mirror of https://github.com/supabase/setup-cli.git synced 2026-05-13 03:16:57 +00:00

Go to file

dependabot[bot] 2df3f5f50e chore(deps): bump the actions-minor-patch group across 1 directory with 3 updates (#418 )

Bumps the actions-minor-patch group with 3 updates in the / directory:
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata),
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
and [ruby/setup-ruby](https://github.com/ruby/setup-ruby).

Updates `dependabot/fetch-metadata` from 3.0.0 to 3.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add permissions to all workflows by <a
href="https://github.com/truggeri"><code>@truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/687">dependabot/fetch-metadata#687</a></li>
<li>build(deps-dev): bump globals from 16.0.0 to 17.4.0 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/690">dependabot/fetch-metadata#690</a></li>
<li>build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/693">dependabot/fetch-metadata#693</a></li>
<li>build(deps-dev): bump <code>@hono/node-server</code> from 1.19.10
to 1.19.13 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/694">dependabot/fetch-metadata#694</a></li>
<li>build(deps-dev): bump hono from 4.12.7 to 4.12.12 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/695">dependabot/fetch-metadata#695</a></li>
<li>Dynamically update the tracking tag in action by <a
href="https://github.com/truggeri"><code>@truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/696">dependabot/fetch-metadata#696</a></li>
<li>fix: handle duplicate dependency names in parseMetadataLinks by <a
href="https://github.com/devantler"><code>@devantler</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/700">dependabot/fetch-metadata#700</a></li>
<li>fix: remove $ anchor from updateFragment regex to handle pip
directory suffixes by <a
href="https://github.com/devantler"><code>@devantler</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/698">dependabot/fetch-metadata#698</a></li>
<li>Updates to README for permissions clarification by <a
href="https://github.com/truggeri"><code>@truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/697">dependabot/fetch-metadata#697</a></li>
<li>fix: resolve update-type null for Python, Composer, and Terraform
PRs by <a
href="https://github.com/vitorsdcs"><code>@vitorsdcs</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/704">dependabot/fetch-metadata#704</a></li>
<li>build(deps-dev): bump globals from 17.4.0 to 17.5.0 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/703">dependabot/fetch-metadata#703</a></li>
<li>build(deps): bump actions/create-github-app-token from 3.0.0 to
3.1.1 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/701">dependabot/fetch-metadata#701</a></li>
<li>build(deps): bump <code>@actions/github</code> from 9.0.0 to 9.1.0
in the dependencies group across 1 directory by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/702">dependabot/fetch-metadata#702</a></li>
<li>build(deps-dev): bump hono from 4.12.12 to 4.12.14 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/705">dependabot/fetch-metadata#705</a></li>
<li>v3.1.0 by <a
href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/692">dependabot/fetch-metadata#692</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/devantler"><code>@devantler</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/700">dependabot/fetch-metadata#700</a></li>
<li><a href="https://github.com/vitorsdcs"><code>@vitorsdcs</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/704">dependabot/fetch-metadata#704</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0">https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="25dd0e34f4"><code>25dd0e3</code></a>
v3.1.0 (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/692">#692</a>)</li>
<li><a
href="e073f50d73"><code>e073f50</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/705">#705</a>
from dependabot/dependabot/npm_and_yarn/hono-4.12.14</li>
<li><a
href="0670e167df"><code>0670e16</code></a>
build(deps-dev): bump hono from 4.12.12 to 4.12.14</li>
<li><a
href="7a7fe10a42"><code>7a7fe10</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/702">#702</a>
from dependabot/dependabot/npm_and_yarn/dependencies-...</li>
<li><a
href="5168191cea"><code>5168191</code></a>
Updating dist build</li>
<li><a
href="23882e175b"><code>23882e1</code></a>
build(deps): bump <code>@actions/github</code> in the dependencies
group</li>
<li><a
href="1072469591"><code>1072469</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/701">#701</a>
from dependabot/dependabot/github_actions/actions/cre...</li>
<li><a
href="43f8a0055c"><code>43f8a00</code></a>
build(deps): bump actions/create-github-app-token from 3.0.0 to
3.1.1</li>
<li><a
href="b4d904a509"><code>b4d904a</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/703">#703</a>
from dependabot/dependabot/npm_and_yarn/globals-17.5.0</li>
<li><a
href="c8046bb877"><code>c8046bb</code></a>
build(deps-dev): bump globals from 17.4.0 to 17.5.0</li>
<li>Additional commits viewable in <a
href="ffa630c65f...25dd0e34f4">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/create-github-app-token` from 3.0.0 to 3.1.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.1</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1">3.1.1</a>
(2026-04-11)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>improve error message when app identifier is empty (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/362">#362</a>)
(<a
href="07e2b76066">07e2b76</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/249">#249</a></li>
</ul>
<h2>v3.1.0</h2>
<h1><a
href="https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0">3.1.0</a>
(2026-04-11)</h1>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump p-retry from 7.1.1 to 8.0.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/357">#357</a>)
(<a
href="3bbe07d928">3bbe07d</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add <code>client-id</code> input and deprecate <code>app-id</code>
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/353">#353</a>)
(<a
href="e6bd4e6970">e6bd4e6</a>)</li>
<li>update permission inputs (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/358">#358</a>)
(<a
href="076e9480ca">076e948</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1b10c78c78"><code>1b10c78</code></a>
build(release): 3.1.1 [skip ci]</li>
<li><a
href="07e2b76066"><code>07e2b76</code></a>
fix: improve error message when app identifier is empty (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/362">#362</a>)</li>
<li><a
href="ea0121618b"><code>ea01216</code></a>
ci: remove publish-immutable-action workflow (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/361">#361</a>)</li>
<li><a
href="7bd0371149"><code>7bd0371</code></a>
build(release): 3.1.0 [skip ci]</li>
<li><a
href="e6bd4e6970"><code>e6bd4e6</code></a>
feat: add <code>client-id</code> input and deprecate <code>app-id</code>
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/353">#353</a>)</li>
<li><a
href="076e9480ca"><code>076e948</code></a>
feat: update permission inputs (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/358">#358</a>)</li>
<li><a
href="3bbe07d928"><code>3bbe07d</code></a>
fix(deps): bump p-retry from 7.1.1 to 8.0.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/357">#357</a>)</li>
<li><a
href="28a99e369c"><code>28a99e3</code></a>
build(deps-dev): bump c8 from 10.1.3 to 11.0.0</li>
<li><a
href="4df50600ef"><code>4df5060</code></a>
build(deps-dev): bump open-cli from 8.0.0 to 9.0.0</li>
<li><a
href="4843c538d9"><code>4843c53</code></a>
build(deps-dev): bump the development-dependencies group with 3
updates</li>
<li>See full diff in <a
href="f8d387b68d...1b10c78c78">compare
view</a></li>
</ul>
</details>
<br />

