ci(deps): bump supabase/setup-cli from 1.6.0 to 2.0.0

[dependabot]

Bumps the third-party group with 1 update: supabase/setup-cli.

Updates supabase/setup-cli from 1.6.0 to 2.0.0

Release notes

Sourced from supabase/setup-cli's releases.

v2.0.0

This major release refreshes the action internals, CI coverage, and release pipeline while keeping usage straightforward with uses: supabase/setup-cli@v2.

Highlights

• Switched the action implementation to a composite action flow and modernized runtime/dependency setup.
• Improved CLI version resolution: when version is omitted, the action now detects it from root lockfiles (bun.lock, pnpm-lock.yaml, package-lock.json) and falls back to latest.
• Expanded validation with dedicated CI + E2E workflows and updated docs/examples around @v2.
• Hardened repository automation and supply-chain posture (pinned actions, Dependabot workflow/policy updates, licensed workflow fixes).
• Migrated away from old bundled distribution/test setup to a cleaner Bun-based project structure.

Maintenance updates

• Dependency refreshes across Bun/TypeScript and GitHub Actions tooling.
• Documentation and workflow cleanup for long-term maintainability.

Contributors

Thanks to everyone who contributed to this release:

• @​staaldraad
• @​martindonadieu

Full changelog

36 commits between v1.6.0 and v2.0.0
Compare changes

Commits

• df56b21 chore(deps-dev): bump the bun-minor-patch group with 2 updates (#419)
• 6c93bde chore(deps-dev): bump @​types/bun from 1.3.11 to 1.3.12 in the bun-minor-patch...
• 7fcab5b chore(deps-dev): bump @​typescript/native-preview from 7.0.0-dev.20260409.1 to...
• 6081904 [codex] fix dependabot actions cooldown config (#414)
• c099ad8 fix: auto-approval and refine dependabot policy (#412)
• afb0a59 fix: await main function (#411)
• 7fef86c fix: licensed workflow trigger (#413)
• 337fb0d chore(deps-dev): bump @​typescript/native-preview from 7.0.0-dev.20260401.1 to...
• 33d1b57 chore(deps-dev): bump the bun-development group with 3 updates (#408)
• 24d47d8 chore(deps): bump ruby/setup-ruby from 1.299.0 to 1.300.0 in the actions-mino...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
tryvit	Ready	Preview, Comment	Apr 30, 2026 10:26am