metabase-cli 0.2.2

package/dist/metabase.js

@@ -0,0 +1,1710 @@
+#!/usr/bin/env node
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+
+// bin/metabase.ts
+var import_node_fs3 = require("fs");
+var import_node_path3 = require("path");
+var import_commander9 = require("commander");
+
+// src/commands/profile.ts
+var import_commander = require("commander");
+
+// src/config/store.ts
+var fs = __toESM(require("fs"));
+var path = __toESM(require("path"));
+var os = __toESM(require("os"));
+function getConfigDir() {
+  return path.join(os.homedir(), ".metabase-cli");
+}
+function getConfigFile() {
+  return path.join(getConfigDir(), "config.json");
+}
+function ensureConfigDir() {
+  if (!fs.existsSync(getConfigDir())) {
+    fs.mkdirSync(getConfigDir(), { recursive: true, mode: 448 });
+  }
+}
+function defaultConfig() {
+  return { activeProfile: "", profiles: {} };
+}
+function loadConfig() {
+  ensureConfigDir();
+  if (!fs.existsSync(getConfigFile())) {
+    return defaultConfig();
+  }
+  const raw = fs.readFileSync(getConfigFile(), "utf-8");
+  return JSON.parse(raw);
+}
+function saveConfig(config) {
+  ensureConfigDir();
+  fs.writeFileSync(getConfigFile(), JSON.stringify(config, null, 2), {
+    encoding: "utf-8",
+    mode: 384
+  });
+}
+function getActiveProfile() {
+  const config = loadConfig();
+  if (!config.activeProfile || !config.profiles[config.activeProfile]) {
+    return null;
+  }
+  return config.profiles[config.activeProfile];
+}
+function setActiveProfile(name) {
+  const config = loadConfig();
+  if (!config.profiles[name]) {
+    throw new Error(`Profile "${name}" does not exist`);
+  }
+  config.activeProfile = name;
+  saveConfig(config);
+}
+function addProfile(profile) {
+  const config = loadConfig();
+  config.profiles[profile.name] = profile;
+  if (!config.activeProfile) {
+    config.activeProfile = profile.name;
+  }
+  saveConfig(config);
+}
+function removeProfile(name) {
+  const config = loadConfig();
+  if (!config.profiles[name]) {
+    throw new Error(`Profile "${name}" does not exist`);
+  }
+  delete config.profiles[name];
+  if (config.activeProfile === name) {
+    const remaining = Object.keys(config.profiles);
+    config.activeProfile = remaining.length > 0 ? remaining[0] : "";
+  }
+  saveConfig(config);
+}
+function updateProfile(name, updates) {
+  const config = loadConfig();
+  if (!config.profiles[name]) {
+    throw new Error(`Profile "${name}" does not exist`);
+  }
+  config.profiles[name] = { ...config.profiles[name], ...updates };
+  saveConfig(config);
+}
+function listProfiles() {
+  const config = loadConfig();
+  return {
+    profiles: Object.values(config.profiles),
+    active: config.activeProfile
+  };
+}
+
+// src/utils/output.ts
+var import_cli_table3 = __toESM(require("cli-table3"));
+function formatDatasetResponse(dataset, format = "table", columns) {
+  const cols = dataset.data.cols;
+  const rows = dataset.data.rows;
+  let colIndices;
+  if (columns?.length) {
+    colIndices = columns.map((name) => {
+      const idx = cols.findIndex(
+        (c) => c.name === name || c.display_name === name
+      );
+      if (idx === -1) throw new Error(`Column "${name}" not found`);
+      return idx;
+    });
+  } else {
+    colIndices = cols.map((_, i) => i);
+  }
+  const filteredCols = colIndices.map((i) => cols[i]);
+  const filteredRows = rows.map((row) => colIndices.map((i) => row[i]));
+  switch (format) {
+    case "json":
+      return JSON.stringify(
+        filteredRows.map(
+          (row) => Object.fromEntries(
+            filteredCols.map((col, i) => [col.name, row[i]])
+          )
+        ),
+        null,
+        2
+      );
+    case "csv":
+      return formatDelimited(filteredCols, filteredRows, ",");
+    case "tsv":
+      return formatDelimited(filteredCols, filteredRows, "	");
+    case "table":
+    default:
+      return formatTable(filteredCols, filteredRows);
+  }
+}
+function formatDelimited(cols, rows, delimiter) {
+  const header = cols.map((c) => escapeCsvField(String(c.name), delimiter)).join(delimiter);
+  const body = rows.map(
+    (row) => row.map((cell) => escapeCsvField(formatCell(cell), delimiter)).join(delimiter)
+  );
+  return [header, ...body].join("\n");
+}
+function escapeCsvField(value, delimiter) {
+  if (value.includes(delimiter) || value.includes('"') || value.includes("\n")) {
+    return `"${value.replace(/"/g, '""')}"`;
+  }
+  return value;
+}
+function formatTable(cols, rows) {
+  const table = new import_cli_table3.default({
+    head: cols.map((c) => c.display_name),
+    style: { head: ["cyan"] }
+  });
+  for (const row of rows) {
+    table.push(row.map((cell) => formatCell(cell)));
+  }
+  return table.toString();
+}
+function formatCell(value) {
+  if (value === null || value === void 0) return "";
+  if (typeof value === "object") return JSON.stringify(value);
+  return String(value);
+}
+function formatJson(data) {
+  return JSON.stringify(data, null, 2);
+}
+function formatEntityTable(items, columns) {
+  const table = new import_cli_table3.default({
+    head: columns.map((c) => c.header),
+    style: { head: ["cyan"] }
+  });
+  for (const item of items) {
+    table.push(columns.map((c) => formatCell(item[c.key])));
+  }
+  return table.toString();
+}
+
+// src/commands/profile.ts
+function profileCommand() {
+  const cmd = new import_commander.Command("profile").description("Manage Metabase profiles").addHelpText("after", `
+The first profile added becomes the default (active) profile.
+All commands use the active profile unless you switch with 'profile switch'.