Updates `ruby/setup-ruby` from 1.300.0 to 1.302.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ruby/setup-ruby/releases">ruby/setup-ruby's
releases</a>.</em></p>
<blockquote>
<h2>v1.302.0</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ruby/setup-ruby/compare/v1.301.0...v1.302.0">https://github.com/ruby/setup-ruby/compare/v1.301.0...v1.302.0</a></p>
<h2>v1.301.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add truffleruby-34.0.0,truffleruby+graalvm-34.0.0 by <a
href="https://github.com/ruby-builder-bot"><code>@ruby-builder-bot</code></a>
in <a
href="https://redirect.github.com/ruby/setup-ruby/pull/901">ruby/setup-ruby#901</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ruby/setup-ruby/compare/v1.300.0...v1.301.0">https://github.com/ruby/setup-ruby/compare/v1.300.0...v1.301.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7372622e62"><code>7372622</code></a>
Give a better error for TruffleRuby 34+ on macOS Intel</li>
<li><a
href="4c56a21280"><code>4c56a21</code></a>
Darwin-x86_64 is no longer supported on TruffleRuby 34+</li>
<li><a
href="5d9c71d71b"><code>5d9c71d</code></a>
Add truffleruby-34.0.0,truffleruby+graalvm-34.0.0</li>
<li>See full diff in <a
href="e65c17d16e...7372622e62">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Julien Goux <hi@jgoux.dev>

2026-04-21 13:36:29 +00:00

.github

chore(deps): bump the actions-minor-patch group across 1 directory with 3 updates (#418 )

2026-04-21 13:36:29 +00:00

.licenses/npm

chore: prepare for v2.0.0 (#405 )

2026-04-03 17:51:37 +02:00

docs

chore: prepare for v2.0.0 (#405 )

2026-04-03 17:51:37 +02:00

src

fix: await main function (#411 )

2026-04-10 10:22:03 +02:00

.bun-version

chore: prepare for v2.0.0 (#405 )

