512-7wf9Wf75nTzA7zpL9myhFe2RKvfuqGUOADNvUooCjEWvh7hmPz3lSEqTMh5Z/VQhzsG04mM9ACyghxhRzq7zFw=="],
    "@oxlint-tsgolint/linux-arm64": ["@oxlint-tsgolint/linux-arm64@0.21.1", "", { "os": "linux", "cpu": "arm64" }, "sha512-IPuQN/Vd0Rjklg/cCGBbQyUuRBp2f6LQXpZYwk5ivOR6V/+CgiYsv8pn/PVY7gjeyoNvPQrXB7xMjHUO2YZbdw=="],
    "@oxlint-tsgolint/linux-x64": ["@oxlint-tsgolint/linux-x64@0.21.1", "", { "os": "linux", "cpu": "x64" }, "sha512-d1niGuTbh2qiv7dR7tqkbOcM5cIR63of0lMBFdEQavL1KrJV8zuRdwdi68K7MNGdgoR+J5A9ajpGGvsHwp1bPg=="],
    "@oxlint-tsgolint/win32-arm64": ["@oxlint-tsgolint/win32-arm64@0.21.1", "", { "os": "win32", "cpu": "arm64" }, "sha512-ICu9y2JLnFPvFqstnWPPNqBM8LK8BWw2OTeaR0UgEMm4hOSbrZAKv1/hwZYyiLqnCNjBL87AGSQIgTHCYlsipw=="],
    "@oxlint-tsgolint/win32-x64": ["@oxlint-tsgolint/win32-x64@0.21.1", "", { "os": "win32", "cpu": "x64" }, "sha512-cTEFCFjCj6iXfrSHcvajSPNqhEA4TxSzU3gFxbdGSAUTNXGToU99IbdhWAPSbhcucoym0XE4Zl7E41NiSkNTug=="],
    "@oxlint/binding-android-arm-eabi": ["@oxlint/binding-android-arm-eabi@1.61.0", "", { "os": "android", "cpu": "arm" }, "sha512-6eZBPgiigK5txqoVgRqxbaxiom4lM8AP8CyKPPvpzKnQ3iFRFOIDc+0AapF+qsUSwjOzr5SGk4SxQDpQhkSJMQ=="],
    "@oxlint/binding-android-arm64": ["@oxlint/binding-android-arm64@1.61.0", "", { "os": "android", "cpu": "arm64" }, "sha512-CkwLR69MUnyv5wjzebvbbtTSUwqLxM35CXE79bHqDIK+NtKmPEUpStTcLQRZMCo4MP0qRT6TXIQVpK0ZVScnMA=="],
    "@oxlint/binding-darwin-arm64": ["@oxlint/binding-darwin-arm64@1.61.0", "", { "os": "darwin", "cpu": "arm64" }, "sha512-8JbefTkbmvqkqWjmQrHke+MdpgT2UghhD/ktM4FOQSpGeCgbMToJEKdl9zwhr/YWTl92i4QI1KiTwVExpcUN8A=="],
    "@oxlint/binding-darwin-x64": ["@oxlint/binding-darwin-x64@1.61.0", "", { "os": "darwin", "cpu": "x64" }, "sha512-uWpoxDT47hTnDLcdEh5jVbso8rlTTu5o0zuqa9J8E0JAKmIWn7kGFEIB03Pycn2hd2vKxybPGLhjURy/9We5FQ=="],
    "@oxlint/binding-freebsd-x64": ["@oxlint/binding-freebsd-x64@1.61.0", "", { "os": "freebsd", "cpu": "x64" }, "sha512-K/o4hEyW7flfMel0iBVznmMBt7VIMHGdjADocHKpK1DUF9erpWnJ+BSSWd2W0c8K3mPtpph+CuHzRU6CI3l9jQ=="],
    "@oxlint/binding-linux-arm-gnueabihf": ["@oxlint/binding-linux-arm-gnueabihf@1.61.0", "", { "os": "linux", "cpu": "arm" }, "sha512-P6040ZkcyweJ0Po9yEFqJCdvZnf3VNCGs1SIHgXDf8AAQNC6ID/heXQs9iSgo2FH7gKaKq32VWc59XZwL34C5Q=="],
    "@oxlint/binding-linux-arm-musleabihf": ["@oxlint/binding-linux-arm-musleabihf@1.61.0", "", { "os": "linux", "cpu": "arm" }, "sha512-bwxrGCzTZkuB+THv2TQ1aTkVEfv5oz8sl+0XZZCpoYzErJD8OhPQOTA0ENPd1zJz8QsVdSzSrS2umKtPq4/JXg=="],
    "@oxlint/binding-linux-arm64-gnu": ["@oxlint/binding-linux-arm64-gnu@1.61.0", "", { "os": "linux", "cpu": "arm64" }, "sha512-vkhb9/wKguMkLlrm3FoJW/Xmdv31GgYAE+x8lxxQ+7HeOxXUySI0q36a3NTVIuQUdLzxCI1zzMGsk1o37FOe3w=="],
    "@oxlint/binding-linux-arm64-musl": ["@oxlint/binding-linux-arm64-musl@1.61.0", "", { "os": "linux", "cpu": "arm64" }, "sha512-bl1dQh8LnVqsj6oOQAcxwbuOmNJkwc4p6o//HTBZhNTzJy21TLDwAviMqUFNUxDHkPGpmdKTSN4tWTjLryP8xg=="],
    "@oxlint/binding-linux-ppc64-gnu": ["@oxlint/binding-linux-ppc64-gnu@1.61.0", "", { "os": "linux", "cpu": "ppc64" }, "sha512-QoOX6KB2IiEpyOj/HKqaxi+NQHPnOgNgnr22n9N4ANJCzXkUlj1UmeAbFb4PpqdlHIzvGDM5xZ0OKtcLq9RhiQ=="],
    "@oxlint/binding-linux-riscv64-gnu": ["@oxlint/binding-linux-riscv64-gnu@1.61.0", "", { "os": "linux", "cpu": "none" }, "sha512-1TGcTerjY6p152wCof3oKElccq3xHljS/Mucp04gV/4ATpP6nO7YNnp7opEg6SHkv2a57/b4b8Ndm9znJ1/qAw=="],
    "@oxlint/binding-linux-riscv64-musl": ["@oxlint/binding-linux-riscv64-musl@1.61.0", "", { "os": "linux", "cpu": "none" }, "sha512-65wXEmZIrX2ADwC8i/qFL4EWLSbeuBpAm3suuX1vu4IQkKd+wLT/HU/BOl84kp91u2SxPkPDyQgu4yrqp8vwVA=="],
    "@oxlint/binding-linux-s390x-gnu": ["@oxlint/binding-linux-s390x-gnu@1.61.0", "", { "os": "linux", "cpu": "s390x" }, "sha512-TVvhgMvor7Qa6COeXxCJ7ENOM+lcAOGsQ0iUdPSCv2hxb9qSHLQ4XF1h50S6RE1gBOJ0WV3rNukg4JJJP1LWRA=="],
    "@oxlint/binding-linux-x64-gnu": ["@oxlint/binding-linux-x64-gnu@1.61.0", "", { "os": "linux", "cpu": "x64" }, "sha512-SjpS5uYuFoDnDdZPwZE59ndF95AsY47R5MliuneTWR1pDm2CxGJaYXbKULI71t5TVfLQUWmrHEGRL9xvuq6dnA=="],
    "@oxlint/binding-linux-x64-musl": ["@oxlint/binding-linux-x64-musl@1.61.0", "", { "os": "linux", "cpu": "x64" }, "sha512-gGfAeGD4sNJGILZbc/yKcIimO9wQnPMoYp9swAaKeEtwsSQAbU+rsdQze5SBtIP6j0QDzeYd4XSSUCRCF+LIeQ=="],
    "@oxlint/binding-openharmony-arm64": ["@oxlint/binding-openharmony-arm64@1.61.0", "", { "os": "none", "cpu": "arm64" }, "sha512-OlVT0LrG/ct33EVtWRyR+B/othwmDWeRxfi13wUdPeb3lAT5TgTcFDcfLfarZtzB4W1nWF/zICMgYdkggX2WmQ=="],
    "@oxlint/binding-win32-arm64-msvc": ["@oxlint/binding-win32-arm64-msvc@1.61.0", "", { "os": "win32", "cpu": "arm64" }, "sha512-vI//NZPJk6DToiovPtaiwD4iQ7kO1r5ReWQD0sOOyKRtP3E2f6jxin4uvwi3OvDzHA2EFfd7DcZl5dtkQh7g1w=="],
    "@oxlint/binding-win32-ia32-msvc": ["@oxlint/binding-win32-ia32-msvc@1.61.0", "", { "os": "win32", "cpu": "ia32" }, "sha512-0ySj4/4zd2XjePs3XAQq7IigIstN4LPQZgCyigX5/ERMLjdWAJfnxcTsrtxZxuij8guJW8foXuHmhGxW0H4dDA=="],
