@agentlink.sh/cli 0.11.1 → 0.12.0

package/dist/{chunk-2CNK2BQY.js → chunk-4EUOAXWZ.js}

@@ -505,6 +505,42 @@ async function waitForProjectReady(ref, spinner, timeoutMs = 3e5) {
   Check status at: https://supabase.com/dashboard/project/${ref}`
   );
 }
+async function fetchPoolerUrl(projectRef) {
+  const token = process.env.SUPABASE_ACCESS_TOKEN;
+  if (!token) {
+    throw new Error("SUPABASE_ACCESS_TOKEN is required to fetch pooler config");
+  }
+  const res = await fetch(
+    `https://api.supabase.com/v1/projects/${projectRef}/config/database/pooler`,
+    {
+      headers: { Authorization: `Bearer ${token}` }
+    }
+  );
+  if (!res.ok) {
+    const body = await res.text();
+    throw new Error(`Failed to fetch pooler config (${res.status}): ${body}`);
+  }
+  const entries = await res.json();
+  const pooler = entries.find(
+    (e) => e.database_type === "PRIMARY" && e.pool_mode === "transaction"
+  ) ?? entries.find(
+    (e) => e.database_type === "PRIMARY"
+  ) ?? entries[0];
+  if (!pooler) {
+    throw new Error("No pooler configuration found for project");
+  }
+  return {
+    host: pooler.db_host,
+    port: pooler.db_port,
+    user: pooler.db_user,
+    dbName: pooler.db_name,
+    connectionString: pooler.connection_string
+  };
+}
+async function resolvePoolerDbUrl(projectRef, password) {
+  const pooler = await fetchPoolerUrl(projectRef);
+  return `postgresql://${pooler.user}:${encodeURIComponent(password)}@${pooler.host}:${pooler.port}/${pooler.dbName}`;
+}
 function saveProjectCredential(projectRef, dbPassword) {
   const creds = loadCredentials();
   if (!creds.project_credentials) {
@@ -584,6 +620,8 @@ export {
   updatePostgrestConfig,
   updateAuthConfig,
   waitForProjectReady,
+  fetchPoolerUrl,
+  resolvePoolerDbUrl,
   saveProjectCredential,
   loadProjectCredential,
   resolveDbUrlForEnv,

package/dist/{cloud-2AWCJAG5.js → cloud-QNZQNIS5.js}

@@ -4,6 +4,7 @@ import {
   credentialsPath,
   detectClosestRegion,
   ensureAccessToken,
+  fetchPoolerUrl,
   getApiKeys,
   getProject,
   listOrganizations,
@@ -13,6 +14,7 @@ import {
   loadCredentials,
   loadProjectCredential,
   resolveDbUrlForEnv,
+  resolvePoolerDbUrl,
   runCloudSQL,
   saveCredentials,
   saveProjectCredential,
@@ -20,13 +22,14 @@ import {
   updateAuthConfig,
   updatePostgrestConfig,
   waitForProjectReady
-} from "./chunk-2CNK2BQY.js";
+} from "./chunk-4EUOAXWZ.js";
 import "./chunk-G3HVUCWY.js";
 export {
   createProject,
   credentialsPath,
   detectClosestRegion,
   ensureAccessToken,
+  fetchPoolerUrl,
   getApiKeys,
   getProject,
   listOrganizations,
@@ -36,6 +39,7 @@ export {
   loadCredentials,
   loadProjectCredential,
   resolveDbUrlForEnv,
+  resolvePoolerDbUrl,
   runCloudSQL,
   saveCredentials,
   saveProjectCredential,

package/dist/index.js

@@ -16,6 +16,7 @@ import {
   loadCredentials,
   loadProjectCredential,
   resolveDbUrlForEnv,
+  resolvePoolerDbUrl,
   runCloudSQL,
   runCommand,
   saveCredentials,
@@ -26,7 +27,7 @@ import {
   updatePostgrestConfig,
   validateProjectName,
   waitForProjectReady
-} from "./chunk-2CNK2BQY.js";
+} from "./chunk-4EUOAXWZ.js";
 import {
   SKILLS_VERSION,
   SUPPORTED_SUPABASE_CLI,
@@ -1530,6 +1531,7 @@ async function check(envFlag) {
 import fs5 from "fs";
 import os from "os";
 import path5 from "path";
+import { input } from "@inquirer/prompts";
 function stripQuotes(val) {