+
+Examples:
+  $ metabase-cli profile add prod --domain https://metabase.example.com --email you@co.com --password secret
+  $ metabase-cli profile add staging --domain https://staging.metabase.co --api-key mb_xxxxx
+  $ metabase-cli profile list
+  $ metabase-cli profile switch staging
+  $ metabase-cli profile current
+  $ metabase-cli profile remove staging`);
+  cmd.command("add <name>").description("Add a new profile (becomes default if first)").requiredOption("--domain <url>", "Metabase instance URL").option("--email <email>", "Login email").option("--password <password>", "Login password").option("--api-key <key>", "API key (alternative to email/password)").option("--default-db <id>", "Default database ID for queries", parseInt).addHelpText("after", `
+Examples:
+  $ metabase-cli profile add prod --domain https://metabase.example.com --email you@co.com --password secret
+  $ metabase-cli profile add prod --domain https://metabase.example.com --email you@co.com --password secret --default-db 1
+  $ metabase-cli profile add staging --domain https://staging.example.com --api-key mb_xxxxx`).action((name, opts) => {
+    let auth;
+    if (opts.apiKey) {
+      auth = { method: "api-key", apiKey: opts.apiKey };
+    } else if (opts.email && opts.password) {
+      auth = { method: "session", email: opts.email, password: opts.password };
+    } else {
+      console.error("Error: Provide --email and --password, or --api-key");
+      process.exit(1);
+    }
+    const profile = {
+      name,
+      domain: opts.domain,
+      auth,
+      defaultDb: opts.defaultDb
+    };
+    addProfile(profile);
+    console.log(`Profile "${name}" added and set as active.`);
+  });
+  cmd.command("list").description("List all profiles (* = active/default)").addHelpText("after", `
+Examples:
+  $ metabase-cli profile list`).action(() => {
+    const { profiles, active } = listProfiles();
+    if (profiles.length === 0) {
+      console.log("No profiles configured. Run: metabase-cli profile add <name>");
+      return;
+    }
+    const items = profiles.map((p) => ({
+      active: p.name === active ? "*" : "",
+      name: p.name,
+      domain: p.domain,
+      auth: p.auth.method,
+      user: p.user ? `${p.user.first_name} ${p.user.last_name} (${p.user.email})` : "not logged in"
+    }));
+    console.log(
+      formatEntityTable(items, [
+        { key: "active", header: "" },
+        { key: "name", header: "Name" },
+        { key: "domain", header: "Domain" },
+        { key: "auth", header: "Auth" },
+        { key: "user", header: "User" }
+      ])
+    );
+  });
+  cmd.command("switch <name>").description("Switch active (default) profile").addHelpText("after", `
+Examples:
+  $ metabase-cli profile switch staging`).action((name) => {
+    setActiveProfile(name);
+    console.log(`Switched to profile "${name}".`);
+  });
+  cmd.command("remove <name>").description("Remove a profile").addHelpText("after", `
+Examples:
+  $ metabase-cli profile remove staging`).action((name) => {
+    removeProfile(name);
+    console.log(`Profile "${name}" removed.`);
+  });
+  cmd.command("current").description("Show current active (default) profile").addHelpText("after", `
+Examples:
+  $ metabase-cli profile current`).action(() => {
+    const profile = getActiveProfile();
+    if (!profile) {
+      console.log("No active profile. Run: metabase-cli profile add <name>");
+      return;
+    }
+    console.log(`Profile: ${profile.name}`);
+    console.log(`Domain:  ${profile.domain}`);
+    console.log(`Auth:    ${profile.auth.method}`);
+    if (profile.user) {
+      console.log(`User:    ${profile.user.first_name} ${profile.user.last_name} (${profile.user.email})`);
+    }
+    if (profile.defaultDb) {
+      console.log(`Default DB: ${profile.defaultDb}`);
+    }
+  });
+  cmd.command("set-default-db <id>").description("Set the default database ID for the active profile").addHelpText("after", `
+The default database is used when --db is not specified in query/question commands.
+
+Examples:
+  $ metabase-cli profile set-default-db 1
+  $ metabase-cli profile set-default-db 3`).action((id) => {
+    const profile = getActiveProfile();
+    if (!profile) {
+      console.error("No active profile. Run: metabase-cli profile add <name>");
+      process.exit(1);
+    }
+    updateProfile(profile.name, { defaultDb: parseInt(id) });
+    console.log(`Default database set to #${id} for profile "${profile.name}".`);
+  });
+  return cmd;
+}
+
+// src/commands/query.ts
+var import_commander2 = require("commander");
+var import_node_fs = require("fs");
+var import_node_path = require("path");
+
+// src/utils/export.ts
+function checkExportError(buf, format) {
+  if (format !== "json" && buf.length > 0 && buf[0] === 123) {
+    try {
+      const parsed = JSON.parse(buf.toString("utf-8"));
+      if (parsed.status === "failed" || parsed.error) {
+        throw new Error(`Query failed: ${parsed.error || "unknown error"}`);
+      }
+    } catch (e) {
+      if (e.message.startsWith("Query failed:")) throw e;
+    }
+  }
+}
+var EXT_TO_FORMAT = {
+  ".csv": "csv",
+  ".tsv": "tsv",
+  ".json": "json",
+  ".xlsx": "xlsx"
+};
+
+// src/api/dataset.ts
+var DatasetApi = class {
+  constructor(client) {
+    this.client = client;
+  }
+  async query(datasetQuery) {
+    return this.client.post("/api/dataset", datasetQuery);
+  }
+  async queryNative(database, sql, templateTags) {
+    return this.query({
+      type: "native",
+      database,
+      native: {
+        query: sql,
+        "template-tags": templateTags ?? {}
+      }
+    });
+  }
+  async export(datasetQuery, format) {
+    const res = await this.client.requestRaw(
+      "POST",
+      `/api/dataset/${format}`,
+      datasetQuery
+    );
+    if (!res.ok) {
+      throw new Error(`Export failed: ${res.status} ${await res.text()}`);
+    }
+    return res.text();
+  }
+  async exportBinary(datasetQuery, format) {
+    const res = await this.client.requestFormExport(
+      `/api/dataset/${format}`,
+      { query: JSON.stringify(datasetQuery) }
+    );
+    if (!res.ok) {
+      throw new Error(`Export failed: ${res.status} ${await res.text()}`);
+    }
+    const buf = Buffer.from(await res.arrayBuffer());
+    checkExportError(buf, format);
+    return buf;
+  }
+};
+
+// src/client.ts
+var MetabaseClient = class {
+  domain;
+  sessionToken;
+  apiKey;
+  profile;
+  constructor(profile) {
+    this.profile = profile;
+    this.domain = profile.domain.replace(/\/+$/, "");
+    if (profile.auth.method === "session") {
+      this.sessionToken = profile.auth.sessionToken;
+    } else {
+      this.apiKey = profile.auth.apiKey;
+    }
+  }
+  getHeaders() {
+    const headers = {
+      "Content-Type": "application/json"
+    };
+    if (this.apiKey) {
+      headers["X-Api-Key"] = this.apiKey;
+    } else if (this.sessionToken) {
+      headers["X-Metabase-Session"] = this.sessionToken;
+    }
+    return headers;
+  }
+  async request(method, path2, body, params) {
+    let url = `${this.domain}${path2}`;
+    if (params) {
