@pb-admin/cli 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,114 @@
+# @pb-admin/cli
+
+CLI to manage PocketBase collections, rules, and schema across multiple instances.
+
+## Features
+
+- **Schema Management** - Pull/push collection fields
+- **Rules Management** - Manage list/view/create/update/delete rules
+- **Multiple Instances** - Login to different PocketBase servers
+- **Diff & Apply** - Compare local config vs live, then apply changes
+- **Interactive** - Login, view collections, select options
+
+## Installation
+
+```bash
+# Use directly with bunx
+bunx @pb-admin/cli init
+
+# Or install globally
+bun add -g @pb-admin/cli
+```
+
+## Quick Start
+
+```bash
+# 1. Initialize in your project
+pb-admin init
+
+# 2. Login to your PocketBase
+pb-admin login
+
+# 3. Pull current schema and rules
+pb-admin pull
+
+# 4. Edit the files in pb-admin/
+
+# 5. See differences
+pb-admin diff
+
+# 6. Apply changes
+pb-admin push
+```
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `pb-admin init` | Initialize project with config file |
+| `pb-admin login` | Login to PocketBase (saves token) |
+| `pb-admin logout` | Clear saved credentials |
+| `pb-admin pull` | Pull schema & rules from PocketBase |
+| `pb-admin push` | Push schema & rules to PocketBase |
+| `pb-admin diff` | Compare local vs live |
+| `pb-admin col [name]` | List/view collections |
+
+## Options
+
+- `--schema, -s` - Only schema operations
+- `--rules, -r` - Only rules operations  
+- `--dry-run, -n` - Show what would change (no apply)
+- `--debug` - Show error details
+
+## Files
+
+After `pb-admin init`, these files are configured:
+
+```
+pb-admin.json          # Config (URL, paths)
+pb-admin/
+  schema.json          # Collection fields
+  rules.json           # Collection permissions
+```
+
+## Example Workflow
+
+```bash
+# Start fresh
+pb-admin init
+pb-admin login
+
+# Pull current state
+pb-admin pull
+
+# Edit rules locally
+# vim pb-admin/rules.json
+
+# See what changed
+pb-admin diff
+
+# Apply to live
+pb-admin push
+```
+
+## For CI/CD
+
+```bash
+# Non-interactive mode (set env vars first)
+export PB_URL=https://your-pb.com
+export PB_EMAIL=admin@example.com
+export PB_PASSWORD=your-password
+
+pb-admin pull --rules
+# edit files...
+pb-admin push --dry-run
+pb-admin push
+```
+
+## Credentials
+
+Credentials are stored in `~/.config/pb-admin/credentials.json` (cross-platform config dir).
+
+## License
+
+MIT

package/dist/index.js

@@ -0,0 +1,922 @@
+#!/usr/bin/env node
+
+// src/index.ts
+import pc6 from "picocolors";
+import inquirer3 from "inquirer";
+
+// src/commands/init.ts
+import pc from "picocolors";
+import inquirer from "inquirer";
+
+// src/lib/config.ts
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { join, dirname } from "path";
+var DEFAULT_CONFIG = {
+  url: "",
+  schemaPath: "./pb-admin/schema.json",
+  rulesPath: "./pb-admin/rules.json"
+};
+function loadConfig(configPath) {
+  const path = configPath || findConfigFile();
+  if (!path || !existsSync(path)) {
+    return { ...DEFAULT_CONFIG };
+  }
+  try {
+    const content = readFileSync(path, "utf-8");
+    return { ...DEFAULT_CONFIG, ...JSON.parse(content) };
+  } catch {
+    return { ...DEFAULT_CONFIG };
+  }
+}
+function saveConfig(config, configPath) {
+  const path = configPath || findConfigFile();
+  if (!path) {
+    console.log('❌ No config file found. Run "pb-admin init" first.');
+    return;
+  }
+  const dir = dirname(path);
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+  writeFileSync(path, JSON.stringify(config, null, 2), "utf-8");
+}
+function findConfigFile() {
+  let dir = process.cwd();
+  if (existsSync(join(dir, "pb-admin.json"))) {
+    return join(dir, "pb-admin.json");
+  }
+  while (dir !== "/") {
+    const parent = dirname(dir);
+    if (parent === dir)
+      break;
+    dir = parent;
+    const configPath = join(dir, "pb-admin.json");
+    if (existsSync(configPath)) {
+      return configPath;
+    }
+  }