   if (val.startsWith('"') && val.endsWith('"') || val.startsWith("'") && val.endsWith("'")) {
     return val.slice(1, -1);
@@ -1734,12 +1736,130 @@ Migration created: supabase/migrations/${filename}`);
     fs5.rmSync(tmpDir, { recursive: true, force: true });
   }
 }
+async function dbRebuild(options) {
+  const cwd = options.cwd;
+  const migrationsDir = path5.join(cwd, "supabase", "migrations");
+  if (fs5.existsSync(migrationsDir)) {
+    const files = fs5.readdirSync(migrationsDir).filter((f) => f.endsWith(".sql"));
+    for (const file of files) {
+      fs5.unlinkSync(path5.join(migrationsDir, file));
+    }
+    console.log(`Deleted ${files.length} migration file(s)`);
+  }
+  const progressPath2 = path5.join(cwd, ".agentlink-progress.json");
+  if (fs5.existsSync(progressPath2)) {
+    fs5.unlinkSync(progressPath2);
+    console.log("Cleared scaffold progress");
+  }
+  console.log("\nRe-applying schemas...");
+  await dbApply({ cwd, dbUrl: options.dbUrl, env: options.env, skipTypes: true });
+  console.log("\nRegenerating migration...");
+  await dbMigrate("agentlink_setup", { cwd, dbUrl: options.dbUrl, env: options.env });
+  console.log("\nGenerating types...");
+  try {
+    await dbTypes({ cwd, dbUrl: options.dbUrl, env: options.env });
+  } catch (err) {
+    console.warn(`Warning: type generation failed \u2014 ${err.message}`);
+  }
+  console.log("\nDone. Database rebuilt from schema files.");
+}
+async function dbUrlCheck(options) {
+  const mode = await resolveDbMode(options.cwd, options.dbUrl, options.env);
+  if (mode.kind !== "cloud" || !mode.projectRef) {
+    const dbUrl = await resolveDbUrl(options.cwd, options.dbUrl);
+    console.log(dbUrl);
+    return;
+  }
+  await ensureAccessToken(true, options.cwd);
+  const password = loadProjectCredential(mode.projectRef);
+  if (!password) {
+    throw new Error(
+      `No stored password for project ${mode.projectRef}.
+  Run: agentlink env relink dev`
+    );
+  }
+  const poolerUrl = await resolvePoolerDbUrl(mode.projectRef, password);
+  console.log(`Pooler URL: ${poolerUrl}`);
+  const currentUrl = readEnvValue(options.cwd, "SUPABASE_DB_URL");
+  if (currentUrl === poolerUrl) {
+    console.log("\u2714 .env.local is up to date");
+    return;
+  }
+  if (currentUrl) {
+    console.log(`
+Current:  ${currentUrl}`);
+    console.log(`Expected: ${poolerUrl}`);
+  }
+  if (options.fix) {
+    const envPath = path5.join(options.cwd, ".env.local");
+    if (fs5.existsSync(envPath)) {
+      let content = fs5.readFileSync(envPath, "utf-8");
+      if (/^SUPABASE_DB_URL=/m.test(content)) {
+        content = content.replace(/^SUPABASE_DB_URL=.*$/m, `SUPABASE_DB_URL=${poolerUrl}`);
+      } else {
+        content = content.trimEnd() + `
+SUPABASE_DB_URL=${poolerUrl}
+`;
+      }
+      fs5.writeFileSync(envPath, content);
+      console.log("\n\u2714 .env.local updated with correct pooler URL");
+    }
+  } else if (currentUrl !== poolerUrl) {
+    console.log("\nRun with --fix to update .env.local");
+  }
+}
+var passwordTheme = {
+  prefix: { idle: blue("?"), done: blue("\u2714") },
+  style: {
+    answer: (text) => amber(text),
+    message: (text) => bold(text),
+    help: (text) => dim(text)
+  }
+};
+async function dbPassword(cwd, value) {
+  const manifest = readManifest(cwd);
+  if (!manifest) {
+    throw new Error("No agentlink.json found. Run `agentlink` to scaffold a project first.");
+  }
+  const defaultEnv = manifest.cloud?.default;