+      const qs = new URLSearchParams(params).toString();
+      url += `?${qs}`;
+    }
+    const res = await fetch(url, {
+      method,
+      headers: this.getHeaders(),
+      body: body ? JSON.stringify(body) : void 0
+    });
+    if (res.status === 401 && this.profile.auth.method === "session") {
+      await this.login();
+      const retryRes = await fetch(url, {
+        method,
+        headers: this.getHeaders(),
+        body: body ? JSON.stringify(body) : void 0
+      });
+      if (!retryRes.ok) {
+        const err = await retryRes.text();
+        throw new Error(`${retryRes.status} ${retryRes.statusText}: ${err}`);
+      }
+      const retryText = await retryRes.text();
+      if (!retryText) return void 0;
+      return JSON.parse(retryText);
+    }
+    if (!res.ok) {
+      const err = await res.text();
+      throw new Error(`${res.status} ${res.statusText}: ${err}`);
+    }
+    const text = await res.text();
+    if (!text) return void 0;
+    return JSON.parse(text);
+  }
+  async get(path2, params) {
+    return this.request("GET", path2, void 0, params);
+  }
+  async post(path2, body) {
+    return this.request("POST", path2, body);
+  }
+  async put(path2, body) {
+    return this.request("PUT", path2, body);
+  }
+  async delete(path2) {
+    return this.request("DELETE", path2);
+  }
+  async requestFormExport(path2, fields) {
+    const url = `${this.domain}${path2}`;
+    const headers = {};
+    if (this.apiKey) {
+      headers["X-Api-Key"] = this.apiKey;
+    } else if (this.sessionToken) {
+      headers["X-Metabase-Session"] = this.sessionToken;
+    }
+    const body = new URLSearchParams(fields);
+    const res = await fetch(url, { method: "POST", headers, body });
+    if (res.status === 401 && this.profile.auth.method === "session") {
+      await this.login();
+      if (this.sessionToken) {
+        headers["X-Metabase-Session"] = this.sessionToken;
+      }
+      return fetch(url, { method: "POST", headers, body: new URLSearchParams(fields) });
+    }
+    return res;
+  }
+  async requestRaw(method, path2, body) {
+    const url = `${this.domain}${path2}`;
+    const res = await fetch(url, {
+      method,
+      headers: this.getHeaders(),
+      body: body ? JSON.stringify(body) : void 0
+    });
+    if (res.status === 401 && this.profile.auth.method === "session") {
+      await this.login();
+      return fetch(url, {
+        method,
+        headers: this.getHeaders(),
+        body: body ? JSON.stringify(body) : void 0
+      });
+    }
+    return res;
+  }
+  async login() {
+    const auth = this.profile.auth;
+    const res = await fetch(`${this.domain}/api/session`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ username: auth.email, password: auth.password })
+    });
+    if (!res.ok) {
+      const err = await res.text();
+      throw new Error(`Login failed: ${res.status} ${err}`);
+    }
+    const session = await res.json();
+    this.sessionToken = session.id;
+    updateProfile(this.profile.name, {
+      auth: { ...auth, sessionToken: session.id }
+    });
+    const user = await this.get("/api/user/current");
+    const cachedUser = {
+      id: user.id,
+      email: user.email,
+      first_name: user.first_name,
+      last_name: user.last_name,
+      is_superuser: user.is_superuser
+    };
+    updateProfile(this.profile.name, { user: cachedUser });
+    this.profile.user = cachedUser;
+    return session;
+  }
+  async logout() {
+    await this.delete("/api/session");
+    this.sessionToken = void 0;
+    if (this.profile.auth.method === "session") {
+      updateProfile(this.profile.name, {
+        auth: { ...this.profile.auth, sessionToken: void 0 }
+      });
+    }
+  }
+  async ensureAuthenticated() {
+    if (this.apiKey) return;
+    if (!this.sessionToken) {
+      await this.login();
+    }
+  }
+  getProfile() {
+    return this.profile;
+  }
+  getUserId() {
+    return this.profile.user?.id ?? null;
+  }
+};
+
+// src/commands/helpers.ts
+async function resolveClient() {
+  const profile = getActiveProfile();
+  if (!profile) {
+    console.error("No active profile. Run: metabase-cli profile add <name>");
+    process.exit(1);
+  }
+  const client = new MetabaseClient(profile);
+  await client.ensureAuthenticated();
+  return client;
+}
+function resolveDb(optDb) {
+  if (optDb !== void 0) return optDb;
+  const profile = getActiveProfile();
+  if (profile?.defaultDb) return profile.defaultDb;
+  console.error("Error: --db is required (or set a default with: metabase-cli profile set-default-db <id>)");
+  process.exit(1);
+}
+function isUnsafe(cmd, localFlag) {
+  if (localFlag) return true;
+  if (process.env.METABASE_UNSAFE === "1") return true;
+  let current = cmd;
+  while (current) {
+    if (current.opts().unsafe) return true;
+    current = current.parent;
+  }
+  return false;
+}
+
+// src/commands/query.ts
+function queryCommand() {
+  const cmd = new import_commander2.Command("query").description("Run queries against a database").addHelpText("after", `
+Examples:
+  $ metabase-cli query run --sql "SELECT * FROM users LIMIT 10" --db 1
+  $ metabase-cli query run --sql "SELECT count(*) FROM orders" --db 1 --format json
+  $ metabase-cli query run --sql "SELECT * FROM products" --db 1 --format csv
+  $ metabase-cli query run --sql "SELECT * FROM users" --db 1 --columns "id,email" --limit 5`);
+  cmd.command("run").description("Execute a SQL query").requiredOption("--sql <sql>", "SQL query to execute").option("--db <id>", "Database ID (uses profile default if not set)", parseInt).option("--format <format>", "Output format: table, json, csv, tsv, xlsx", "table").option("--output <file>", "Write output to a file (format auto-detected from extension)").option("--columns <cols>", "Comma-separated column names to display").option("--limit <n>", "Limit number of rows", parseInt).addHelpText("after", `
+Examples:
+  $ metabase-cli query run --sql "SELECT * FROM users LIMIT 10" --db 1
+  $ metabase-cli query run --sql "SELECT count(*) FROM orders" --db 1 --format json
+  $ metabase-cli query run --sql "SELECT * FROM products" --db 2 --format csv > products.csv
+  $ metabase-cli query run --sql "SELECT * FROM products" --db 2 --output products.xlsx
+  $ metabase-cli query run --sql "SELECT * FROM products" --db 2 --output results.csv`).action(async (opts) => {
+    const client = await resolveClient();
+    const api = new DatasetApi(client);
+    let sql = opts.sql;
+    if (opts.limit) {
+      sql = `SELECT * FROM (${sql}) _q LIMIT ${opts.limit}`;
+    }
+    const db = resolveDb(opts.db);
+    let format = opts.format;
+    const outputPath = opts.output ? (0, import_node_path.resolve)(opts.output) : null;
+    if (outputPath) {
+      const ext = (0, import_node_path.extname)(outputPath).toLowerCase();
+      const inferredFormat = EXT_TO_FORMAT[ext];
+      if (inferredFormat && format === "table") {
+        format = inferredFormat;
+      }
+    }
+    if (outputPath) {
+      if (format === "xlsx" || format === "csv" || format === "json") {