    "@oxlint/binding-win32-x64-msvc": ["@oxlint/binding-win32-x64-msvc@1.61.0", "", { "os": "win32", "cpu": "x64" }, "sha512-0xgSiyeqDLDZxXoe9CVJrOx3TUVsfyoOY7cNi03JbItNcC9WCZqrSNdrAbHONxhSPaVh/lzfnDcON1RqSUMhHw=="],
    "@tsconfig/bun": ["@tsconfig/bun@1.0.10", "", {}, "sha512-5AV5YknQjNyoYzZ/8NG0dawqew/wH+x7ANiCfCIn29qo0cdbd1EryvFD1k5NSZWLBMOI/fGqMIaxi58GPIP9Cg=="],
    "@types/bun": ["@types/bun@1.3.13", "", { "dependencies": { "bun-types": "1.3.13" } }, "sha512-9fqXWk5YIHGGnUau9TEi+qdlTYDAnOj+xLCmSTwXfAIqXr2x4tytJb43E9uCvt09zJURKXwAtkoH4nLQfzeTXw=="],
    "@types/node": ["@types/node@20.19.37", "", { "dependencies": { "undici-types": "~6.21.0" } }, "sha512-8kzdPJ3FsNsVIurqBs7oodNnCEVbni9yUEkaHbgptDACOPW04jimGagZ51E6+lXUwJjgnBw+hyko/lkFWCldqw=="],
    "@typescript/native-preview": ["@typescript/native-preview@7.0.0-dev.20260410.1", "", { "optionalDependencies": { "@typescript/native-preview-darwin-arm64": "7.0.0-dev.20260410.1", "@typescript/native-preview-darwin-x64": "7.0.0-dev.20260410.1", "@typescript/native-preview-linux-arm": "7.0.0-dev.20260410.1", "@typescript/native-preview-linux-arm64": "7.0.0-dev.20260410.1", "@typescript/native-preview-linux-x64": "7.0.0-dev.20260410.1", "@typescript/native-preview-win32-arm64": "7.0.0-dev.20260410.1", "@typescript/native-preview-win32-x64": "7.0.0-dev.20260410.1" }, "bin": { "tsgo": "bin/tsgo.js" } }, "sha512-K3TIwBw4XGQM33wW8KUqRU7r6ZY1IqB8chk1u1kT+CDj4iu+eQ6jCXgU7EDxmpJ++gbNcIf8iBYgWgYNssrhZQ=="],
    "@typescript/native-preview-darwin-arm64": ["@typescript/native-preview-darwin-arm64@7.0.0-dev.20260410.1", "", { "os": "darwin", "cpu": "arm64" }, "sha512-bpLYm6woXd8BECzV9AQvPqISVeohpekK1qwpRopvNIxydhRQ4fEjZsS7EtDYpqHAW4/u1uEv07P9/iS6TAL1fQ=="],
    "@typescript/native-preview-darwin-x64": ["@typescript/native-preview-darwin-x64@7.0.0-dev.20260410.1", "", { "os": "darwin", "cpu": "x64" }, "sha512-V8bW8g5hgu+bAwGvTqF1kilkkoDgxhxi5egrdMUeWQkR+MIisoBQeaAupqMpLoSkqZsc/kKucM0zwBNC/KRU3Q=="],
    "@typescript/native-preview-linux-arm": ["@typescript/native-preview-linux-arm@7.0.0-dev.20260410.1", "", { "os": "linux", "cpu": "arm" }, "sha512-NO6Ci65ADadOCr2ycTxOyCgC5kyk+Ryjl8k5c78mz9sKDxYqwEtryFFjLqitAG+rejtJbnUq897WRICjAOwslA=="],
    "@typescript/native-preview-linux-arm64": ["@typescript/native-preview-linux-arm64@7.0.0-dev.20260410.1", "", { "os": "linux", "cpu": "arm64" }, "sha512-MOluRRAhv46s9ScFmePa0InMHmpZ/z0Evc11RrTKsg+bN8BR7sWoAtFq6IujEDK9WVP7YmEYtBRgEfMLuqVojw=="],
    "@typescript/native-preview-linux-x64": ["@typescript/native-preview-linux-x64@7.0.0-dev.20260410.1", "", { "os": "linux", "cpu": "x64" }, "sha512-IofIUrMGjXmZKDEMaRgshzOne0EQZtx9vE/6URHfgmDnWLDKWzz9eQ2qWmvsFD2vOBbgc6GwVWEq6XTHMEfx2A=="],
    "@typescript/native-preview-win32-arm64": ["@typescript/native-preview-win32-arm64@7.0.0-dev.20260410.1", "", { "os": "win32", "cpu": "arm64" }, "sha512-TXmE+wovQqRo+qAhaewB0MPB9esgayvSHr6vFlCpHykHqbDl3FUucuC4F8yU6zVOA3UqXTk4/GHeLsAvU7YEgQ=="],
    "@typescript/native-preview-win32-x64": ["@typescript/native-preview-win32-x64@7.0.0-dev.20260410.1", "", { "os": "win32", "cpu": "x64" }, "sha512-dMFT4tdHBe2vVA2WPQMjorT+fzCURRtillevQzz8/bwCEz2uXSnpu4oLRLS5045ppGE0wCFELE+Hq5z2oRddDw=="],
    "bun-types": ["bun-types@1.3.13", "", { "dependencies": { "@types/node": "*" } }, "sha512-QXKeHLlOLqQX9LgYaHJfzdBaV21T63HhFJnvuRCcjZiaUDpbs5ED1MgxbMra71CsryN/1dAoXuJJJwIv/2drVA=="],
    "oxfmt": ["oxfmt@0.46.0", "", { "dependencies": { "tinypool": "2.1.0" }, "optionalDependencies": { "@oxfmt/binding-android-arm-eabi": "0.46.0", "@oxfmt/binding-android-arm64": "0.46.0", "@oxfmt/binding-darwin-arm64": "0.46.0", "@oxfmt/binding-darwin-x64": "0.46.0", "@oxfmt/binding-freebsd-x64": "0.46.0", "@oxfmt/binding-linux-arm-gnueabihf": "0.46.0", "@oxfmt/binding-linux-arm-musleabihf": "0.46.0", "@oxfmt/binding-linux-arm64-gnu": "0.46.0", "@oxfmt/binding-linux-arm64-musl": "0.46.0", "@oxfmt/binding-linux-ppc64-gnu": "0.46.0", "@oxfmt/binding-linux-riscv64-gnu": "0.46.0", "@oxfmt/binding-linux-riscv64-musl": "0.46.0", "@oxfmt/binding-linux-s390x-gnu": "0.46.0", "@oxfmt/binding-linux-x64-gnu": "0.46.0", "@oxfmt/binding-linux-x64-musl": "0.46.0", "@oxfmt/binding-openharmony-arm64": "0.46.0", "@oxfmt/binding-win32-arm64-msvc": "0.46.0", "@oxfmt/binding-win32-ia32-msvc": "0.46.0", "@oxfmt/binding-win32-x64-msvc": "0.46.0" }, "bin": { "oxfmt": "bin/oxfmt" } }, "sha512-CopwJOwPAjZ9p76fCvz+mSOJTw9/NY3cSksZK3VO/bUQ8UoEcketNgUuYS0UB3p+R9XnXe7wGGXUmyFxc7QxJA=="],