+  if (!defaultEnv || defaultEnv === "local" || !manifest.cloud?.environments?.[defaultEnv]) {
+    throw new Error("No cloud environment configured. This command is for cloud projects.");
+  }
+  const env2 = manifest.cloud.environments[defaultEnv];
+  const projectRef = env2.projectRef;
+  if (value) {
+    saveProjectCredential(projectRef, value);
+    console.log(`Password saved for project ${dim(projectRef)}`);
+  } else {
+    const current = loadProjectCredential(projectRef);
+    if (current) {
+      const masked = current.length > 8 ? current.slice(0, 4) + "\u25CF".repeat(current.length - 8) + current.slice(-4) : "\u25CF".repeat(current.length);
+      console.log(`Current password: ${dim(masked)} (project: ${projectRef})`);
+      console.log();
+    }
+    const resetUrl = `https://supabase.com/dashboard/project/${projectRef}/settings/database`;
+    console.log(`  ${dim("Reset your password at:")}`);
+    console.log(`  ${dim(resetUrl)}`);
+    console.log();
+    const newPassword = await input({
+      message: "Database password:",
+      theme: passwordTheme,
+      transformer: (v, { isFinal }) => {
+        if (isFinal) return "\u25CF".repeat(Math.min(v.length, 8));
+        return "\u25CF".repeat(v.length);
+      },
+      validate: (val) => val.trim().length > 0 || "Password is required"
+    });
+    saveProjectCredential(projectRef, newPassword.trim());
+    console.log(`Password saved for project ${dim(projectRef)}`);
+  }
+}
 
 // src/deploy.ts
 import fs6 from "fs";
 import os2 from "os";
 import path6 from "path";
-import { confirm, input } from "@inquirer/prompts";
+import { confirm, input as input2 } from "@inquirer/prompts";
 
 // src/migration-analysis.ts
 var PATTERNS = [
@@ -1946,8 +2066,8 @@ async function resolveEnvironments(cwd, opts) {
   }
   await ensureAccessToken(opts.ci, cwd);
   const targetEnv = resolveCloudEnv(manifest.cloud, targetName);
-  const dbPassword = resolveTargetPassword(targetEnv.projectRef);
-  const targetDbUrl = resolveDbUrlForEnv(targetEnv, dbPassword);
+  const dbPassword2 = resolveTargetPassword(targetEnv.projectRef);
+  const targetDbUrl = resolveDbUrlForEnv(targetEnv, dbPassword2);
   const devDbUrl = await resolveDbUrl(cwd);
   return { devDbUrl, targetEnv, targetDbUrl, targetName };
 }
@@ -2112,7 +2232,7 @@ async function syncSecrets(cwd, resolved, opts) {
 `);
   const toSet = {};
   for (const key of missingKeys) {
-    const value = await input({
+    const value = await input2({
       message: `${key}:`,
       theme,
       validate: (val) => val.trim().length > 0 || "Value is required (press Ctrl+C to skip all)"
@@ -2128,7 +2248,7 @@ async function syncSecrets(cwd, resolved, opts) {
 // src/env.ts
 import fs8 from "fs";
 import path8 from "path";
-import { confirm as confirm2, input as input2, select } from "@inquirer/prompts";
+import { confirm as confirm2, input as input3, select } from "@inquirer/prompts";
 
 // src/claude-md.ts
 import fs7 from "fs";
@@ -2272,14 +2392,14 @@ async function envAdd(name, cwd, opts = {}) {
   }
   await ensureAccessToken(opts.nonInteractive, cwd);
   let env2;
-  let dbPassword;
+  let dbPassword2;
   if (opts.projectRef) {
     const projects = await listProjects();
     const project = projects.find((p) => p.id === opts.projectRef);
     if (!project) {
       throw new Error(`Project ${opts.projectRef} not found.`);
     }
-    dbPassword = await promptForPassword(opts.nonInteractive);