+  return null;
+}
+function ensurePBAdminDir(basePath) {
+  const dir = basePath || join(process.cwd(), "pb-admin");
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+  return dir;
+}
+function getSchemaPath() {
+  const config = loadConfig();
+  return config.schemaPath || "./pb-admin/schema.json";
+}
+function getRulesPath() {
+  const config = loadConfig();
+  return config.rulesPath || "./pb-admin/rules.json";
+}
+function loadSchema() {
+  const path = getSchemaPath();
+  if (!existsSync(path))
+    return null;
+  try {
+    return JSON.parse(readFileSync(path, "utf-8"));
+  } catch {
+    return null;
+  }
+}
+function loadRules() {
+  const path = getRulesPath();
+  if (!existsSync(path))
+    return null;
+  try {
+    return JSON.parse(readFileSync(path, "utf-8"));
+  } catch {
+    return null;
+  }
+}
+function saveSchema(schema) {
+  const path = getSchemaPath();
+  const dir = dirname(path);
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+  writeFileSync(path, JSON.stringify(schema, null, 2), "utf-8");
+}
+function saveRules(rules) {
+  const path = getRulesPath();
+  const dir = dirname(path);
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+  writeFileSync(path, JSON.stringify(rules, null, 2), "utf-8");
+}
+
+// src/lib/client.ts
+import PocketBase from "pocketbase";
+
+// src/lib/credentials.ts
+import { homedir } from "os";
+import { join as join2 } from "path";
+import { existsSync as existsSync2, mkdirSync as mkdirSync2, readFileSync as readFileSync2, writeFileSync as writeFileSync2, unlinkSync } from "fs";
+function getProjectKey() {
+  const cwd = process.cwd();
+  return cwd.replace(/^\//, "").replace(/[^a-zA-Z0-9]/g, "-").replace(/-+/g, "-").replace(/-$/, "");
+}
+function getProjectDir() {
+  const base = join2(homedir(), ".config", "pb-admin", "projects");
+  const key = getProjectKey();
+  return join2(base, key);
+}
+function ensureProjectDir() {
+  const dir = getProjectDir();
+  if (!existsSync2(dir)) {
+    mkdirSync2(dir, { recursive: true });
+  }
+  return dir;
+}
+function loadCredentials() {
+  try {
+    const dir = getProjectDir();
+    const credsPath = join2(dir, "credentials.json");
+    if (existsSync2(credsPath)) {
+      const content = readFileSync2(credsPath, "utf-8");
+      return JSON.parse(content);
+    }
+  } catch {}
+  return null;
+}
+function saveCredentials(credentials) {
+  const dir = ensureProjectDir();
+  const credsPath = join2(dir, "credentials.json");
+  if (credentials === null) {
+    if (existsSync2(credsPath)) {
+      unlinkSync(credsPath);
+    }
+    return;
+  }
+  writeFileSync2(credsPath, JSON.stringify(credentials, null, 2), "utf-8");
+}
+
+// src/lib/client.ts
+class NotLoggedInError extends Error {
+  constructor(message = 'Not logged in. Run "pb-admin login" first.') {
+    super(message);
+    this.name = "NotLoggedInError";
+  }
+}
+
+class SessionExpiredError extends Error {
+  constructor(message = 'Session expired. Run "pb-admin login" again.') {
+    super(message);
+    this.name = "SessionExpiredError";
+  }
+}
+var cachedClient = null;
+var cachedInstance = null;
+async function getClient() {
+  const creds = loadCredentials();
+  if (!creds) {
+    throw new NotLoggedInError;
+  }
+  const instanceUrl = creds.url;
+  const instanceToken = creds.token;
+  if (cachedClient && cachedInstance?.url === instanceUrl) {
+    return { pb: cachedClient, instance: cachedInstance };
+  }
+  const pb = new PocketBase(instanceUrl);
+  pb.autoCancellation(false);
+  if (instanceToken) {
+    pb.authStore.save(instanceToken, null);
+    if (pb.authStore.isValid) {
+      cachedClient = pb;
+      cachedInstance = { url: instanceUrl, token: instanceToken };
+      return { pb, instance: cachedInstance };
+    }
+  }
+  throw new SessionExpiredError;
+}
+async function login(url, email, password) {
+  const pb = new PocketBase(url);
+  pb.autoCancellation(false);
+  await pb.collection("_superusers").authWithPassword(email, password);