+        if (opts.columns) {
+          console.warn("Warning: --columns is not supported with native export (csv/json/xlsx). All columns will be exported.");
+        }
+        const datasetQuery = {
+          type: "native",
+          database: db,
+          native: { query: sql, "template-tags": {} }
+        };
+        const data = await api.exportBinary(datasetQuery, format);
+        (0, import_node_fs.writeFileSync)(outputPath, data);
+        console.log(`Exported to ${outputPath}`);
+      } else {
+        const result2 = await api.queryNative(db, sql);
+        if (result2.status === "failed") {
+          console.error("Query failed:", result2.error);
+          process.exit(1);
+        }
+        const columns2 = opts.columns?.split(",");
+        const output = formatDatasetResponse(result2, format, columns2);
+        (0, import_node_fs.writeFileSync)(outputPath, output, "utf-8");
+        console.log(`Exported ${result2.row_count} row(s) to ${outputPath}`);
+      }
+      return;
+    }
+    if (format === "xlsx") {
+      console.error("Error: xlsx format requires --output <file>");
+      process.exit(1);
+    }
+    const result = await api.queryNative(db, sql);
+    if (result.status === "failed") {
+      console.error("Query failed:", result.error);
+      process.exit(1);
+    }
+    const columns = opts.columns?.split(",");
+    console.log(
+      formatDatasetResponse(result, format, columns)
+    );
+    console.log(`
+${result.row_count} row(s) returned.`);
+  });
+  return cmd;
+}
+
+// src/commands/question.ts
+var import_commander3 = require("commander");
+var import_node_fs2 = require("fs");
+var import_node_path2 = require("path");
+
+// src/api/card.ts
+var CardApi = class {
+  constructor(client) {
+    this.client = client;
+  }
+  async list(params) {
+    return this.client.get("/api/card", params);
+  }
+  async get(id) {
+    return this.client.get(`/api/card/${id}`);
+  }
+  async create(params) {
+    return this.client.post("/api/card", params);
+  }
+  async update(id, params) {
+    return this.client.put(`/api/card/${id}`, params);
+  }
+  async delete(id) {
+    await this.client.delete(`/api/card/${id}`);
+  }
+  async copy(id, overrides) {
+    return this.client.post(`/api/card/${id}/copy`, overrides);
+  }
+  async query(id, parameters) {
+    return this.client.post(`/api/card/${id}/query`, {
+      parameters: parameters ?? []
+    });
+  }
+  async queryExport(id, format, parameters) {
+    const res = await this.client.requestRaw(
+      "POST",
+      `/api/card/${id}/query/${format}`,
+      { parameters: parameters ?? [] }
+    );
+    if (!res.ok) {
+      throw new Error(`Export failed: ${res.status} ${await res.text()}`);
+    }
+    return res.text();
+  }
+  async queryExportBinary(id, format, parameters) {
+    const fields = {};
+    if (parameters && parameters.length > 0) {
+      fields.parameters = JSON.stringify(parameters);
+    }
+    const res = await this.client.requestFormExport(
+      `/api/card/${id}/query/${format}`,
+      fields
+    );
+    if (!res.ok) {
+      throw new Error(`Export failed: ${res.status} ${await res.text()}`);
+    }
+    const buf = Buffer.from(await res.arrayBuffer());
+    checkExportError(buf, format);
+    return buf;
+  }
+};
+
+// src/safety/guard.ts
+var SafetyGuard = class {
+  client;
+  unsafe;
+  constructor(client, unsafe = false) {
+    this.client = client;
+    this.unsafe = unsafe;
+  }
+  async checkOwnership(entityType, entityId) {
+    const pathMap = {
+      card: `/api/card/${entityId}`,
+      dashboard: `/api/dashboard/${entityId}`,
+      snippet: `/api/native-query-snippet/${entityId}`,
+      collection: `/api/collection/${entityId}`
+    };
+    const path2 = pathMap[entityType];
+    if (!path2) {
+      throw new Error(`Unknown entity type: ${entityType}`);
+    }
+    const entity = await this.client.get(path2);
+    const userId = this.client.getUserId();
+    if (userId === null) {
+      throw new Error("No cached user ID. Run 'metabase-cli login' or 'metabase-cli whoami --refresh' first.");
+    }
+    return {
+      owned: entity.creator_id === userId,
+      creatorId: entity.creator_id
+    };
+  }
+  async guard(entityType, entityId, action, fn) {
+    if (this.unsafe) {
+      return fn();
+    }
+    const { owned, creatorId } = await this.checkOwnership(entityType, entityId);
+    if (!owned) {
+      const userId = this.client.getUserId();
+      throw new Error(
+        `Safe mode: Cannot ${action} ${entityType} #${entityId} \u2014 owned by user #${creatorId}, you are user #${userId}. Use --unsafe to bypass.`
+      );
+    }
+    return fn();
+  }
+};
+
+// src/commands/question.ts
+var TAG_TYPE_TO_PARAM_TYPE = {
+  date: "date/single",
+  text: "string/=",
+  number: "number/="
+};
+function buildParametersFromTags(tags) {
+  if (Object.keys(tags).length === 0) return [];
+  return Object.entries(tags).filter(([, tag]) => {
+    return tag.type !== "snippet" && tag.type !== "card";
+  }).map(([name, tag]) => {
+    const isDimension = tag.type === "dimension";
+    const paramType = isDimension ? tag["widget-type"] || "string/=" : TAG_TYPE_TO_PARAM_TYPE[tag.type] || "string/=";
+    const param = {
+      id: tag.id || crypto.randomUUID(),
+      type: paramType,
+      target: isDimension ? ["dimension", ["template-tag", name]] : ["variable", ["template-tag", name]],
+      name: tag["display-name"] || name,
+      slug: name
+    };
+    if (tag.default !== void 0) {
+      param.default = tag.default;
+    }
+    return param;
+  });
+}
+function questionCommand() {
+  const cmd = new import_commander3.Command("question").description("Manage questions (saved cards)").addHelpText("after", `
+Examples:
+  $ metabase-cli question list --filter mine
+  $ metabase-cli question show 42
+  $ metabase-cli question run 42 --format csv
+  $ metabase-cli question create --name "Active Users" --sql "SELECT * FROM users WHERE active" --db 1
+  $ metabase-cli question update 42 --name "New Name" --unsafe
+  $ metabase-cli question delete 42
+  $ metabase-cli question copy 42 --name "Copy" --collection 5`);
+  cmd.command("list").description("List questions").option("--filter <f>", "Filter: all, mine, bookmarked, archived").option("--format <format>", "Output format: table, json", "table").addHelpText("after", `
+Examples:
+  $ metabase-cli question list
+  $ metabase-cli question list --filter mine
+  $ metabase-cli question list --format json`).action(async (opts) => {
+    const client = await resolveClient();
+    const api = new CardApi(client);
+    const params = {};
+    if (opts.filter) params.f = opts.filter;
+    const cards = await api.list(params);
+    if (opts.format === "json") {
+      console.log(formatJson(cards));
+      return;
+    }
+    console.log(
+      formatEntityTable(cards, [
+        { key: "id", header: "ID" },
+        { key: "name", header: "Name" },
+        { key: "display", header: "Display" },
+        { key: "collection_id", header: "Collection" },
+        { key: "creator_id", header: "Creator" }