+    dbPassword2 = await promptForPassword(opts.nonInteractive, project.id);
     env2 = {
       projectRef: project.id,
       region: project.region,
@@ -2299,17 +2419,17 @@ async function envAdd(name, cwd, opts = {}) {
     if (method === "existing") {
       const result = await connectExistingProject();
       env2 = result.env;
-      dbPassword = result.dbPassword;
+      dbPassword2 = result.dbPassword;
     } else {
       const result = await createNewProject(name, opts);
       env2 = result.env;
-      dbPassword = result.dbPassword;
+      dbPassword2 = result.dbPassword;
     }
   }
   addCloudEnvironment(cwd, name, env2);
   console.log(`
   ${blue("\u2714")} Environment "${name}" added to agentlink.json`);
-  saveProjectCredential(env2.projectRef, dbPassword);
+  saveProjectCredential(env2.projectRef, dbPassword2);
   console.log(`  ${blue("\u2714")} Credentials stored securely`);
   if (name.startsWith("dev") || name === "staging") {
     const shouldSync = opts.nonInteractive ? false : await confirm2({
@@ -2331,7 +2451,7 @@ async function envAdd(name, cwd, opts = {}) {
     console.log(`  Deploy with: ${dim("npx @agentlink.sh/cli@latest deploy --env " + name)}`);
   }
 }
-async function promptForPassword(nonInteractive) {
+async function promptForPassword(nonInteractive, projectRef) {
   if (nonInteractive) {
     const envPass = process.env.SUPABASE_DB_PASSWORD;
     if (!envPass) {
@@ -2339,7 +2459,13 @@ async function promptForPassword(nonInteractive) {
     }
     return envPass;
   }
-  return await input2({
+  if (projectRef) {
+    const resetUrl = `https://supabase.com/dashboard/project/${projectRef}/settings/database`;
+    console.log(`  ${dim("Don't know the password? Reset it at:")}`);
+    console.log(`  ${dim(resetUrl)}`);
+    console.log();
+  }
+  return await input3({
     message: "Database password:",
     theme: theme2,
     transformer: (value, { isFinal }) => {
@@ -2363,18 +2489,18 @@ async function connectExistingProject() {
     }))
   });
   const project = projects.find((p) => p.id === projectRef);
-  const dbPassword = await promptForPassword();
+  const dbPassword2 = await promptForPassword(false, project.id);
   return {
     env: {
       projectRef: project.id,
       region: project.region,
       apiUrl: `https://${project.id}.supabase.co`
     },
-    dbPassword
+    dbPassword: dbPassword2
   };
 }
 async function createNewProject(envName, opts) {
-  const { listOrganizations: listOrganizations2, listRegions: listRegions2 } = await import("./cloud-2AWCJAG5.js");
+  const { listOrganizations: listOrganizations2, listRegions: listRegions2 } = await import("./cloud-QNZQNIS5.js");
   const orgs = await listOrganizations2();
   if (orgs.length === 0) {
     throw new Error("No Supabase organizations found. Create one at https://supabase.com/dashboard.");
@@ -2390,13 +2516,13 @@ async function createNewProject(envName, opts) {
     theme: theme2,
     choices: regions.map((r) => ({ name: `${r.name} (${r.id})`, value: r.id }))
   });
-  const projectName = await input2({
+  const projectName = await input3({
     message: "Project name:",
     default: `agentlink-${envName}`,
     theme: theme2
   });
   const { randomBytes } = await import("crypto");
-  const dbPassword = randomBytes(24).toString("base64url");
+  const dbPassword2 = randomBytes(24).toString("base64url");
   console.log(`
   Creating project "${projectName}" in ${region}...
