chore(deps): bump supabase/setup-cli from 1 to 2

[dependabot]

Bumps supabase/setup-cli from 1 to 2.

Release notes

Sourced from supabase/setup-cli's releases.

v2.0.0

This major release refreshes the action internals, CI coverage, and release pipeline while keeping usage straightforward with uses: supabase/setup-cli@v2.

Highlights

• Switched the action implementation to a composite action flow and modernized runtime/dependency setup.
• Improved CLI version resolution: when version is omitted, the action now detects it from root lockfiles (bun.lock, pnpm-lock.yaml, package-lock.json) and falls back to latest.
• Expanded validation with dedicated CI + E2E workflows and updated docs/examples around @v2.
• Hardened repository automation and supply-chain posture (pinned actions, Dependabot workflow/policy updates, licensed workflow fixes).
• Migrated away from old bundled distribution/test setup to a cleaner Bun-based project structure.

Maintenance updates

• Dependency refreshes across Bun/TypeScript and GitHub Actions tooling.
• Documentation and workflow cleanup for long-term maintainability.

Contributors

Thanks to everyone who contributed to this release:

• @​staaldraad
• @​martindonadieu

Full changelog

36 commits between v1.6.0 and v2.0.0
Compare changes

v1.7.1

Backport the Alpine/Linux musl runtime dependency fix to the v1 action channel.

• Install missing libstdc++ and libgcc before verifying Supabase CLI versions from .apk archives.
• Keep non-.apk archive installs unchanged.
• Rebuild the bundled v1 action artifact.

Validation: https://github.com/jgoux/setup-cli-testing/actions/runs/26172791463

v1.7.0

Backport Linux musl/Alpine support to the v1 action channel.

• Download Supabase CLI .apk assets for Linux musl and CLI versions v2.99.0+.
• Add the extracted .apk usr/bin directory to PATH.
• Support authenticated latest release lookup with the optional github-token input.

v1.6.1

Backport latest Supabase CLI archive resolution for v2.99.0+ to the v1 action channel.

v1.6.0

What's Changed

• chore: update code owners by @​sweatybridge in supabase/setup-cli#327
• ci: explicit permissions on actions by @​doublethink in supabase/setup-cli#326

... (truncated)

Commits

• 3c2f5e2 fix: install Alpine runtime dependencies (#433)
• 365cb46 chore(deps-dev): bump the bun-minor-patch group across 1 directory with 4 upd...
• e0099b2 chore(deps): bump the actions-minor-patch group across 1 directory with 2 upd...
• 52a4467 fix: setup-cli on Linux musl containers (#431)
• 3095b00 fix: authenticate latest release lookup (#430)
• a4d563a fix: handle Supabase CLI v2.99 archives (#425)
• 0abc813 chore(deps): bump the bun-minor-patch group with 5 updates (#421)
• f55616e fix: cache licensed action (#422)
• 2df3f5f chore(deps): bump the actions-minor-patch group across 1 directory with 3 upd...
• df56b21 chore(deps-dev): bump the bun-minor-patch group with 2 updates (#419)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)