+      ])
+    );
+  });
+  cmd.command("show <id>").description("Show question details").addHelpText("after", `
+Examples:
+  $ metabase-cli question show 42`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new CardApi(client);
+    const card = await api.get(parseInt(id));
+    console.log(formatJson(card));
+  });
+  cmd.command("run <id>").description("Execute a saved question").option("--format <format>", "Output format: table, json, csv, tsv, xlsx", "table").option("--output <file>", "Write output to a file (format auto-detected from extension)").option("--columns <cols>", "Comma-separated column names").option("--params <json>", `Parameter values as JSON, e.g. '{"start_date":"2025-01-01"}'`).addHelpText("after", `
+Examples:
+  $ metabase-cli question run 42
+  $ metabase-cli question run 42 --format csv
+  $ metabase-cli question run 42 --columns "id,name,email"
+  $ metabase-cli question run 42 --params '{"start_date":"2025-01-01"}'
+  $ metabase-cli question run 42 --output results.xlsx
+  $ metabase-cli question run 42 --output results.csv`).action(async (id, opts) => {
+    const client = await resolveClient();
+    const api = new CardApi(client);
+    const cardId = parseInt(id);
+    let format = opts.format;
+    const outputPath = opts.output ? (0, import_node_path2.resolve)(opts.output) : null;
+    if (outputPath) {
+      const ext = (0, import_node_path2.extname)(outputPath).toLowerCase();
+      const inferredFormat = EXT_TO_FORMAT[ext];
+      if (inferredFormat && format === "table") {
+        format = inferredFormat;
+      }
+    }
+    const card = await api.get(cardId);
+    const cardParams = card.parameters || [];
+    let paramsInput = {};
+    if (opts.params) {
+      try {
+        paramsInput = JSON.parse(opts.params);
+      } catch {
+        console.error("Error: --params must be valid JSON");
+        process.exit(1);
+      }
+    }
+    const parameterValues = cardParams.map((p) => {
+      const value = paramsInput[p.slug] ?? p.default;
+      if (value === void 0) return null;
+      return {
+        id: p.id,
+        type: p.type,
+        target: p.target,
+        value
+      };
+    }).filter(Boolean);
+    if (outputPath) {
+      if (format === "xlsx" || format === "csv" || format === "json") {
+        if (opts.columns) {
+          console.warn("Warning: --columns is not supported with native export (csv/json/xlsx). All columns will be exported.");
+        }
+        const data = await api.queryExportBinary(cardId, format, parameterValues);
+        (0, import_node_fs2.writeFileSync)(outputPath, data);
+        console.log(`Exported to ${outputPath}`);
+      } else {
+        const result2 = await api.query(cardId, parameterValues);
+        if (result2.status === "failed") {
+          console.error("Query failed:", result2.error);
+          process.exit(1);
+        }
+        const columns2 = opts.columns?.split(",");
+        const output = formatDatasetResponse(result2, format, columns2);
+        (0, import_node_fs2.writeFileSync)(outputPath, output, "utf-8");
+        console.log(`Exported ${result2.row_count} row(s) to ${outputPath}`);
+      }
+      return;
+    }
+    if (format === "xlsx") {
+      console.error("Error: xlsx format requires --output <file>");
+      process.exit(1);
+    }
+    const result = await api.query(cardId, parameterValues);
+    if (result.status === "failed") {
+      console.error("Query failed:", result.error);
+      process.exit(1);
+    }
+    const columns = opts.columns?.split(",");
+    console.log(
+      formatDatasetResponse(result, format, columns)
+    );
+    console.log(`
+${result.row_count} row(s) returned.`);
+  });
+  cmd.command("create").description("Create a new question").requiredOption("--name <name>", "Question name").requiredOption("--sql <sql>", "SQL query").option("--db <id>", "Database ID (uses profile default if not set)", parseInt).option("--description <desc>", "Description").option("--collection <id>", "Collection ID", parseInt).option("--display <type>", "Display type (table, line, bar, pie, scalar, etc.)", "table").option("--viz <json>", "Visualization settings as JSON string").option("--template-tags <json>", "Template tags as JSON string for parameterized queries").addHelpText("after", `
+Display types: table, line, bar, area, pie, scalar, row, scatter, funnel, map, pivot, progress, gauge, waterfall
+
+Examples:
+  $ metabase-cli question create --name "Active Users" --sql "SELECT * FROM users WHERE active = true" --db 1
+  $ metabase-cli question create --name "Revenue" --sql "SELECT sum(amount) FROM orders" --db 1 --collection 5
+  $ metabase-cli question create --name "Revenue Trend" --sql "SELECT date, sum(amount) FROM orders GROUP BY date" --display line
+  $ metabase-cli question create --name "Revenue Trend" --sql "..." --display line --viz '{"graph.show_values":true}'
+  $ metabase-cli question create --name "Users Since" --sql "SELECT * FROM users WHERE created_at >= {{start_date}}" --template-tags '{"start_date":{"type":"date","name":"start_date","display-name":"Start Date","default":"2024-01-01"}}'`).action(async (opts) => {
+    const client = await resolveClient();
+    const api = new CardApi(client);
+    const db = resolveDb(opts.db);
+    let vizSettings = {};
+    if (opts.viz) {
+      try {
+        vizSettings = JSON.parse(opts.viz);
+      } catch {
+        console.error("Error: --viz must be valid JSON");
+        process.exit(1);
+      }
+    }
+    let templateTags = {};
+    if (opts.templateTags) {
+      try {
+        templateTags = JSON.parse(opts.templateTags);
+      } catch {
+        console.error("Error: --template-tags must be valid JSON");
+        process.exit(1);
+      }
+    }
+    for (const tag of Object.values(templateTags)) {
+      if (!tag.id) {
+        tag.id = crypto.randomUUID();
+      }
+    }
+    const parameters = buildParametersFromTags(templateTags);
+    const card = await api.create({
+      name: opts.name,
+      display: opts.display,
+      description: opts.description,
+      collection_id: opts.collection,
+      visualization_settings: vizSettings,
+      parameters,
+      dataset_query: {
+        type: "native",
+        database: db,
+        native: {
+          query: opts.sql,
+          "template-tags": Object.keys(templateTags).length > 0 ? templateTags : void 0
+        }
+      }
+    });
+    console.log(`Question #${card.id} "${card.name}" created.`);
+  });
+  cmd.command("update <id>").description("Update a question (safe mode by default)").option("--name <name>", "New name").option("--description <desc>", "New description").option("--collection <id>", "Move to collection", parseInt).option("--sql <sql>", "New SQL query").option("--display <type>", "Change display type (table, line, bar, pie, scalar, etc.)").option("--viz <json>", "Visualization settings as JSON (merged with existing)").option("--unsafe", "Bypass safe mode", false).addHelpText("after", `
+Safe mode blocks updates to questions you didn't create. Use --unsafe to bypass.