+  if (!pb.authStore.isValid) {
+    throw new Error("Login failed - invalid credentials");
+  }
+  saveCredentials({ url, token: pb.authStore.token, email });
+  cachedClient = pb;
+  cachedInstance = { url, token: pb.authStore.token };
+  return pb;
+}
+function logout() {
+  cachedClient = null;
+  cachedInstance = null;
+  saveCredentials(null);
+}
+function isLoggedIn() {
+  const creds = loadCredentials();
+  return !!creds?.token;
+}
+
+// src/lib/schema.ts
+async function pullSchema(pb) {
+  const collections = await pb.collections.getFullList();
+  const schema = {};
+  for (const col of collections) {
+    if (col.name.startsWith("_"))
+      continue;
+    schema[col.name] = {
+      name: col.name,
+      type: col.type,
+      active: col.active,
+      fields: col.fields.filter((f) => !f.system).map((f) => ({
+        name: f.name,
+        type: f.type,
+        required: f.required,
+        presentable: f.presentable,
+        values: f.values,
+        options: f.options
+      })),
+      listRule: col.listRule,
+      viewRule: col.viewRule,
+      createRule: col.createRule,
+      updateRule: col.updateRule,
+      deleteRule: col.deleteRule
+    };
+  }
+  return schema;
+}
+async function getCollection(pb, name) {
+  const collections = await pb.collections.getFullList();
+  const col = collections.find((c) => c.name === name);
+  if (!col)
+    return null;
+  return {
+    name: col.name,
+    type: col.type,
+    active: col.active,
+    fields: col.fields.filter((f) => !f.system).map((f) => ({
+      name: f.name,
+      type: f.type,
+      required: f.required,
+      presentable: f.presentable,
+      values: f.values,
+      options: f.options
+    })),
+    listRule: col.listRule,
+    viewRule: col.viewRule,
+    createRule: col.createRule,
+    updateRule: col.updateRule,
+    deleteRule: col.deleteRule
+  };
+}
+function fieldsMatch(desired, current) {
+  if (desired.type !== current.type)
+    return false;
+  if (desired.required !== undefined && desired.required !== (current.required ?? false))
+    return false;
+  if (desired.presentable !== undefined && desired.presentable !== (current.presentable ?? false))
+    return false;
+  if (desired.values && JSON.stringify(desired.values) !== JSON.stringify(current.values))
+    return false;
+  return true;
+}
+async function applySchema(pb, desiredSchema) {
+  const collections = await pb.collections.getFullList();
+  for (const [colName, colSchema] of Object.entries(desiredSchema)) {
+    if (colName.startsWith("$"))
+      continue;
+    const col = collections.find((c) => c.name === colName);
+    if (!col) {
+      console.log(`⚠️  ${colName}: collection not found, skipping`);
+      continue;
+    }
+    const currentFields = col.fields;
+    const desiredFields = colSchema.fields;
+    let hasChanges = false;
+    const updatedFields = [...currentFields];
+    for (const desired of desiredFields) {
+      const currentIndex = updatedFields.findIndex((f) => f.name === desired.name);
+      if (currentIndex === -1) {
+        const newField = {
+          id: `field_${desired.name}_${Date.now()}`,
+          name: desired.name,
+          type: desired.type,
+          required: desired.required ?? false,
+          presentable: desired.presentable ?? false,
+          system: false
+        };
+        if (desired.values)
+          newField.values = desired.values;
+        if (desired.options)
+          newField.options = desired.options;
+        updatedFields.push(newField);
+        hasChanges = true;
+        console.log(`  + ${colName}.${desired.name}`);
+      } else if (!fieldsMatch(desired, updatedFields[currentIndex])) {
+        const existing = updatedFields[currentIndex];
+        updatedFields[currentIndex] = {
+          ...existing,
+          type: desired.type,
+          required: desired.required ?? existing.required,
+          presentable: desired.presentable ?? existing.presentable,