    "oxlint": ["oxlint@1.61.0", "", { "optionalDependencies": { "@oxlint/binding-android-arm-eabi": "1.61.0", "@oxlint/binding-android-arm64": "1.61.0", "@oxlint/binding-darwin-arm64": "1.61.0", "@oxlint/binding-darwin-x64": "1.61.0", "@oxlint/binding-freebsd-x64": "1.61.0", "@oxlint/binding-linux-arm-gnueabihf": "1.61.0", "@oxlint/binding-linux-arm-musleabihf": "1.61.0", "@oxlint/binding-linux-arm64-gnu": "1.61.0", "@oxlint/binding-linux-arm64-musl": "1.61.0", "@oxlint/binding-linux-ppc64-gnu": "1.61.0", "@oxlint/binding-linux-riscv64-gnu": "1.61.0", "@oxlint/binding-linux-riscv64-musl": "1.61.0", "@oxlint/binding-linux-s390x-gnu": "1.61.0", "@oxlint/binding-linux-x64-gnu": "1.61.0", "@oxlint/binding-linux-x64-musl": "1.61.0", "@oxlint/binding-openharmony-arm64": "1.61.0", "@oxlint/binding-win32-arm64-msvc": "1.61.0", "@oxlint/binding-win32-ia32-msvc": "1.61.0", "@oxlint/binding-win32-x64-msvc": "1.61.0" }, "peerDependencies": { "oxlint-tsgolint": ">=0.18.0" }, "optionalPeers": ["oxlint-tsgolint"], "bin": { "oxlint": "bin/oxlint" } }, "sha512-ZC0ALuhDZ6ivOFG+sy0D0pEDN49EvsId98zVlmYdkcXHsEM14m/qTNUEsUpiFiCVbpIxYtVBmmLE87nsbUHohQ=="],
    "oxlint-tsgolint": ["oxlint-tsgolint@0.21.1", "", { "optionalDependencies": { "@oxlint-tsgolint/darwin-arm64": "0.21.1", "@oxlint-tsgolint/darwin-x64": "0.21.1", "@oxlint-tsgolint/linux-arm64": "0.21.1", "@oxlint-tsgolint/linux-x64": "0.21.1", "@oxlint-tsgolint/win32-arm64": "0.21.1", "@oxlint-tsgolint/win32-x64": "0.21.1" }, "bin": { "tsgolint": "bin/tsgolint.js" } }, "sha512-O2hxiT14C2HJkwzBU6CQBFPoagSd/IcV+Tt3e3UUaXFwbW4BO5DSDPSSboc3UM5MIDY+MLyepvtQwBQafNxWdw=="],
    "semver": ["semver@7.7.4", "", { "bin": { "semver": "bin/semver.js" } }, "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA=="],
    "tinypool": ["tinypool@2.1.0", "", {}, "sha512-Pugqs6M0m7Lv1I7FtxN4aoyToKg1C4tu+/381vH35y8oENM/Ai7f7C4StcoK4/+BSw9ebcS8jRiVrORFKCALLw=="],
    "tunnel": ["tunnel@0.0.6", "", {}, "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg=="],
    "undici": ["undici@6.24.1", "", {}, "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA=="],
    "undici-types": ["undici-types@6.21.0", "", {}, "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ=="],
    "@actions/tool-cache/@actions/core": ["@actions/core@3.0.0", "", { "dependencies": { "@actions/exec": "^3.0.0", "@actions/http-client": "^4.0.0" } }, "sha512-zYt6cz+ivnTmiT/ksRVriMBOiuoUpDCJJlZ5KPl2/FRdvwU3f7MPh9qftvbkXJThragzUZieit2nyHUyw53Seg=="],
  }
 }
--- a/dist/index.js
+++ b/dist/index.js
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/dist/licenses.txt
+++ b/dist/licenses.txt
@@ -1,128 +0,0 @@
@actions/core
 MIT
 The MIT License (MIT)
 Copyright 2019 GitHub
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@actions/exec
 MIT
 The MIT License (MIT)
 Copyright 2019 GitHub
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@actions/http-client
 MIT
 Actions Http Client for Node.js
 Copyright (c) GitHub, Inc.
 All rights reserved.
 MIT License
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
 associated documentation files (the "Software"), to deal in the Software without restriction,
 including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
 and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so,
 subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
 LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
 NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
 WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@actions/io
 MIT
 The MIT License (MIT)
 Copyright 2019 GitHub
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@actions/tool-cache
 MIT
 The MIT License (MIT)
 Copyright 2019 GitHub
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 semver
 ISC
 The ISC License
 Copyright (c) Isaac Z. Schlueter and Contributors
 Permission to use, copy, modify, and/or distribute this software for any
 purpose with or without fee is hereby granted, provided that the above
 copyright notice and this permission notice appear in all copies.
 THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
 IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 tunnel
 MIT
 The MIT License (MIT)
 Copyright (c) 2012 Koichi Kobayashi
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in
 all copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
 uuid
 MIT
 The MIT License (MIT)
 Copyright (c) 2010-2020 Robert Kieffer and other contributors
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--- a/dist/sourcemap-register.js
+++ b/dist/sourcemap-register.js
--- a/docs/index.md
+++ b/docs/index.md
@@ -1,35 +1,43 @@
-# `supabase-github-action`
+# `supabase/setup-cli`
-The Supabase GitHub Action provides an easy way to use the Supabase CLI on GitHub's hosted Actions runners.
+The Supabase CLI Action provides an easy way to install the
 [Supabase CLI](https://github.com/supabase/cli) on GitHub Actions runners.
-The action can be run on `ubuntu-latest`, `windows-latest`, and `macos-latest` GitHub Actions runners, and will install and expose a specified version of the Supabase CLI on the runner environment.
+The action supports `ubuntu-latest`, `windows-latest`, and `macos-latest`, and
 adds the requested `supabase` version to `PATH` for the rest of the job.