+
+Examples:
+  $ metabase-cli question update 42 --name "New Name"
+  $ metabase-cli question update 42 --sql "SELECT * FROM users WHERE active" --unsafe
+  $ metabase-cli question update 42 --display line
+  $ metabase-cli question update 42 --viz '{"graph.show_values":true,"graph.dimensions":["date"]}'`).action(async function(id, opts) {
+    const client = await resolveClient();
+    const api = new CardApi(client);
+    const guard = new SafetyGuard(client, isUnsafe(this, opts.unsafe));
+    const cardId = parseInt(id);
+    await guard.guard("card", cardId, "update", async () => {
+      const updates = {};
+      if (opts.name) updates.name = opts.name;
+      if (opts.description) updates.description = opts.description;
+      if (opts.collection !== void 0) updates.collection_id = opts.collection;
+      if (opts.display) updates.display = opts.display;
+      if (opts.viz) {
+        let vizSettings;
+        try {
+          vizSettings = JSON.parse(opts.viz);
+        } catch {
+          console.error("Error: --viz must be valid JSON");
+          process.exit(1);
+        }
+        const existing = await api.get(cardId);
+        updates.visualization_settings = {
+          ...existing.visualization_settings,
+          ...vizSettings
+        };
+      }
+      if (opts.sql) {
+        const existing = await api.get(cardId);
+        updates.dataset_query = {
+          ...existing.dataset_query,
+          native: {
+            ...existing.dataset_query.native,
+            query: opts.sql
+          }
+        };
+      }
+      const card = await api.update(cardId, updates);
+      console.log(`Question #${card.id} "${card.name}" updated.`);
+    });
+  });
+  cmd.command("delete <id>").description("Delete a question (safe mode by default)").option("--unsafe", "Bypass safe mode", false).addHelpText("after", `
+Examples:
+  $ metabase-cli question delete 42
+  $ metabase-cli question delete 42 --unsafe`).action(async function(id, opts) {
+    const client = await resolveClient();
+    const api = new CardApi(client);
+    const guard = new SafetyGuard(client, isUnsafe(this, opts.unsafe));
+    const cardId = parseInt(id);
+    await guard.guard("card", cardId, "delete", async () => {
+      await api.delete(cardId);
+      console.log(`Question #${cardId} deleted.`);
+    });
+  });
+  cmd.command("copy <id>").description("Copy a question").option("--name <name>", "Name for the copy").option("--collection <id>", "Target collection", parseInt).addHelpText("after", `
+Examples:
+  $ metabase-cli question copy 42
+  $ metabase-cli question copy 42 --name "Copy of Revenue" --collection 10`).action(async (id, opts) => {
+    const client = await resolveClient();
+    const api = new CardApi(client);
+    const overrides = {};
+    if (opts.name) overrides.name = opts.name;
+    if (opts.collection !== void 0) overrides.collection_id = opts.collection;
+    const card = await api.copy(parseInt(id), overrides);
+    console.log(`Question #${card.id} "${card.name}" created (copy).`);
+  });
+  return cmd;
+}
+
+// src/commands/dashboard.ts
+var import_commander4 = require("commander");
+
+// src/api/dashboard.ts
+var DashboardApi = class {
+  constructor(client) {
+    this.client = client;
+  }
+  async list(params) {
+    return this.client.get("/api/dashboard", params);
+  }
+  async get(id) {
+    return this.client.get(`/api/dashboard/${id}`);
+  }
+  async create(params) {
+    return this.client.post("/api/dashboard", params);
+  }
+  async update(id, params) {
+    return this.client.put(`/api/dashboard/${id}`, params);
+  }
+  async delete(id) {
+    await this.client.delete(`/api/dashboard/${id}`);
+  }
+  async copy(id, overrides) {
+    return this.client.post(`/api/dashboard/${id}/copy`, overrides);
+  }
+};
+
+// src/commands/dashboard.ts
+function dashboardCommand() {
+  const cmd = new import_commander4.Command("dashboard").description("Manage dashboards").addHelpText("after", `
+Examples:
+  $ metabase-cli dashboard list
+  $ metabase-cli dashboard show 7
+  $ metabase-cli dashboard create --name "Sales Overview" --collection 5
+  $ metabase-cli dashboard update 7 --name "Updated" --unsafe
+  $ metabase-cli dashboard delete 7
+  $ metabase-cli dashboard copy 7 --name "Sales Overview (copy)"`);
+  cmd.command("list").description("List dashboards").option("--format <format>", "Output format: table, json", "table").addHelpText("after", `
+Examples:
+  $ metabase-cli dashboard list
+  $ metabase-cli dashboard list --format json`).action(async (opts) => {
+    const client = await resolveClient();
+    const api = new DashboardApi(client);
+    const dashboards = await api.list();
+    if (opts.format === "json") {
+      console.log(formatJson(dashboards));
+      return;
+    }
+    console.log(
+      formatEntityTable(dashboards, [
+        { key: "id", header: "ID" },
+        { key: "name", header: "Name" },
+        { key: "collection_id", header: "Collection" },
+        { key: "creator_id", header: "Creator" }
+      ])
+    );
+  });
+  cmd.command("show <id>").description("Show dashboard details").addHelpText("after", `
+Examples:
+  $ metabase-cli dashboard show 7`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new DashboardApi(client);
+    const dashboard = await api.get(parseInt(id));
+    console.log(formatJson(dashboard));
+  });
+  cmd.command("create").description("Create a new dashboard").requiredOption("--name <name>", "Dashboard name").option("--description <desc>", "Description").option("--collection <id>", "Collection ID", parseInt).addHelpText("after", `
+Examples:
+  $ metabase-cli dashboard create --name "Sales Overview"
+  $ metabase-cli dashboard create --name "Q1 Report" --description "Quarterly report" --collection 5`).action(async (opts) => {
+    const client = await resolveClient();
+    const api = new DashboardApi(client);
+    const dashboard = await api.create({
+      name: opts.name,
+      description: opts.description,
+      collection_id: opts.collection
+    });
+    console.log(`Dashboard #${dashboard.id} "${dashboard.name}" created.`);
+  });
+  cmd.command("update <id>").description("Update a dashboard (safe mode by default)").option("--name <name>", "New name").option("--description <desc>", "New description").option("--collection <id>", "Move to collection", parseInt).option("--unsafe", "Bypass safe mode", false).addHelpText("after", `
+Safe mode blocks updates to dashboards you didn't create. Use --unsafe to bypass.