+          values: desired.values ?? existing.values,
+          options: desired.options ?? existing.options
+        };
+        hasChanges = true;
+        console.log(`  ~ ${colName}.${desired.name}`);
+      }
+    }
+    if (hasChanges) {
+      await pb.collections.update(col.id, { fields: updatedFields });
+      console.log(`✅ ${colName}: schema updated`);
+    } else {
+      console.log(`   ${colName}: no changes`);
+    }
+  }
+}
+async function diffSchema(pb, desiredSchema) {
+  const collections = await pb.collections.getFullList();
+  let hasDiff = false;
+  for (const [colName, colSchema] of Object.entries(desiredSchema)) {
+    if (colName.startsWith("$"))
+      continue;
+    const col = collections.find((c) => c.name === colName);
+    if (!col) {
+      console.log(`❌ ${colName}: collection not found in PocketBase`);
+      hasDiff = true;
+      continue;
+    }
+    const currentFields = col.fields;
+    const desiredFields = colSchema.fields;
+    for (const desired of desiredFields) {
+      const current = currentFields.find((f) => f.name === desired.name);
+      if (!current) {
+        hasDiff = true;
+        console.log(`${colName}.${desired.name}: ${"MISSING"}`);
+        continue;
+      }
+      if (!fieldsMatch(desired, current)) {
+        hasDiff = true;
+        console.log(`${colName}.${desired.name}:`);
+        console.log(`  type:     live=${current.type} desired=${desired.type}`);
+        console.log(`  required: live=${current.required ?? false} desired=${desired.required ?? false}`);
+      }
+    }
+  }
+  return hasDiff;
+}
+
+// src/lib/rules.ts
+async function pullRules(pb) {
+  const collections = await pb.collections.getFullList();
+  const rules = {};
+  for (const col of collections) {
+    if (col.name.startsWith("_"))
+      continue;
+    rules[col.name] = {
+      listRule: col.listRule,
+      viewRule: col.viewRule,
+      createRule: col.createRule,
+      updateRule: col.updateRule,
+      deleteRule: col.deleteRule
+    };
+  }
+  return rules;
+}
+async function applyRules(pb, desiredRules) {
+  const collections = await pb.collections.getFullList();
+  for (const [colName, rules] of Object.entries(desiredRules)) {
+    if (colName.startsWith("$"))
+      continue;
+    const col = collections.find((c) => c.name === colName);
+    if (!col) {
+      console.log(`⚠️  ${colName}: collection not found, skipping`);
+      continue;
+    }
+    const updates = {};
+    let hasChanges = false;
+    for (const [ruleKey, desiredValue] of Object.entries(rules)) {
+      const currentValue = col[ruleKey];
+      if (currentValue !== desiredValue) {
+        updates[ruleKey] = desiredValue;
+        hasChanges = true;
+      }
+    }
+    if (hasChanges) {
+      await pb.collections.update(col.id, updates);
+      console.log(`✅ ${colName}: updated`);
+    } else {
+      console.log(`   ${colName}: no changes`);
+    }
+  }
+}
+async function diffRules(pb, desiredRules) {
+  const collections = await pb.collections.getFullList();
+  let hasDiff = false;
+  for (const [colName, rules] of Object.entries(desiredRules)) {
+    if (colName.startsWith("$"))
+      continue;
+    const col = collections.find((c) => c.name === colName);
+    if (!col) {
+      console.log(`❌ ${colName}: collection not found in PocketBase`);
+      hasDiff = true;
+      continue;
+    }
+    for (const [ruleKey, desiredValue] of Object.entries(rules)) {
+      const currentValue = col[ruleKey];
+      if (currentValue !== desiredValue) {
+        hasDiff = true;
+        console.log(`${colName}.${ruleKey}:`);
+        console.log(`  live:    ${currentValue ?? "(admin)"}`);
+        console.log(`  desired: ${desiredValue ?? "(admin)"}`);
+      }
+    }
+  }
+  return hasDiff;
+}
+
+// src/commands/init.ts
+var prompt = inquirer.createPromptModule();
+async function initCommand() {
+  console.log(pc.cyan(`
+\uD83D\uDEE0️  pb-admin init
+`));
+  console.log(`Setting up PocketBase admin CLI for this project.