-## Quick start
+If `version` is omitted, the action checks the repository root for `bun.lock`,
 `pnpm-lock.yaml`, or `package-lock.json` and otherwise falls back to `latest`.
-This example shows how you can use the Supabase GitHub Action to test your migrations on every Pull Request.
+## Quick Start
-Inside your repository, create a new file inside the `.github/workflows` folder called `test-migrations.yml`.
+This example runs Supabase migrations on every pull request:
 Copy this snippet inside the file, and the action will run whenever a new PR is created:
 ```yaml
-name: 'test-migrations'
+name: test-migrations
 on:
  pull_request:
 jobs:
-  build: 
+  test-migrations:
    runs-on: ubuntu-latest
    steps:
-        - uses: supabase/setup-cli@v1
+      - uses: actions/checkout@v6
-            with:
+      - uses: supabase/setup-cli@v2
-            version: latest
+      - run: supabase init
-        - run: supabase init
+      - run: supabase db start
        - run: supabase db start
 ```
 To pin a specific CLI version:
 ```yaml
 - uses: supabase/setup-cli@v2
  with:
    version: 2.84.2
 ```
 ## Resources
- **Source Code**: <a href="https://github.com/supabase/supabase-github-action" target="_blank">github.com/supabase/supabase-github-action</a>
+- **Source Code**: <https://github.com/supabase/setup-cli>
- **CLI Documentation**: <a href="https://supabase.com/docs/guides/cli" target="_blank">supabase.com/docs/guides/cli</a>
+- **CLI Documentation**: <https://supabase.com/docs/guides/cli>
--- a/jest.config.js
+++ b/jest.config.js
@@ -1,9 +0,0 @@
 module.exports = {
  clearMocks: true,
  moduleFileExtensions: ['js', 'ts'],
  testMatch: ['**/*.test.ts'],
  transform: {
    '^.+\\.ts$': 'ts-jest'
  },
  verbose: true
 }
--- a/mkdocs.yaml
+++ b/mkdocs.yaml
@@ -1,33 +0,0 @@
 site_name: supabase-github-action
 site_url: https://supabase.github.io/supabase-github-action
 site_description: A GitHub action for interacting with your Supabase projects using the CLI. 
 repo_name: supabase/supabase-github-action
 repo_url: https://github.com/supabase/supabase-github-action
 nav:
    - Welcome: 'index.md'
 theme:
    name: 'material'
    features:
      - navigation.expand
    favicon: 'assets/favicon.ico'
    logo: 'assets/favicon.ico'
    homepage: https://supabase.github.io/supabase-github-action
    palette:
        primary: black
        accent: light green
 markdown_extensions:
    - pymdownx.highlight:
        linenums: true
        guess_lang: false
        use_pygments: true
        pygments_style: default
    - pymdownx.superfences
    - pymdownx.tabbed:
        alternate_style: true
    - pymdownx.snippets
    - pymdownx.tasklist
    - admonition
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -1,47 +1,41 @@
 {
  "name": "setup-cli",
-  "version": "0.0.1",
+  "version": "2.0.0",
  "private": true,
  "description": "Supabase CLI GitHub Action",
-  "main": "lib/main.js",
+  "keywords": [
-  "scripts": {
+    "actions"
-    "build": "tsc",
+  ],
-    "format": "prettier --write '**/*.ts'",
+  "license": "MIT",
-    "format-check": "prettier --check '**/*.ts'",
+  "author": "",
    "lint": "eslint src/**/*.ts",
    "package": "ncc build --source-map --license licenses.txt",
    "test": "jest",
    "all": "npm run build && npm run format && npm run lint && npm run package && npm test"
  },
  "repository": {
    "type": "git",
    "url": "git+https://github.com/supabase/setup-cli.git"
  },
-  "keywords": [
+  "type": "module",
-    "actions",
+  "scripts": {
-    "node",
+    "all": "bun run format && bun run lint && bun run coverage",
-    "setup"
+    "ci": "bun run format:check && bun run lint && bun run coverage",
-  ],
+    "coverage": "bun test --coverage --coverage-reporter=text --coverage-reporter=lcov",
-  "author": "",
+    "format": "bun x oxfmt --write . '!coverage/**'",
-  "license": "MIT",
+    "format:check": "bun x oxfmt --check . '!coverage/**'",
    "lint": "bun x oxlint --deny-warnings --type-aware --type-check --tsconfig tsconfig.json src",
    "test": "bun test",
    "typecheck": "bun x tsgo -p tsconfig.json --noEmit"
  },
  "dependencies": {
-    "@actions/core": "^1.10.1",
+    "@actions/core": "^3.0.1",
-    "@actions/tool-cache": "^2.0.1",
+    "@actions/tool-cache": "^4.0.0"
    "semver": "^7.5.4"
  },
  "devDependencies": {
-    "@types/js-yaml": "^4.0.9",
+    "@tsconfig/bun": "^1.0.10",
-    "@types/node": "^16.11.47",
+    "@types/bun": "^1.3.13",
-    "@types/semver": "^7.5.6",
+    "@typescript/native-preview": "^7.0.0-dev.20260410.1",
-    "@typescript-eslint/parser": "^5.62.0",
+    "oxfmt": "^0.46.0",
-    "@vercel/ncc": "^0.38.1",
+    "oxlint": "^1.61.0",
-    "eslint": "^8.56.0",
+    "oxlint-tsgolint": "^0.21.1"
-    "eslint-plugin-github": "^4.9.0",
+  },
-    "eslint-plugin-jest": "^27.6.3",
+  "engines": {
-    "jest": "^28.1.3",
+    "bun": ">=1.3.10"
    "js-yaml": "^4.1.0",
    "prettier": "2.8.8",
    "ts-jest": "^28.0.8",
    "typescript": "^4.8.4"
  }
 }
--- a/src/main.test.ts
+++ b/src/main.test.ts
@@ -0,0 +1,535 @@
 import { mkdirSync, mkdtempSync, rmSync, writeFileSync } from "node:fs";
 import os from "node:os";
 import path from "node:path";
 import process from "node:process";
 import { fileURLToPath } from "node:url";
 import { afterEach, expect, mock, spyOn, test } from "bun:test";
 import * as core from "@actions/core";
 import * as tc from "@actions/tool-cache";
 const repo = path.dirname(path.dirname(fileURLToPath(import.meta.url)));
 const defaultEntrypoint = fileURLToPath(new URL("./main.ts", import.meta.url));
 const CLI_CONFIG_REGISTRY = "SUPABASE_INTERNAL_IMAGE_REGISTRY";
 const GITHUB_RELEASES_API = "https://api.github.com/repos/supabase/cli/releases/latest";
 const GITHUB_TOKEN_ENV = "SUPABASE_CLI_GITHUB_TOKEN";
 const originalWorkspace = process.env.GITHUB_WORKSPACE;
 const originalGithubToken = process.env[GITHUB_TOKEN_ENV];
 const tempDirs = new Set<string>();
 let mainModule: typeof import("./main.ts") | null = null;
 afterEach(() => {
  mock.restore();
  process.env.GITHUB_WORKSPACE = originalWorkspace;
  if (originalGithubToken === undefined) {
    delete process.env[GITHUB_TOKEN_ENV];
  } else {
    process.env[GITHUB_TOKEN_ENV] = originalGithubToken;
  }
  for (const dir of tempDirs) {
    rmSync(dir, { force: true, recursive: true });
  }
  tempDirs.clear();
 });
 function createFakeCli(versionOutput: string): string {
  const dir = mkdtempSync(path.join(os.tmpdir(), "setup-cli-"));
  tempDirs.add(dir);
  if (process.platform === "win32") {
    writeFileSync(
      path.join(dir, "supabase.cmd"),
      versionOutput ? `@echo off\r\necho ${versionOutput}\r\n` : "@echo off\r\n",
    );
    return dir;
  }
  const escapedOutput = versionOutput.replaceAll("'", "'\"'\"'");
  writeFileSync(
    path.join(dir, "supabase"),
    versionOutput