+
+Examples:
+  $ metabase-cli dashboard update 7 --name "Updated Name"
+  $ metabase-cli dashboard update 7 --collection 10 --unsafe`).action(async function(id, opts) {
+    const client = await resolveClient();
+    const api = new DashboardApi(client);
+    const guard = new SafetyGuard(client, isUnsafe(this, opts.unsafe));
+    const dashId = parseInt(id);
+    await guard.guard("dashboard", dashId, "update", async () => {
+      const updates = {};
+      if (opts.name) updates.name = opts.name;
+      if (opts.description) updates.description = opts.description;
+      if (opts.collection !== void 0) updates.collection_id = opts.collection;
+      const dashboard = await api.update(dashId, updates);
+      console.log(`Dashboard #${dashboard.id} "${dashboard.name}" updated.`);
+    });
+  });
+  cmd.command("delete <id>").description("Delete a dashboard (safe mode by default)").option("--unsafe", "Bypass safe mode", false).addHelpText("after", `
+Examples:
+  $ metabase-cli dashboard delete 7
+  $ metabase-cli dashboard delete 7 --unsafe`).action(async function(id, opts) {
+    const client = await resolveClient();
+    const api = new DashboardApi(client);
+    const guard = new SafetyGuard(client, isUnsafe(this, opts.unsafe));
+    const dashId = parseInt(id);
+    await guard.guard("dashboard", dashId, "delete", async () => {
+      await api.delete(dashId);
+      console.log(`Dashboard #${dashId} deleted.`);
+    });
+  });
+  cmd.command("copy <id>").description("Copy a dashboard").option("--name <name>", "Name for the copy").option("--collection <id>", "Target collection", parseInt).addHelpText("after", `
+Examples:
+  $ metabase-cli dashboard copy 7
+  $ metabase-cli dashboard copy 7 --name "Sales Overview (copy)" --collection 10`).action(async (id, opts) => {
+    const client = await resolveClient();
+    const api = new DashboardApi(client);
+    const overrides = {};
+    if (opts.name) overrides.name = opts.name;
+    if (opts.collection !== void 0) overrides.collection_id = opts.collection;
+    const dashboard = await api.copy(parseInt(id), overrides);
+    console.log(`Dashboard #${dashboard.id} "${dashboard.name}" created (copy).`);
+  });
+  return cmd;
+}
+
+// src/commands/collection.ts
+var import_commander5 = require("commander");
+
+// src/api/collection.ts
+var CollectionApi = class {
+  constructor(client) {
+    this.client = client;
+  }
+  async list() {
+    return this.client.get("/api/collection");
+  }
+  async tree() {
+    return this.client.get("/api/collection/tree");
+  }
+  async get(id) {
+    return this.client.get(`/api/collection/${id}`);
+  }
+  async items(id, params) {
+    return this.client.get(`/api/collection/${id}/items`, params);
+  }
+  async create(params) {
+    return this.client.post("/api/collection", params);
+  }
+  async update(id, params) {
+    return this.client.put(`/api/collection/${id}`, params);
+  }
+};
+
+// src/commands/collection.ts
+function collectionCommand() {
+  const cmd = new import_commander5.Command("collection").description("Manage collections").addHelpText("after", `
+Examples:
+  $ metabase-cli collection list
+  $ metabase-cli collection tree
+  $ metabase-cli collection items 5 --models card
+  $ metabase-cli collection create --name "Analytics" --parent 3`);
+  cmd.command("list").description("List all collections").option("--format <format>", "Output format: table, json", "table").addHelpText("after", `
+Examples:
+  $ metabase-cli collection list
+  $ metabase-cli collection list --format json`).action(async (opts) => {
+    const client = await resolveClient();
+    const api = new CollectionApi(client);
+    const collections = await api.list();
+    if (opts.format === "json") {
+      console.log(formatJson(collections));
+      return;
+    }
+    console.log(
+      formatEntityTable(collections, [
+        { key: "id", header: "ID" },
+        { key: "name", header: "Name" },
+        { key: "parent_id", header: "Parent" }
+      ])
+    );
+  });
+  cmd.command("tree").description("Show collection hierarchy").addHelpText("after", `
+Examples:
+  $ metabase-cli collection tree`).action(async () => {
+    const client = await resolveClient();
+    const api = new CollectionApi(client);
+    const tree = await api.tree();
+    console.log(formatJson(tree));
+  });
+  cmd.command("show <id>").description("Show collection details (use 'root' for root collection)").addHelpText("after", `
+Examples:
+  $ metabase-cli collection show 5
+  $ metabase-cli collection show root`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new CollectionApi(client);
+    const coll = await api.get(id === "root" ? "root" : parseInt(id));
+    console.log(formatJson(coll));
+  });
+  cmd.command("items <id>").description("List items in a collection (use 'root' for root)").option("--models <models>", "Filter by type: card, dashboard, collection").option("--format <format>", "Output format: table, json", "table").addHelpText("after", `
+Examples:
+  $ metabase-cli collection items 5
+  $ metabase-cli collection items root --models card,dashboard
+  $ metabase-cli collection items 5 --models card --format json`).action(async (id, opts) => {
+    const client = await resolveClient();
+    const api = new CollectionApi(client);
+    const params = {};
+    if (opts.models) params.models = opts.models;
+    const collId = id === "root" ? "root" : parseInt(id);
+    const result = await api.items(collId, params);
+    if (opts.format === "json") {
+      console.log(formatJson(result));
+      return;
+    }
+    console.log(
+      formatEntityTable(result.data, [
+        { key: "id", header: "ID" },
+        { key: "name", header: "Name" },
+        { key: "model", header: "Type" },
+        { key: "description", header: "Description" }
+      ])
+    );
+    console.log(`
+${result.total} item(s).`);
+  });
+  cmd.command("create").description("Create a new collection").requiredOption("--name <name>", "Collection name").option("--description <desc>", "Description").option("--parent <id>", "Parent collection ID", parseInt).addHelpText("after", `
+Examples:
+  $ metabase-cli collection create --name "Analytics"
+  $ metabase-cli collection create --name "Q1 Reports" --parent 3 --description "First quarter"`).action(async (opts) => {
+    const client = await resolveClient();
+    const api = new CollectionApi(client);
+    const coll = await api.create({
+      name: opts.name,
+      description: opts.description,
+      parent_id: opts.parent
+    });
+    console.log(`Collection #${coll.id} "${coll.name}" created.`);
+  });
+  cmd.command("update <id>").description("Update a collection (safe mode by default)").option("--name <name>", "New name").option("--description <desc>", "New description").option("--parent <id>", "Move to parent collection", parseInt).option("--unsafe", "Bypass safe mode", false).addHelpText("after", `
+Safe mode blocks updates to collections you didn't create. Use --unsafe to bypass.