 `);
@@ -2404,7 +2530,7 @@ async function createNewProject(envName, opts) {
     orgId,
     name: projectName,
     region,
-    dbPass: dbPassword
+    dbPass: dbPassword2
   });
   await waitForProjectReady(project.id);
   console.log(`  ${blue("\u2714")} Project created: ${project.id}`);
@@ -2414,7 +2540,7 @@ async function createNewProject(envName, opts) {
       region: project.region,
       apiUrl: `https://${project.id}.supabase.co`
     },
-    dbPassword
+    dbPassword: dbPassword2
   };
 }
 async function envUse(name, cwd) {
@@ -2463,7 +2589,7 @@ async function envUse(name, cwd) {
     await ensureAccessToken(true, cwd);
     const env2 = manifest.cloud.environments[name];
     const keys = await getApiKeys(env2.projectRef);
-    const dbPassword = loadProjectCredential(env2.projectRef);
+    const dbPassword2 = loadProjectCredential(env2.projectRef);
     const frontend = manifest.frontend;
     const urlKey = frontend === "nextjs" ? "NEXT_PUBLIC_SUPABASE_URL" : "VITE_SUPABASE_URL";
     const keyKey = frontend === "nextjs" ? "NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY" : "VITE_SUPABASE_PUBLISHABLE_KEY";
@@ -2473,8 +2599,8 @@ async function envUse(name, cwd) {
       SB_PUBLISHABLE_KEY: keys.publishableKey,
       SB_SECRET_KEY: keys.secretKey
     };
-    if (dbPassword) {
-      vars.SUPABASE_DB_URL = resolveDbUrlForEnv(env2, dbPassword);
+    if (dbPassword2) {
+      vars.SUPABASE_DB_URL = resolveDbUrlForEnv(env2, dbPassword2);
     }
   }
   writeManagedEnv(cwd, name, vars);
@@ -2529,6 +2655,120 @@ async function envRemove(name, cwd, opts = {}) {
   removeCloudEnvironment(cwd, name);
   console.log(`  ${blue("\u2714")} Environment "${name}" removed.`);
 }
+async function envRelink(name, cwd, opts = {}) {
+  const manifest = readManifest(cwd);
+  if (!manifest) {
+    throw new Error("No agentlink.json found. Run `agentlink` to scaffold a project first.");
+  }
+  if (opts.token) {
+    process.env.SUPABASE_ACCESS_TOKEN = opts.token;
+  }
+  await ensureAccessToken(opts.nonInteractive, cwd);
+  let env2;
+  let dbPassword2;
+  if (opts.projectRef) {
+    const projects = await listProjects();
+    const project = projects.find((p) => p.id === opts.projectRef);
+    if (!project) {
+      throw new Error(`Project ${opts.projectRef} not found.`);
+    }
+    dbPassword2 = await promptForPassword(opts.nonInteractive, project.id);
+    env2 = {
+      projectRef: project.id,
+      region: project.region,
+      apiUrl: `https://${project.id}.supabase.co`
+    };
+  } else if (opts.nonInteractive) {
+    throw new Error("--project-ref is required in non-interactive mode.");
+  } else {
+    const method = await select({
+      message: `How do you want to relink the "${name}" environment?`,
+      theme: theme2,
+      choices: [
+        { name: "Connect an existing Supabase project", value: "existing" },
+        { name: "Create a new Supabase project", value: "new" }
+      ]
+    });
+    if (method === "existing") {
+      const result = await connectExistingProject();
+      env2 = result.env;
+      dbPassword2 = result.dbPassword;
+    } else {
+      const result = await createNewProject(name, opts);
+      env2 = result.env;
+      dbPassword2 = result.dbPassword;
+    }
+  }
+  if (!manifest.cloud) {
+    manifest.cloud = { default: "local", environments: {} };
+  }
+  manifest.cloud.environments[name] = env2;
+  writeManifest(cwd, manifest);
+  console.log(`
+  ${blue("\u2714")} Environment "${name}" relinked to ${env2.projectRef}`);
+  saveProjectCredential(env2.projectRef, dbPassword2);
+  console.log(`  ${blue("\u2714")} Credentials stored securely`);
+  const keys = await getApiKeys(env2.projectRef);
+  let dbUrl;
+  try {
+    dbUrl = await resolvePoolerDbUrl(env2.projectRef, dbPassword2);
+  } catch {
+    dbUrl = resolveDbUrlForEnv(env2, dbPassword2);
+  }
+  const frontend = manifest.frontend;
+  const urlKey = frontend === "nextjs" ? "NEXT_PUBLIC_SUPABASE_URL" : "VITE_SUPABASE_URL";
+  const keyKey = frontend === "nextjs" ? "NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY" : "VITE_SUPABASE_PUBLISHABLE_KEY";