+`);
+  const { url } = await prompt({
+    type: "input",
+    name: "url",
+    message: "PocketBase URL",
+    default: "http://localhost:8090",
+    validate: (v) => v.startsWith("http") || "Must be a valid URL"
+  });
+  const { email } = await prompt({
+    type: "input",
+    name: "email",
+    message: "Admin email"
+  });
+  const { password } = await prompt({
+    type: "password",
+    name: "password",
+    message: "Admin password",
+    mask: "*"
+  });
+  console.log(pc.dim(`
+Connecting...
+`));
+  let pb;
+  try {
+    pb = await login(url, email, password);
+    console.log(pc.green(`✅ Connected to PocketBase
+`));
+  } catch (err) {
+    console.log(pc.red(`
+❌ Login failed: ${err.message}
+`));
+    process.exit(1);
+  }
+  const schemaPath = "./pb-admin/schema.json";
+  const rulesPath = "./pb-admin/rules.json";
+  const config = {
+    url,
+    schemaPath,
+    rulesPath
+  };
+  saveConfig(config, "./pb-admin.json");
+  ensurePBAdminDir();
+  console.log(pc.cyan(`\uD83D\uDCE5 Pulling schema and rules...
+`));
+  try {
+    const schema = await pullSchema(pb);
+    saveSchema(schema);
+    console.log(pc.green(`  ✅ Schema saved (${Object.keys(schema).length} collections)`));
+    const rules = await pullRules(pb);
+    saveRules(rules);
+    console.log(pc.green(`  ✅ Rules saved (${Object.keys(rules).length} collections)`));
+  } catch (err) {
+    console.log(pc.red(`
+❌ Failed to pull: ${err.message}
+`));
+    process.exit(1);
+  }
+  console.log(pc.green(`
+✅ Setup complete!
+`));
+  console.log(pc.bold("Files created:"));
+  console.log(`  pb-admin.json           - Config`);
+  console.log(`  pb-admin/schema.json    - Collection fields`);
+  console.log(`  pb-admin/rules.json     - Collection permissions
+`);
+  console.log(pc.bold("Next steps:"));
+  console.log(`  ${pc.green("pb-admin diff")}   - See differences vs live`);
+  console.log(`  ${pc.green("pb-admin push")}   - Apply changes to PocketBase
+`);
+}
+
+// src/commands/pull.ts
+import pc2 from "picocolors";
+async function pullCommand(args) {
+  const config = loadConfig();
+  const { pb } = await getClient();
+  console.log(pc2.cyan(`
+\uD83D\uDCE5 Pulling from PocketBase...
+`));
+  ensurePBAdminDir();
+  const options = args.includes("--schema") || args.includes("-s") ? { schema: true, rules: false } : args.includes("--rules") || args.includes("-r") ? { schema: false, rules: true } : { schema: true, rules: true };
+  if (options.schema) {
+    console.log(pc2.dim("  Pulling schema..."));
+    const schema = await pullSchema(pb);
+    saveSchema(schema);
+    const schemaPath = config.schemaPath || "./pb-admin/schema.json";
+    console.log(pc2.green(`  ✅ Schema saved to ${schemaPath}`));
+    console.log(pc2.dim(`     ${Object.keys(schema).length} collections
+`));
+  }
+  if (options.rules) {
+    console.log(pc2.dim("  Pulling rules..."));
+    const rules = await pullRules(pb);
+    saveRules(rules);
+    const rulesPath = config.rulesPath || "./pb-admin/rules.json";
+    console.log(pc2.green(`  ✅ Rules saved to ${rulesPath}`));
+    console.log(pc2.dim(`     ${Object.keys(rules).length} collections
+`));
+  }
+  console.log(pc2.green(`Done!
+`));
+}
+
+// src/commands/push.ts
+import pc3 from "picocolors";
+async function pushCommand(args) {
+  const config = loadConfig();
+  const { pb } = await getClient();
+  console.log(pc3.cyan(`
+\uD83D\uDCE4 Pushing to PocketBase...