2026-04-03 17:51:37 +02:00

.gitignore

chore: prepare for v2.0.0 (#405 )

2026-04-03 17:51:37 +02:00

.licensed.yml

chore: prepare for v2.0.0 (#405 )

2026-04-03 17:51:37 +02:00

action.yml

chore: prepare for v2.0.0 (#405 )

2026-04-03 17:51:37 +02:00

bun.lock

chore(deps-dev): bump the bun-minor-patch group with 2 updates (#419 )

2026-04-21 15:32:07 +02:00

LICENSE

Initial commit

2022-08-03 21:32:01 +08:00

package.json

chore(deps-dev): bump the bun-minor-patch group with 2 updates (#419 )

2026-04-21 15:32:07 +02:00

README.md

chore: prepare for v2.0.0 (#405 )

2026-04-03 17:51:37 +02:00

tsconfig.json

chore: prepare for v2.0.0 (#405 )

2026-04-03 17:51:37 +02:00

README.md

⚙️ Supabase CLI Action

About

This composite action sets up the Supabase CLI, supabase, on GitHub's hosted Actions runners. Other CI runners like Bitbucket and GitLab are supported via their respective pipelines.

This action can be run on ubuntu-latest, windows-latest, and macos-latest GitHub Actions runners, and will install and expose a specified version of the supabase CLI on the runner environment.

Usage

Setup the supabase CLI:

steps:
  - uses: supabase/setup-cli@v2

If version is omitted, the action checks the repository root for bun.lock, pnpm-lock.yaml, or package-lock.json and uses the declared supabase version. If no supported lockfile is present, it falls back to latest.

A specific version of the supabase CLI can be installed:

steps:
  - uses: supabase/setup-cli@v2
    with:
      version: 2.84.2

Run supabase db start to execute all migrations on a fresh database:

steps:
  - uses: supabase/setup-cli@v2
    with:
      version: latest
  - run: supabase init
  - run: supabase db start

Since Supabase CLI relies on Docker Engine API, additional setup may be required on Windows and macOS runners.

Inputs

The action supports the following inputs:

Name	Type	Description	Default	Required
`version`	String	Supabase CLI version (or `latest`)	Root lockfile version or `latest`	false

Advanced Usage

Check generated TypeScript types are up-to-date with Postgres schema:

steps:
  - uses: supabase/setup-cli@v2
  - run: supabase init
  - run: supabase db start
  - name: Verify generated types match Postgres schema
    run: |
      supabase gen types typescript --local > schema.gen.ts
      if ! git diff --ignore-space-at-eol --exit-code --quiet schema.gen.ts; then
        echo "Detected uncommitted changes after build. See status below:"
        git diff
        exit 1
      fi

Release job to push schema changes to a Supabase project:

env:
  SUPABASE_ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }}
  SUPABASE_DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
  # Retrieve <project-id> from dashboard url: https://app.supabase.com/project/<project-id>
  PROJECT_ID: <project-id>

steps:
  - uses: supabase/setup-cli@v2
  - run: supabase link --project-ref $PROJECT_ID
  - run: supabase db push

Export local Supabase env vars for app tests:

steps:
  - uses: supabase/setup-cli@v2
  - run: supabase init
  - run: supabase start
  - name: Export local Supabase env vars
    run: |
      # Customize the variable names as needed for your app.
      supabase status -o env \
        --override-name api.url=SUPABASE_URL \
        --override-name auth.service_role_key=SUPABASE_SERVICE_ROLE_KEY \
        >> .env.test
  - run: bun test

Develop

After you've cloned the repository to your local machine or codespace, you'll need to perform a few setup steps before you can work on the action.

Note

You'll need a recent version of Bun for local development. This repository includes a .bun-version file for tools that can auto-switch Bun versions.

🛠️ Install the dependencies
```
bun install
```
✅ Run the tests
```
bun test
```
🔍 Run the full local CI suite
```
bun run ci
```

Publish

Create a new GitHub release
Rebase v2 branch on main

Your action is now published! 🚀

See the versioning documentation

Validate

Validate changes by exercising the action from a workflow in this repository (see ci.yml and e2e.yml).

steps:
  - uses: ./
    with:
      version: latest

The CI workflow provides fast smoke coverage across GitHub-hosted runners, and the E2E workflow verifies supabase init and supabase start against supported Postgres versions. See the actions tab for recent runs.