+  writeManagedEnv(cwd, name, {
+    [urlKey]: env2.apiUrl,
+    [keyKey]: keys.publishableKey,
+    SB_PUBLISHABLE_KEY: keys.publishableKey,
+    SB_SECRET_KEY: keys.secretKey,
+    SUPABASE_DB_URL: dbUrl
+  });
+  console.log(`  ${blue("\u2714")} .env.local updated (pooler URL from API)`);
+  writeClaudeMd({
+    projectDir: cwd,
+    mode: "cloud",
+    projectRef: env2.projectRef,
+    region: env2.region,
+    envName: name
+  });
+  console.log(`  ${blue("\u2714")} CLAUDE.md updated`);
+  console.log(`
+  ${blue("\u25CF")} Linking to Supabase project...`);
+  await runCommand(
+    `${sb()} link --project-ref ${env2.projectRef}`,
+    cwd,
+    void 0,
+    { SUPABASE_DB_PASSWORD: dbPassword2 }
+  );
+  console.log(`  ${blue("\u2714")} Linked`);
+  const migrationsDir = path8.join(cwd, "supabase", "migrations");
+  const hasMigrations = fs8.existsSync(migrationsDir) && fs8.readdirSync(migrationsDir).some((f) => f.endsWith(".sql"));
+  if (hasMigrations) {
+    console.log(`
+  ${blue("\u25CF")} Pushing migrations to new project...`);
+    await runCommand(
+      `${sb()} db push`,
+      cwd,
+      void 0,
+      { SUPABASE_DB_PASSWORD: dbPassword2 }
+    );
+    console.log(`  ${blue("\u2714")} Migrations pushed`);
+  }
+  const functionsDir = path8.join(cwd, "supabase", "functions");
+  if (fs8.existsSync(functionsDir)) {
+    const hasFunctions = fs8.readdirSync(functionsDir, { withFileTypes: true }).some((e) => e.isDirectory() && !e.name.startsWith("_"));
+    if (hasFunctions) {
+      console.log(`
+  ${blue("\u25CF")} Deploying edge functions...`);
+      await runCommand(`${sb()} functions deploy --project-ref ${env2.projectRef}`, cwd);
+      console.log(`  ${blue("\u2714")} Edge functions deployed`);
+    }
+  }
+  console.log(`
+  ${blue("Done.")} Environment "${name}" relinked to ${dim(env2.projectRef)}`);
+}
 async function scaffoldCiTemplate(cwd, envName) {
   const workflowDir = path8.join(cwd, ".github", "workflows");
   fs8.mkdirSync(workflowDir, { recursive: true });
@@ -3395,7 +3635,7 @@ import { execSync } from "child_process";
 import fs15 from "fs";
 import path15 from "path";
 import { fileURLToPath as fileURLToPath2 } from "url";
-import { confirm as confirm5, input as input4, select as select3 } from "@inquirer/prompts";
+import { confirm as confirm5, input as input5, select as select3 } from "@inquirer/prompts";
 
 // src/banner.ts
 var TITLE = [
@@ -3517,7 +3757,7 @@ function clearSession(name) {
 // src/scaffold.ts
 import fs13 from "fs";
 import path13 from "path";
-import { confirm as confirm3, input as input3 } from "@inquirer/prompts";
+import { confirm as confirm3, input as input4 } from "@inquirer/prompts";
 
 // src/claude-settings.ts
 import fs12 from "fs";
@@ -3761,7 +4001,7 @@ async function scaffold(options) {
         console.log(dim(`  If you don't know this password you can reset it from your Supabase dashboard:`));
         console.log(dim(`  ${link(resetUrl)}`));
         console.log();
-        const dbPass2 = await input3({
+        const dbPass2 = await input4({
           message: "Database password for existing project",
           theme: theme3,
           validate: (val) => val.trim().length > 0 || "Password is required"
@@ -3849,16 +4089,19 @@ SUPABASE_DB_PASSWORD=${ctx.dbPass}
       }
       spinner.text = "Setting up database \u2014 Pushing infrastructure migrations";
       await runCommand(`${sb()} db push`, projectDir, void 0, cloudEnv);
-      spinner.text = "Setting up database \u2014 Writing application migration";
-      const setupBase = /* @__PURE__ */ new Date();
-      const setupContent = getTemplateSQLEntries().join("\n\n");
       const migrationsDir = path13.join(projectDir, "supabase", "migrations");
-      const setupVersion = setupBase.toISOString().replace(/\D/g, "").slice(0, 14);
-      const setupFilename = `${setupVersion}_agentlink_setup.sql`;
-      fs13.writeFileSync(path13.join(migrationsDir, setupFilename), setupContent);
-      spinner.text = "Setting up database \u2014 Writing post-setup migrations";