+`));
+  const dryRun = args.includes("--dry-run") || args.includes("-n");
+  const options = args.includes("--schema") || args.includes("-s") ? { schema: true, rules: false } : args.includes("--rules") || args.includes("-r") ? { schema: false, rules: true } : { schema: true, rules: true };
+  if (dryRun) {
+    console.log(pc3.yellow(`  [DRY RUN - no changes will be made]
+`));
+  }
+  if (options.schema) {
+    const schema = loadSchema();
+    if (schema) {
+      console.log(pc3.dim("  Pushing schema..."));
+      if (!dryRun) {
+        await applySchema(pb, schema);
+      } else {
+        console.log(pc3.dim("     (skipped in dry-run)"));
+      }
+    } else {
+      console.log(pc3.yellow(`  ⚠️  No schema file found. Run "pb-admin pull" first.
+`));
+    }
+  }
+  if (options.rules) {
+    const rules = loadRules();
+    if (rules) {
+      console.log(pc3.dim("  Pushing rules..."));
+      if (!dryRun) {
+        await applyRules(pb, rules);
+      } else {
+        console.log(pc3.dim("     (skipped in dry-run)"));
+      }
+    } else {
+      console.log(pc3.yellow(`  ⚠️  No rules file found. Run "pb-admin pull" first.
+`));
+    }
+  }
+  if (dryRun) {
+    console.log(pc3.yellow(`
+⚠️  This was a dry run. Run without --dry-run to apply changes.
+`));
+  } else {
+    console.log(pc3.green(`
+Done!
+`));
+  }
+}
+
+// src/commands/diff.ts
+import pc4 from "picocolors";
+async function diffCommand(args) {
+  const config = loadConfig();
+  const { pb } = await getClient();
+  console.log(pc4.cyan(`
+\uD83D\uDD0D Comparing local files vs live PocketBase...
+`));
+  const options = args.includes("--schema") || args.includes("-s") ? { schema: true, rules: false } : args.includes("--rules") || args.includes("-r") ? { schema: false, rules: true } : { schema: true, rules: true };
+  let hasDiff = false;
+  if (options.schema) {
+    const schema = loadSchema();
+    if (schema) {
+      console.log(pc4.bold(`
+  Schema:
+`));
+      const schemaHasDiff = await diffSchema(pb, schema);
+      if (!schemaHasDiff) {
+        console.log(pc4.green(`  ✅ Schema matches!
+`));
+      }
+      hasDiff = hasDiff || schemaHasDiff;
+    } else {
+      console.log(pc4.yellow(`  ⚠️  No schema file found. Run "pb-admin pull" first.
+`));
+    }
+  }
+  if (options.rules) {
+    const rules = loadRules();
+    if (rules) {
+      console.log(pc4.bold(`
+  Rules:
+`));
+      const rulesHasDiff = await diffRules(pb, rules);
+      if (!rulesHasDiff) {
+        console.log(pc4.green(`  ✅ Rules match!
+`));
+      }
+      hasDiff = hasDiff || rulesHasDiff;
+    } else {
+      console.log(pc4.yellow(`  ⚠️  No rules file found. Run "pb-admin pull" first.
+`));
+    }
+  }
+  if (!hasDiff) {
+    console.log(pc4.green(`
+✅ Everything matches!
+`));
+  } else {
+    console.log(pc4.red(`
+⚠️  Differences found. Run "pb-admin push" to apply changes.