      ? `#!/usr/bin/env bash\nprintf '%s\\n' '${escapedOutput}'\n`
      : "#!/usr/bin/env bash\n",
  );
  Bun.spawnSync(["chmod", "+x", path.join(dir, "supabase")]);
  return dir;
 }
 function createWorkspace(files: Record<string, string>): string {
  const dir = mkdtempSync(path.join(os.tmpdir(), "setup-cli-workspace-"));
  tempDirs.add(dir);
  for (const [relativePath, content] of Object.entries(files)) {
    const filePath = path.join(dir, relativePath);
    mkdirSync(path.dirname(filePath), { recursive: true });
    writeFileSync(filePath, content);
  }
  return dir;
 }
 function createBunLock(
  version: string,
  options: {
    includeDependency?: boolean;
    includePackageEntry?: boolean;
    useDevDependency?: boolean;
  } = {},
 ): string {
  const includeDependency = options.includeDependency ?? true;
  const includePackageEntry = options.includePackageEntry ?? true;
  const dependencyKey = options.useDevDependency ? "devDependencies" : "dependencies";
  return `{
  "lockfileVersion": 1,
  "configVersion": 1,
  "workspaces": {
    "": {
      "name": "app",
      "${dependencyKey}": {
 ${includeDependency ? `        "supabase": "^${version}"` : ""}
      }
    }
  },
  "packages": {
 ${
  includePackageEntry
    ? `    "supabase": [
      "supabase@${version}",
      "",
      {},
      "sha512-test"
    ]`
    : ""
 }
  }
 }
 `;
 }
 function createPnpmLock(
  version: string,
  options: { asString?: boolean; includeVersion?: boolean; useDevDependency?: boolean } = {},
 ): string {
  const dependencyKey = options.useDevDependency ? "devDependencies" : "dependencies";
  return `lockfileVersion: "9.0"
 importers:
  .:
    ${dependencyKey}:
 ${
  options.asString
    ? `      supabase: ${version}`
    : `      supabase:
        specifier: ^${version}
 ${options.includeVersion === false ? "" : `        version: ${version}`}`
 }
 packages:
  supabase@${version}:
    resolution:
      integrity: sha512-test
 `;
 }
 function createPackageLock(version: string): string {
  return JSON.stringify(
    {
      name: "app",
      lockfileVersion: 3,
      packages: {
        "": {
          dependencies: {
            supabase: `^${version}`,
          },
        },
        "node_modules/supabase": {
          version,
        },
      },
    },
    null,
    2,
  );
 }
 function createActionSpies(inputVersion: string, cliDir: string, expectedUrlFragment: string) {
  return {
    getInput: spyOn(core, "getInput").mockReturnValue(inputVersion),
    setOutput: spyOn(core, "setOutput").mockImplementation(() => {}),
    addPath: spyOn(core, "addPath").mockImplementation(() => {}),
    exportVariable: spyOn(core, "exportVariable").mockImplementation(() => {}),
    setFailed: spyOn(core, "setFailed").mockImplementation(() => {}),
    downloadTool: spyOn(tc, "downloadTool").mockImplementation(async (url: string) => {
      expect(url).toContain(expectedUrlFragment);
      return path.join(os.tmpdir(), "supabase-cli.tar.gz");
    }),
    extractTar: spyOn(tc, "extractTar").mockImplementation(async () => cliDir),
    extractZip: spyOn(tc, "extractZip").mockImplementation(async () => cliDir),
  };
 }
 function mockLatestRelease(version = "v2.99.0") {
  return spyOn(globalThis, "fetch").mockResolvedValue(
    new Response(JSON.stringify({ tag_name: version }), {
      status: 200,
      statusText: "OK",
    }),
  );
 }
 async function getMainModule(): Promise<typeof import("./main.ts")> {
  if (!mainModule) {
    mainModule = await import("./main.ts");
  }
  return mainModule;
 }
 test("uses versioned tar archives for Supabase CLI v2.99.0 and later", async () => {
  const { getDownloadArchive } = await getMainModule();
  const archive = await getDownloadArchive("2.99.0", "linux", "x64");
  expect(archive).toEqual({
    url: "https://github.com/supabase/cli/releases/download/v2.99.0/supabase_2.99.0_linux_amd64.tar.gz",
    format: "tar",
  });
 });
 test("uses apk archives for Supabase CLI v2.99.0 and later on Linux musl", async () => {
  const { getDownloadArchive } = await getMainModule();
  const archive = await getDownloadArchive("2.100.1", "linux", "x64", true);
  expect(archive).toEqual({
    url: "https://github.com/supabase/cli/releases/download/v2.100.1/supabase_2.100.1_linux_amd64.apk",
    format: "apk",
  });
 });
 test("keeps tar archives before Supabase CLI v2.99.0 on Linux musl", async () => {
  const { getDownloadArchive } = await getMainModule();
  const archive = await getDownloadArchive("2.98.2", "linux", "x64", true);
  expect(archive).toEqual({
    url: "https://github.com/supabase/cli/releases/download/v2.98.2/supabase_linux_amd64.tar.gz",
    format: "tar",
  });
 });
 test("uses usr/bin as the CLI path for apk archives", async () => {
  const { getCliPath } = await getMainModule();
  expect(getCliPath("/tmp/extracted", "apk")).toBe(path.join("/tmp/extracted", "usr", "bin"));
  expect(getCliPath("/tmp/extracted", "tar")).toBe("/tmp/extracted");
  expect(getCliPath("/tmp/extracted", "zip")).toBe("/tmp/extracted");
 });
 test("keeps the unversioned tar archive layout before Supabase CLI v2.99.0", async () => {
  const { getDownloadArchive } = await getMainModule();
  const archive = await getDownloadArchive("2.98.2", "linux", "x64");
  expect(archive).toEqual({
    url: "https://github.com/supabase/cli/releases/download/v2.98.2/supabase_linux_amd64.tar.gz",
    format: "tar",
  });
 });
 test("uses versioned zip archives for Windows Supabase CLI v2.99.0 and later", async () => {
  const { getDownloadArchive } = await getMainModule();
  const archive = await getDownloadArchive("2.99.0", "win32", "x64");
  expect(archive).toEqual({
    url: "https://github.com/supabase/cli/releases/download/v2.99.0/supabase_2.99.0_windows_amd64.zip",
    format: "zip",
  });
 });
 test("resolves latest before choosing a versioned Supabase CLI archive", async () => {
  mockLatestRelease("v2.99.0");
  const { getDownloadArchive } = await getMainModule();
  const archive = await getDownloadArchive("latest", "darwin", "arm64");
  expect(archive).toEqual({
    url: "https://github.com/supabase/cli/releases/download/v2.99.0/supabase_2.99.0_darwin_arm64.tar.gz",
    format: "tar",
  });
 });
 test("authenticates latest release lookup when a GitHub token is provided", async () => {
  process.env[GITHUB_TOKEN_ENV] = "ghs_test-token";
  const fetch = mockLatestRelease("v2.99.0");
  const { getDownloadArchive } = await getMainModule();
  await getDownloadArchive("latest", "darwin", "arm64");
  expect(fetch).toHaveBeenCalledWith(GITHUB_RELEASES_API, {
    headers: expect.objectContaining({
      Accept: "application/vnd.github+json",
      Authorization: "Bearer ghs_test-token",
      "X-GitHub-Api-Version": "2022-11-28",
    }),
  });
 });
 test("awaits the action entrypoint with omitted version and latest fallback", async () => {
  process.env.GITHUB_WORKSPACE = repo;
  mockLatestRelease();