-      const postBase = new Date(setupBase.getTime() + 2e3);
-      writeMigrationTemplates(projectDir, POST_SETUP_MIGRATIONS, postBase);
+      const existingSetup = fs13.readdirSync(migrationsDir).find((f) => f.endsWith("_agentlink_setup.sql"));
+      if (!existingSetup) {
+        spinner.text = "Setting up database \u2014 Writing application migration";
+        const setupBase = /* @__PURE__ */ new Date();
+        const setupContent = getTemplateSQLEntries().join("\n\n");
+        const setupVersion = setupBase.toISOString().replace(/\D/g, "").slice(0, 14);
+        const setupFilename = `${setupVersion}_agentlink_setup.sql`;
+        fs13.writeFileSync(path13.join(migrationsDir, setupFilename), setupContent);
+        spinner.text = "Setting up database \u2014 Writing post-setup migrations";
+        const postBase = new Date(setupBase.getTime() + 2e3);
+        writeMigrationTemplates(projectDir, POST_SETUP_MIGRATIONS, postBase);
+      }
       spinner.text = "Setting up database \u2014 Pushing migrations";
       await runCommand(`${sb()} db push`, projectDir, void 0, cloudEnv);
       spinner.text = "Setting up database \u2014 Storing vault secrets";
@@ -3903,19 +4146,22 @@ SUPABASE_DB_PASSWORD=${ctx.dbPass}
       for (const sql of getTemplateSQLEntries()) {
         await runSQL(sql, ctx.dbUrl);
       }
-      spinner.text = "Setting up database \u2014 Writing application migration";
-      const setupBase = /* @__PURE__ */ new Date();
-      const setupContent = getTemplateSQLEntries().join("\n\n");
       const migrationsDir = path13.join(projectDir, "supabase", "migrations");
-      const setupVersion = setupBase.toISOString().replace(/\D/g, "").slice(0, 14);
-      const setupFilename = `${setupVersion}_agentlink_setup.sql`;
-      fs13.writeFileSync(path13.join(migrationsDir, setupFilename), setupContent);
-      await repairMigrations(projectDir, [setupVersion]);
-      spinner.text = "Setting up database \u2014 Writing post-setup migrations";
-      const postBase = new Date(setupBase.getTime() + 2e3);
-      const postVersions = writeMigrationTemplates(projectDir, POST_SETUP_MIGRATIONS, postBase);
-      if (postVersions.length > 0) {
-        await repairMigrations(projectDir, postVersions);
+      const existingSetup = fs13.readdirSync(migrationsDir).find((f) => f.endsWith("_agentlink_setup.sql"));
+      if (!existingSetup) {
+        spinner.text = "Setting up database \u2014 Writing application migration";
+        const setupBase = /* @__PURE__ */ new Date();
+        const setupContent = getTemplateSQLEntries().join("\n\n");
+        const setupVersion = setupBase.toISOString().replace(/\D/g, "").slice(0, 14);
+        const setupFilename = `${setupVersion}_agentlink_setup.sql`;
+        fs13.writeFileSync(path13.join(migrationsDir, setupFilename), setupContent);
+        await repairMigrations(projectDir, [setupVersion]);
+        spinner.text = "Setting up database \u2014 Writing post-setup migrations";
+        const postBase = new Date(setupBase.getTime() + 2e3);
+        const postVersions = writeMigrationTemplates(projectDir, POST_SETUP_MIGRATIONS, postBase);
+        if (postVersions.length > 0) {
+          await repairMigrations(projectDir, postVersions);
+        }
       }
       spinner.text = "Setting up database \u2014 Storing vault secrets";
       await runSQL(seedSQL(ctx.publishableKey, ctx.secretKey), ctx.dbUrl);
@@ -4733,7 +4979,7 @@ Run without --resume to start fresh.`
       if (nonInteractive) {
         throw new Error("Project name required in non-interactive mode. Provide a name as the first argument.");
       }
-      name = await input4({
+      name = await input5({
         message: "Project name",
         default: "my-app",
         theme: theme5,
@@ -4757,7 +5003,7 @@ ${red("Error:")} ${error}`);
     if (nonInteractive) {
       throw new Error("Project name required in non-interactive mode. Provide a name as the first argument.");
     }
-    name = await input4({
+    name = await input5({
       message: "Project name",
       default: "my-app",
       theme: theme5,