+`));
+    process.exit(1);
+  }
+}
+
+// src/commands/collections.ts
+import pc5 from "picocolors";
+import inquirer2 from "inquirer";
+var prompt2 = inquirer2.createPromptModule();
+async function collectionsCommand(args) {
+  const { pb } = await getClient();
+  if (args[0] === "get" && args[1]) {
+    await showCollection(pb, args[1]);
+    return;
+  }
+  await listCollections(pb);
+}
+async function listCollections(pb) {
+  const collections = await pb.collections.getFullList();
+  console.log(pc5.cyan(`
+\uD83D\uDCE6 Collections (${collections.length})
+`));
+  const rows = collections.filter((c) => !c.name.startsWith("_")).map((c) => ({
+    name: c.name,
+    type: c.type,
+    id: c.id.slice(0, 8)
+  }));
+  console.table(rows);
+  const { name } = await prompt2({
+    type: "list",
+    name: "name",
+    message: "Select collection to view details",
+    choices: [
+      ...collections.filter((c) => !c.name.startsWith("_")).map((c) => ({
+        name: c.name,
+        value: c.name
+      })),
+      { name: "Exit", value: "__exit__" }
+    ]
+  });
+  if (name !== "__exit__") {
+    await showCollection(pb, name);
+  }
+}
+async function showCollection(pb, name) {
+  const col = await getCollection(pb, name);
+  if (!col) {
+    console.log(pc5.red(`
+❌ Collection "${name}" not found
+`));
+    return;
+  }
+  console.log(pc5.cyan(`
+\uD83D\uDCCB Collection: ${col.name}
+`));
+  console.log(pc5.bold("  ID:   ") + col.id);
+  console.log(pc5.bold("  Type: ") + col.type);
+  console.log(pc5.bold("  Schema:"));
+  if (col.fields && col.fields.length > 0) {
+    for (const field of col.fields) {
+      const req = field.required ? pc5.red("*") : pc5.dim(" ");
+      console.log(`    ${req} ${pc5.green(field.name)} ${pc5.dim(`(${field.type})`)}`);
+    }
+  } else {
+    console.log(pc5.dim("    (no custom fields)"));
+  }
+  console.log();
+  console.log(pc5.bold("  Rules:"));
+  console.log(`    list:   ${col.listRule ?? pc5.dim("(admin)")}`);
+  console.log(`    view:   ${col.viewRule ?? pc5.dim("(admin)")}`);
+  console.log(`    create: ${col.createRule ?? pc5.dim("(admin)")}`);
+  console.log(`    update: ${col.updateRule ?? pc5.dim("(admin)")}`);
+  console.log(`    delete: ${col.deleteRule ?? pc5.dim("(admin)")}`);
+  console.log();
+}
+
+// src/index.ts
+import { createRequire } from "module";
+var require2 = createRequire(import.meta.url);
+var pkg = require2("../package.json");
+var prompt3 = inquirer3.createPromptModule();
+var args = process.argv.slice(2);
+var cmd = args[0] || "help";
+async function ensureLogin() {
+  if (isLoggedIn()) {
+    return;
+  }
+  console.log(pc6.cyan(`
+\uD83D\uDD10 Authentication required
+`));
+  console.log(pc6.dim(`No credentials found for this project.
+`));
+  const config = loadConfig();
+  const { url } = await prompt3({
+    type: "input",
+    name: "url",
+    message: "PocketBase URL",
+    default: config.url || "http://localhost:8090",
+    validate: (v) => v.startsWith("http") || "Must be a valid URL"
+  });
+  const { email } = await prompt3({
+    type: "input",
+    name: "email",
+    message: "Admin email"
+  });
+  const { password } = await prompt3({
+    type: "password",
+    name: "password",
+    message: "Admin password",
+    mask: "*"
+  });
+  console.log(pc6.dim(`
+Connecting...
+`));
+  try {
+    await login(url, email, password);
+    console.log(pc6.green(`✅ Logged in successfully
+`));
+  } catch (err) {
+    console.log(pc6.red(`
+❌ Login failed: ${err.message}
+`));
+    process.exit(1);
+  }
+}
+async function ensureLoginWithRetry() {
+  try {
+    await ensureLogin();
+  } catch (err) {
+    if (err instanceof NotLoggedInError || err instanceof SessionExpiredError) {
+      await ensureLogin();
+    } else {
+      throw err;
+    }
+  }
+}
+async function main() {
+  try {
+    switch (cmd) {
+      case "init":
+        await initCommand();
+        break;
+      case "login": {
+        const config = loadConfig();
+        const { email } = await prompt3({
+          type: "input",
+          name: "email",
+          message: "Admin email"
+        });
+        const { password } = await prompt3({
+          type: "password",
+          name: "password",
+          message: "Admin password",
+          mask: "*"
+        });
+        const url = config.url || "http://localhost:8090";
+        console.log(pc6.dim(`
+Connecting...