  const cliDir = createFakeCli("supabase 2.84.2");
  let startDownload!: () => void;
  let finishDownload!: () => void;
  const downloadStarted = new Promise<void>((resolve) => {
    startDownload = resolve;
  });
  const downloadFinished = new Promise<string>((resolve) => {
    finishDownload = () => resolve(path.join(os.tmpdir(), "supabase-cli.tar.gz"));
  });
  const spies = {
    getInput: spyOn(core, "getInput").mockReturnValue(""),
    setOutput: spyOn(core, "setOutput").mockImplementation(() => {}),
    addPath: spyOn(core, "addPath").mockImplementation(() => {}),
    exportVariable: spyOn(core, "exportVariable").mockImplementation(() => {}),
    setFailed: spyOn(core, "setFailed").mockImplementation(() => {}),
    downloadTool: spyOn(tc, "downloadTool").mockImplementation(async (url: string) => {
      expect(url).toContain("/download/v2.99.0/supabase_2.99.0_");
      startDownload();
      return downloadFinished;
    }),
    extractTar: spyOn(tc, "extractTar").mockImplementation(async () => cliDir),
    extractZip: spyOn(tc, "extractZip").mockImplementation(async () => cliDir),
  };
  const originalArgv1 = process.argv[1];
  process.argv[1] = defaultEntrypoint;
  try {
    let importSettled = false;
    const entrypoint = import(`./main.ts?entrypoint=${Date.now()}`).finally(() => {
      importSettled = true;
    });
    await downloadStarted;
    await Bun.sleep(0);
    expect(importSettled).toBe(false);
    finishDownload();
    await entrypoint;
  } finally {
    process.argv[1] = originalArgv1 ?? "";
  }
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.84.2");
  expect(spies.addPath).toHaveBeenCalledWith(cliDir);
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("uses the root bun.lock version when version is omitted", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "bun.lock": createBunLock("2.41.0"),
  });
  const cliDir = createFakeCli("supabase 2.41.0");
  const spies = createActionSpies("", cliDir, "/download/v2.41.0/supabase_");
  const { run } = await getMainModule();
  await run();
  expect(spies.downloadTool).not.toHaveBeenCalledWith(expect.stringContaining("/latest/download/"));
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.41.0");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("uses the root pnpm-lock.yaml version when version is omitted", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "pnpm-lock.yaml": createPnpmLock("2.42.0"),
  });
  const cliDir = createFakeCli("supabase 2.42.0");
  const spies = createActionSpies("", cliDir, "/download/v2.42.0/supabase_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.42.0");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("uses the root package-lock.json version when version is omitted", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "package-lock.json": createPackageLock("2.43.0"),
  });
  const cliDir = createFakeCli("supabase 2.43.0");
  const spies = createActionSpies("", cliDir, "/download/v2.43.0/supabase_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.43.0");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("falls through malformed lockfiles and uses the next supported root lockfile", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "bun.lock": "{ not valid",
    "package-lock.json": createPackageLock("2.44.0"),
  });
  const cliDir = createFakeCli("supabase 2.44.0");
  const spies = createActionSpies("", cliDir, "/download/v2.44.0/supabase_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.44.0");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("falls back to latest when version is omitted and no supported root lockfile is present", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "README.md": "# app\n",
  });
  mockLatestRelease();
  const cliDir = createFakeCli("supabase 2.84.2");
  const spies = createActionSpies("", cliDir, "/download/v2.99.0/supabase_2.99.0_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.84.2");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("falls back to latest when version is omitted and no workspace is available", async () => {
  delete process.env.GITHUB_WORKSPACE;
  mockLatestRelease();
  const cliDir = createFakeCli("supabase 2.84.2");
  const spies = createActionSpies("", cliDir, "/download/v2.99.0/supabase_2.99.0_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.84.2");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("uses the declared bun.lock version when the resolved package entry is missing", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "bun.lock": createBunLock("2.44.1", { includePackageEntry: false, useDevDependency: true }),
  });
  const cliDir = createFakeCli("supabase 2.44.1");
  const spies = createActionSpies("", cliDir, "/download/v2.44.1/supabase_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.44.1");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("falls through bun.lock without supabase and uses a pnpm string dependency version", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "bun.lock": createBunLock("2.47.0", { includeDependency: false }),
    "pnpm-lock.yaml": createPnpmLock("2.47.0", { asString: true }),
  });
  const cliDir = createFakeCli("supabase 2.47.0");
  const spies = createActionSpies("", cliDir, "/download/v2.47.0/supabase_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.47.0");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("falls through malformed pnpm lockfiles and uses the next supported root lockfile", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "pnpm-lock.yaml": "not: [valid",
    "package-lock.json": createPackageLock("2.48.0"),
  });
  const cliDir = createFakeCli("supabase 2.48.0");
  const spies = createActionSpies("", cliDir, "/download/v2.48.0/supabase_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.48.0");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("falls through unreadable bun.lock paths and malformed package-lock files to latest", async () => {
  const workspace = createWorkspace({
    "package-lock.json": "{ invalid",
  });
  mkdirSync(path.join(workspace, "bun.lock"), { recursive: true });
  process.env.GITHUB_WORKSPACE = workspace;
  mockLatestRelease();
  const cliDir = createFakeCli("supabase 2.84.2");
  const spies = createActionSpies("", cliDir, "/download/v2.99.0/supabase_2.99.0_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.84.2");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("falls back to latest when a pnpm dependency entry has no concrete version", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "pnpm-lock.yaml": createPnpmLock("2.49.0", { includeVersion: false }),
  });
  mockLatestRelease();
  const cliDir = createFakeCli("supabase 2.84.2");
  const spies = createActionSpies("", cliDir, "/download/v2.99.0/supabase_2.99.0_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 2.84.2");