@@ -4972,7 +5218,7 @@ program.command("info [name]").description("Show documentation about AgentLink c
 program.command("login").description("Authenticate with Supabase via OAuth (opens browser)").action(async () => {
   try {
     const { oauthLogin } = await import("./oauth-VTSNCG7U.js");
-    const { saveCredentials: saveCredentials2, loadCredentials: loadCredentials2, credentialsPath: credentialsPath2 } = await import("./cloud-2AWCJAG5.js");
+    const { saveCredentials: saveCredentials2, loadCredentials: loadCredentials2, credentialsPath: credentialsPath2 } = await import("./cloud-QNZQNIS5.js");
     console.log();
     const tokens = await oauthLogin();
     saveCredentials2({
@@ -5086,6 +5332,35 @@ ${red("Error:")} ${err.message}`);
     process.exit(1);
   }
 });
+db.command("rebuild").description("Nuke migrations, re-apply schemas, and regenerate migration files").option("--debug", "Write debug log to agentlink-debug.log").option("--db-url <url>", "Database URL (auto-detects from .env.local or supabase status)").option("--env <name>", "Target cloud environment").action(async (opts) => {
+  if (opts.debug) initLog(true);
+  try {
+    await dbRebuild({ dbUrl: opts.dbUrl, cwd: process.cwd(), env: opts.env });
+  } catch (err) {
+    console.error(`
+${red("Error:")} ${err.message}`);
+    process.exit(1);
+  }
+});
+db.command("url").description("Show the correct pooler DB URL from Supabase (--fix to update .env.local)").option("--fix", "Update .env.local with the correct URL").option("--debug", "Write debug log to agentlink-debug.log").option("--db-url <url>", "Database URL (auto-detects from .env.local or supabase status)").option("--env <name>", "Target cloud environment").action(async (opts) => {
+  if (opts.debug) initLog(true);
+  try {
+    await dbUrlCheck({ dbUrl: opts.dbUrl, cwd: process.cwd(), env: opts.env, fix: opts.fix });
+  } catch (err) {
+    console.error(`
+${red("Error:")} ${err.message}`);
+    process.exit(1);
+  }
+});
+db.command("password [value]").description("Show or set the database password for the active cloud project").action(async (value) => {
+  try {
+    await dbPassword(process.cwd(), value);
+  } catch (err) {
+    console.error(`
+${red("Error:")} ${err.message}`);
+    process.exit(1);
+  }
+});
 program.addCommand(db);
 program.command("deploy").description("Deploy schema changes and edge functions to a target environment").option("--env <name>", "Target environment (default: prod)").option("--ci", "Non-interactive mode for CI/CD").option("--allow-warnings", "Proceed past data-risk warnings (CI only)").option("--dry-run", "Show what would be deployed without applying").option("--setup-ci", "Scaffold GitHub Actions workflow").option("--debug", "Write debug log to agentlink-debug.log").action(async (opts) => {
   if (opts.debug) initLog(true);
@@ -5127,6 +5402,16 @@ ${red("Error:")} ${err.message}`);
     process.exit(1);
   }
 });
+env.command("relink <name>").description("Relink an environment to a new Supabase project (keeps migrations)").option("--token <token>", "Supabase access token").option("--org <id>", "Supabase organization ID").option("--region <region>", "Supabase Cloud region").option("--project-ref <ref>", "Connect to an existing Supabase project").option("--non-interactive", "Error instead of prompting").option("--debug", "Write debug log to agentlink-debug.log").action(async (name, opts) => {
+  if (opts.debug) initLog(true);
+  try {
+    await envRelink(name, process.cwd(), opts);
+  } catch (err) {
+    console.error(`
+${red("Error:")} ${err.message}`);
+    process.exit(1);
+  }
+});
 env.command("remove <name>").description("Remove a cloud environment").option("-y, --yes", "Skip confirmation").option("--debug", "Write debug log to agentlink-debug.log").action(async (name, opts) => {
   if (opts.debug) initLog(true);
   try {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentlink.sh/cli",
-  "version": "0.11.1",
+  "version": "0.12.0",
   "description": "CLI for scaffolding Supabase apps with AI agents",
   "bin": {
     "agentlink": "dist/index.js"