+`));
+        try {
+          await login(url, email, password);
+          console.log(pc6.green(`✅ Logged in successfully
+`));
+        } catch (err) {
+          console.log(pc6.red(`
+❌ Login failed: ${err.message}
+`));
+          process.exit(1);
+        }
+        break;
+      }
+      case "logout":
+        logout();
+        console.log(pc6.green(`
+✅ Logged out
+`));
+        break;
+      case "pull":
+        await ensureLoginWithRetry();
+        await pullCommand(args.slice(1));
+        break;
+      case "push":
+        await ensureLoginWithRetry();
+        await pushCommand(args.slice(1));
+        break;
+      case "diff":
+        await ensureLoginWithRetry();
+        await diffCommand(args.slice(1));
+        break;
+      case "collections":
+      case "col":
+        await ensureLoginWithRetry();
+        await collectionsCommand(args.slice(1));
+        break;
+      case "status": {
+        if (isLoggedIn()) {
+          console.log(pc6.green(`
+✅ Logged in for this project
+`));
+        } else {
+          console.log(pc6.yellow(`
+⚠️  Not logged in for this project
+`));
+        }
+        break;
+      }
+      case "help":
+      case "--help":
+      case "-h":
+        showHelp();
+        break;
+      case "--version":
+      case "-v":
+        console.log(pc6.cyan(`@pb-admin/cli v${pkg.version}
+`));
+        break;
+      default:
+        console.log(pc6.red(`
+❌ Unknown command: ${cmd}
+`));
+        showHelp();
+        process.exit(1);
+    }
+  } catch (err) {
+    console.log(pc6.red(`
+❌ ${err.message}
+`));
+    if (args.includes("--debug")) {
+      console.error(err);
+    }
+    process.exit(1);
+  }
+}
+function showHelp() {
+  console.log(`
+${pc6.cyan("\uD83D\uDEE0️  @pb-admin/cli")}
+
+${pc6.bold("Usage:")}
+  pb-admin <command> [options]
+
+${pc6.bold("Commands:")}
+  ${pc6.green("init")}         Initialize project with config file
+  ${pc6.green("login")}        Login to PocketBase
+  ${pc6.green("logout")}       Clear credentials for this project
+  ${pc6.green("pull")}         Pull schema & rules from PocketBase
+  ${pc6.green("push")}         Push schema & rules to PocketBase
+  ${pc6.green("diff")}         Compare local vs live
+  ${pc6.green("col")}          List collections
+
+${pc6.bold("Options:")}
+  --schema, -s    Only schema operations
+  --rules, -r     Only rules operations
+  --dry-run, -n   Show what would change (no apply)
+  --debug         Show error details
+  -h, --help      Show this help
+  -v, --version   Show version
+
+${pc6.bold("Quick Start:")}
+  pb-admin init          # Initialize (asks for URL + credentials)
+  pb-admin pull         # Pull schema & rules
+  # Edit files in pb-admin/
+  pb-admin diff         # See changes
+  pb-admin push         # Apply changes
+
+${pc6.bold("Files:")}
+  pb-admin.json         - Config (URL, paths)
+  pb-admin/schema.json  - Collection fields
+  pb-admin/rules.json   - Collection permissions
+
+${pc6.dim("Credentials:")} ~/.config/pb-admin/projects/{project}/credentials.json
+`);
+}
+main();

package/package.json

@@ -0,0 +1,34 @@
+{
+  "name": "@pb-admin/cli",
+  "version": "1.0.0",
+  "type": "module",
+  "private": false,
+  "license": "MIT",
+  "description": "CLI to manage PocketBase collections, rules, and schema across multiple instances",
+  "bin": {
+    "pb-admin": "./dist/index.js"
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "start": "bun run src/index.ts",
+    "build": "bun build ./src/index.ts --outdir ./dist --target node --packages external",
+    "test": "bun test",
+    "prepublishOnly": "bun run build"
+  },
+  "devDependencies": {
+    "@types/bun": "latest",
+    "@types/inquirer": "^9.0.9"
+  },
+  "peerDependencies": {
+    "typescript": "^5"
+  },
+  "dependencies": {
+    "conf": "^15.1.0",
+    "inquirer": "^13.4.1",
+    "picocolors": "^1.1.1",
+    "pocketbase": "^0.26.8",
+    "yaml": "^2.8.3"
+  }
+}