  expect(spies.exportVariable).toHaveBeenCalledWith(CLI_CONFIG_REGISTRY, "ghcr.io");
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("explicit version overrides detected root lockfiles", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "bun.lock": createBunLock("2.45.0"),
  });
  const cliDir = createFakeCli("supabase 1.0.0");
  const spies = createActionSpies("1.0.0", cliDir, "/download/v1.0.0/supabase_1.0.0_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setOutput).toHaveBeenCalledWith("version", "supabase 1.0.0");
  expect(spies.exportVariable).not.toHaveBeenCalled();
  expect(spies.setFailed).not.toHaveBeenCalled();
 });
 test("fails when the installed CLI does not report a version", async () => {
  process.env.GITHUB_WORKSPACE = createWorkspace({
    "package-lock.json": createPackageLock("2.46.0"),
  });
  const cliDir = createFakeCli("");
  const spies = createActionSpies("", cliDir, "/download/v2.46.0/supabase_");
  const { run } = await getMainModule();
  await run();
  expect(spies.setFailed).toHaveBeenCalledWith(
    "Could not determine installed Supabase CLI version",
  );
  expect(spies.setOutput).not.toHaveBeenCalled();
  expect(spies.addPath).not.toHaveBeenCalled();
  expect(spies.exportVariable).not.toHaveBeenCalled();
 });
--- a/src/main.ts
+++ b/src/main.ts
@@ -1,36 +1,341 @@
-import * as core from '@actions/core'
+import { $, semver } from "bun";
-import * as tc from '@actions/tool-cache'
+import * as core from "@actions/core";
-import gte from 'semver/functions/gte'
+import * as tc from "@actions/tool-cache";
-import {getDownloadUrl, determineInstalledVersion} from './utils'
+import { existsSync, readFileSync } from "node:fs";
 import path from "node:path";
 import { fileURLToPath } from "node:url";
-export const CLI_CONFIG_REGISTRY = 'SUPABASE_INTERNAL_IMAGE_REGISTRY'
+export const CLI_CONFIG_REGISTRY = "SUPABASE_INTERNAL_IMAGE_REGISTRY";
 const REGISTRY_VERSION = "1.28.0";
 const VERSIONED_ARCHIVE_VERSION = "2.99.0";
 const DEFAULT_VERSION = "latest";
 const GITHUB_RELEASES_API = "https://api.github.com/repos/supabase/cli/releases/latest";
 const GITHUB_TOKEN_ENV = "SUPABASE_CLI_GITHUB_TOKEN";
 type ArchiveFormat = "apk" | "tar" | "zip";
 type DownloadArchive = {
  url: string;
  format: ArchiveFormat;
 };
 type BunLock = {
  workspaces?: {
    "": {
      dependencies?: Record<string, string>;
      devDependencies?: Record<string, string>;
    };
  };
  packages?: Record<string, unknown>;
 };
 type PnpmDependency =
  | string
  | {
      version?: string;
    };
 type PnpmLock = {
  importers?: {
    ".": {
      dependencies?: Record<string, PnpmDependency>;
      devDependencies?: Record<string, PnpmDependency>;
    };
  };
 };
 type PackageLock = {
  packages?: Record<string, { version?: string }>;
  dependencies?: Record<string, { version?: string }>;
 };
 function getArchivePlatform(platform: NodeJS.Platform): string {
  return platform === "win32" ? "windows" : platform;
 }
 function getArchiveArch(arch: NodeJS.Architecture): string {
  return arch === "x64" ? "amd64" : arch;
 }
 function extractConcreteVersion(raw: string | undefined): string | null {
  if (!raw) {
    return null;
  }
  const match = raw.match(/\d+\.\d+\.\d+(?:-[0-9A-Za-z.-]+)?(?:\+[0-9A-Za-z.-]+)?/);
  return match?.[0] ?? null;
 }
 function normalizeVersion(version: string): string {
  return version.replace(/^v/i, "");
 }
 function readWorkspaceLockfile(workspaceRoot: string, filename: string): string | null {
  const filePath = path.join(workspaceRoot, filename);
  if (!existsSync(filePath)) {
    return null;
  }
 async function run(): Promise<void> {
  try {
-    // Get version of tool to be installed
+    return readFileSync(filePath, "utf8");
-    const version = core.getInput('version')
+  } catch {
-
+    return null;
    // Download the specific version of the tool, e.g. as a tarball/zipball
    const download = await getDownloadUrl(version)
    const pathToTarball = await tc.downloadTool(download)
    // Extract the tarball/zipball onto host runner
    const pathToCLI = await tc.extractTar(pathToTarball)
    // Expose the tool by adding it to the PATH
    core.addPath(pathToCLI)
    // Expose installed tool version
    const determinedVersion = await determineInstalledVersion()
    core.setOutput('version', determinedVersion)
    // Use GHCR mirror by default
    if (version.toLowerCase() === 'latest' || gte(version, '1.28.0')) {
      core.exportVariable(CLI_CONFIG_REGISTRY, 'ghcr.io')
    }
  } catch (error) {
    if (error instanceof Error) core.setFailed(error.message)
  }
 }
-run()
+function detectVersionFromBunLock(workspaceRoot: string): string | null {
  const text = readWorkspaceLockfile(workspaceRoot, "bun.lock");
  if (!text) {
    return null;
  }
  try {
    const lockfile = JSON.parse(text.replace(/,\s*([}\]])/g, "$1")) as BunLock;
    const rootWorkspace = lockfile.workspaces?.[""];
    const declaredVersion =
      rootWorkspace?.dependencies?.supabase ?? rootWorkspace?.devDependencies?.supabase;
    if (!declaredVersion) {
      return null;
    }
    const resolvedPackage = lockfile.packages?.supabase;
    if (Array.isArray(resolvedPackage) && typeof resolvedPackage[0] === "string") {
      return extractConcreteVersion(resolvedPackage[0]);
    }
    return extractConcreteVersion(declaredVersion);
  } catch {
    return null;
  }
 }
 function detectVersionFromPnpmLock(workspaceRoot: string): string | null {
  const text = readWorkspaceLockfile(workspaceRoot, "pnpm-lock.yaml");
  if (!text) {
    return null;
  }
  try {
    const lockfile = Bun.YAML.parse(text) as PnpmLock;
    const rootImporter = lockfile.importers?.["."];
    const dependency =
      rootImporter?.dependencies?.supabase ?? rootImporter?.devDependencies?.supabase;
    if (typeof dependency === "string") {
      return extractConcreteVersion(dependency);
    }
    return extractConcreteVersion(dependency?.version);
  } catch {
    return null;
  }
 }
 function detectVersionFromPackageLock(workspaceRoot: string): string | null {
  const text = readWorkspaceLockfile(workspaceRoot, "package-lock.json");
  if (!text) {
    return null;
  }
  try {
    const lockfile = JSON.parse(text) as PackageLock;
    return (
      extractConcreteVersion(lockfile.packages?.["node_modules/supabase"]?.version) ??
      extractConcreteVersion(lockfile.dependencies?.supabase?.version)
    );
  } catch {
    return null;
  }
 }
 function resolveVersion(inputVersion: string): string {
  const requestedVersion = inputVersion.trim();
  if (requestedVersion) {
    return requestedVersion;
  }
  const workspaceRoot = process.env.GITHUB_WORKSPACE?.trim();
  if (!workspaceRoot) {
    return DEFAULT_VERSION;
  }
  return (
    detectVersionFromBunLock(workspaceRoot) ??
    detectVersionFromPnpmLock(workspaceRoot) ??
    detectVersionFromPackageLock(workspaceRoot) ??
    DEFAULT_VERSION
  );
 }
 async function resolveLatestVersion(): Promise<string> {
  const headers: Record<string, string> = {
    Accept: "application/vnd.github+json",
    "X-GitHub-Api-Version": "2022-11-28",
  };
  const githubToken = process.env[GITHUB_TOKEN_ENV]?.trim();
  if (githubToken) {
    headers.Authorization = `Bearer ${githubToken}`;
  }
  const response = await fetch(GITHUB_RELEASES_API, { headers });
  if (!response.ok) {
    throw new Error(`Failed to resolve latest Supabase CLI release: ${response.statusText}`);
  }
  const release = (await response.json()) as { tag_name?: unknown };
  if (typeof release.tag_name !== "string") {
    throw new Error("Failed to resolve latest Supabase CLI release: missing tag name");
  }
  return normalizeVersion(release.tag_name);
 }
 function getArchiveFormat(
  version: string,
  platform: NodeJS.Platform,
  isMuslLinux: boolean,
 ): ArchiveFormat {
  if (
    platform === "linux" &&
    isMuslLinux &&
    semver.order(version, VERSIONED_ARCHIVE_VERSION) >= 0
  ) {
    return "apk";
  }
  if (platform === "win32" && semver.order(version, VERSIONED_ARCHIVE_VERSION) >= 0) {
    return "zip";
  }
  return "tar";
 }
 function getArchiveFilename(
  version: string,
  platform: NodeJS.Platform,
  arch: NodeJS.Architecture,
  archiveFormat: ArchiveFormat,
 ): string {
  const archivePlatform = getArchivePlatform(platform);
  const archiveArch = getArchiveArch(arch);
  if (semver.order(version, REGISTRY_VERSION) === -1) {
    return `supabase_${version}_${archivePlatform}_${archiveArch}.tar.gz`;
  }
  if (platform === "linux" && archiveFormat === "apk") {
    return `supabase_${version}_${archivePlatform}_${archiveArch}.apk`;
  }
  if (semver.order(version, VERSIONED_ARCHIVE_VERSION) >= 0) {
    const extension = platform === "win32" ? "zip" : "tar.gz";
    return `supabase_${version}_${archivePlatform}_${archiveArch}.${extension}`;
  }
  return `supabase_${archivePlatform}_${archiveArch}.tar.gz`;
 }
 export async function getDownloadArchive(
  version: string,
  platform = process.platform,
  arch = process.arch,
  isMuslLinux?: boolean,
 ): Promise<DownloadArchive> {
  const resolvedVersion =
    version.toLowerCase() === "latest" ? await resolveLatestVersion() : normalizeVersion(version);
  const format = getArchiveFormat(
    resolvedVersion,
    platform,
    isMuslLinux ?? (await detectMuslLinux(platform)),
  );
  const filename = getArchiveFilename(resolvedVersion, platform, arch, format);
  return {
    url: `https://github.com/supabase/cli/releases/download/v${resolvedVersion}/${filename}`,
    format,
  };
 }
 async function detectMuslLinux(platform = process.platform): Promise<boolean> {
  if (platform !== "linux") {
    return false;
  }
  if (existsSync("/etc/alpine-release")) {
    return true;
  }
  try {
    const output = await $`ldd --version`.quiet().text();
    return output.toLowerCase().includes("musl");
  } catch (error) {
    const output = error instanceof Error ? error.message : String(error);
    return output.toLowerCase().includes("musl");
  }
 }
 export function getCliPath(extractedPath: string, archiveFormat: ArchiveFormat): string {
  return archiveFormat === "apk" ? path.join(extractedPath, "usr", "bin") : extractedPath;
 }
 function getCliExecutablePath(cliPath: string): string {
  if (process.platform !== "win32") {
    return path.join(cliPath, "supabase");
  }
  const exePath = path.join(cliPath, "supabase.exe");
  if (existsSync(exePath)) {
    return exePath;
  }
  const cmdPath = path.join(cliPath, "supabase.cmd");
  if (existsSync(cmdPath)) {
    return cmdPath;
  }
  return path.join(cliPath, "supabase");
 }
 export async function determineInstalledVersion(cliPath: string): Promise<string> {
  const version = (await $`${getCliExecutablePath(cliPath)} --version`.text()).trim();
  if (!version) {
    throw new Error("Could not determine installed Supabase CLI version");
  }
  return version;
 }
 export async function run(): Promise<void> {
  try {
    const version = resolveVersion(core.getInput("version"));
    const archive = await getDownloadArchive(version);
    const archivePath = await tc.downloadTool(archive.url);
    const extractedPath =
      archive.format === "zip"
        ? await tc.extractZip(archivePath)
        : await tc.extractTar(archivePath);
    const cliPath = getCliPath(extractedPath, archive.format);
    const installedVersion = await determineInstalledVersion(cliPath);
    core.setOutput("version", installedVersion);
    core.addPath(cliPath);
    if (version.toLowerCase() === "latest" || semver.order(version, REGISTRY_VERSION) >= 0) {
      core.exportVariable(CLI_CONFIG_REGISTRY, "ghcr.io");
    }
  } catch (error) {
    core.setFailed(error instanceof Error ? error.message : String(error));
  }
 }
 if (process.argv[1] === fileURLToPath(import.meta.url)) {
  await run();
 }
--- a/src/utils.ts
+++ b/src/utils.ts
@@ -1,48 +0,0 @@
 import {exec} from 'child_process'
 import os from 'os'
 import lt from 'semver/functions/lt'
 import {promisify} from 'util'
 const doExec = promisify(exec)
 // arch in [arm, arm64, x64...] (https://nodejs.org/docs/latest-v16.x/api/os.html#osarch)
 // return value in [amd64, arm64, arm]
 const mapArch = (arch: string): string => {
  const mappings: Record<string, string> = {
    x64: 'amd64'
  }
  return mappings[arch] || arch
 }
 // os in [darwin, linux, win32...] (https://nodejs.org/docs/latest-v16.x/api/os.html#osplatform)
 // return value in [darwin, linux, windows]
 const mapOS = (platform: string): string => {
  const mappings: Record<string, string> = {
    win32: 'windows'
  }
  return mappings[platform] || platform
 }
 export const getDownloadUrl = async (version: string): Promise<string> => {
  const platform = mapOS(os.platform())
  const arch = mapArch(os.arch())
  const filename = `supabase_${platform}_${arch}.tar.gz`
  if (version.toLowerCase() === 'latest') {
    return `https://github.com/supabase/cli/releases/latest/download/${filename}`
  }
  if (lt(version, '1.28.0')) {
    return `https://github.com/supabase/cli/releases/download/v${version}/supabase_${version}_${platform}_${arch}.tar.gz`
  }
  return `https://github.com/supabase/cli/releases/download/v${version}/${filename}`
 }
 export const determineInstalledVersion = async (): Promise<string> => {
  const {stdout} = await doExec('supabase --version')
  const version = stdout.trim()
  if (!version) {
    throw new Error('Could not determine installed Supabase CLI version')
  }
  return version
 }
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -1,12 +1,4 @@
 {
-  "compilerOptions": {
+  "extends": "@tsconfig/bun/tsconfig.json",
-    "target": "es6",                          /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019' or 'ESNEXT'. */
+  "include": ["src"]
    "module": "commonjs",                     /* Specify module code generation: 'none', 'commonjs', 'amd', 'system', 'umd', 'es2015', or 'ESNext'. */
    "outDir": "./lib",                        /* Redirect output structure to the directory. */
    "rootDir": "./src",                       /* Specify the root directory of input files. Use to control the output directory structure with --outDir. */
    "strict": true,                           /* Enable all strict type-checking options. */
    "noImplicitAny": true,                    /* Raise error on expressions and declarations with an implied 'any' type. */
    "esModuleInterop": true                   /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */
  },
  "exclude": ["node_modules", "**/*.test.ts"]
 }