+
+Examples:
+  $ metabase-cli collection update 5 --name "New Name"
+  $ metabase-cli collection update 5 --parent 3 --unsafe`).action(async function(id, opts) {
+    const client = await resolveClient();
+    const api = new CollectionApi(client);
+    const guard = new SafetyGuard(client, isUnsafe(this, opts.unsafe));
+    const collId = parseInt(id);
+    await guard.guard("collection", collId, "update", async () => {
+      const updates = {};
+      if (opts.name) updates.name = opts.name;
+      if (opts.description) updates.description = opts.description;
+      if (opts.parent !== void 0) updates.parent_id = opts.parent;
+      const coll = await api.update(collId, updates);
+      console.log(`Collection #${coll.id} "${coll.name}" updated.`);
+    });
+  });
+  return cmd;
+}
+
+// src/commands/database.ts
+var import_commander6 = require("commander");
+
+// src/api/database.ts
+var DatabaseApi = class {
+  constructor(client) {
+    this.client = client;
+  }
+  async list() {
+    return this.client.get("/api/database");
+  }
+  async get(id) {
+    return this.client.get(`/api/database/${id}`);
+  }
+  async metadata(id) {
+    return this.client.get(`/api/database/${id}/metadata`);
+  }
+  async schemas(id) {
+    return this.client.get(`/api/database/${id}/schemas`);
+  }
+  async tablesInSchema(id, schema) {
+    return this.client.get(
+      `/api/database/${id}/schema/${encodeURIComponent(schema)}`
+    );
+  }
+};
+
+// src/api/table.ts
+var TableApi = class {
+  constructor(client) {
+    this.client = client;
+  }
+  async get(id) {
+    return this.client.get(`/api/table/${id}`);
+  }
+  async queryMetadata(id) {
+    return this.client.get(`/api/table/${id}/query_metadata`);
+  }
+  async foreignKeys(id) {
+    return this.client.get(`/api/table/${id}/fks`);
+  }
+};
+
+// src/api/field.ts
+var FieldApi = class {
+  constructor(client) {
+    this.client = client;
+  }
+  async get(id) {
+    return this.client.get(`/api/field/${id}`);
+  }
+  async values(id) {
+    return this.client.get(`/api/field/${id}/values`);
+  }
+};
+
+// src/commands/database.ts
+function databaseCommand() {
+  const cmd = new import_commander6.Command("database").description("Browse databases, tables, and fields").addHelpText("after", `
+Examples:
+  $ metabase-cli database list
+  $ metabase-cli database show 1
+  $ metabase-cli database schemas 1
+  $ metabase-cli database tables 1 public`);
+  cmd.command("list").description("List all databases").option("--format <format>", "Output format: table, json", "table").addHelpText("after", `
+Examples:
+  $ metabase-cli database list
+  $ metabase-cli database list --format json`).action(async (opts) => {
+    const client = await resolveClient();
+    const api = new DatabaseApi(client);
+    const result = await api.list();
+    if (opts.format === "json") {
+      console.log(formatJson(result.data));
+      return;
+    }
+    console.log(
+      formatEntityTable(result.data, [
+        { key: "id", header: "ID" },
+        { key: "name", header: "Name" },
+        { key: "engine", header: "Engine" }
+      ])
+    );
+  });
+  cmd.command("show <id>").description("Show database details").addHelpText("after", `
+Examples:
+  $ metabase-cli database show 1`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new DatabaseApi(client);
+    const db = await api.get(parseInt(id));
+    console.log(formatJson(db));
+  });
+  cmd.command("metadata <id>").description("Show database metadata (tables and fields)").addHelpText("after", `
+Examples:
+  $ metabase-cli database metadata 1`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new DatabaseApi(client);
+    const meta = await api.metadata(parseInt(id));
+    console.log(formatJson(meta));
+  });
+  cmd.command("schemas <id>").description("List schemas in a database").addHelpText("after", `
+Examples:
+  $ metabase-cli database schemas 1`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new DatabaseApi(client);
+    const schemas = await api.schemas(parseInt(id));
+    for (const s of schemas) console.log(s);
+  });
+  cmd.command("tables <dbId> <schema>").description("List tables in a database schema").option("--format <format>", "Output format: table, json", "table").addHelpText("after", `
+Examples:
+  $ metabase-cli database tables 1 public
+  $ metabase-cli database tables 1 public --format json`).action(async (dbId, schema, opts) => {
+    const client = await resolveClient();
+    const api = new DatabaseApi(client);
+    const tables = await api.tablesInSchema(parseInt(dbId), schema);
+    if (opts.format === "json") {
+      console.log(formatJson(tables));
+      return;
+    }
+    console.log(
+      formatEntityTable(tables, [
+        { key: "id", header: "ID" },
+        { key: "name", header: "Name" },
+        { key: "display_name", header: "Display Name" }
+      ])
+    );
+  });
+  return cmd;
+}
+function tableCommand() {
+  const cmd = new import_commander6.Command("table").description("Inspect tables").addHelpText("after", `
+Examples:
+  $ metabase-cli table show 15
+  $ metabase-cli table metadata 15
+  $ metabase-cli table fks 15`);
+  cmd.command("show <id>").description("Show table details").addHelpText("after", `
+Examples:
+  $ metabase-cli table show 15`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new TableApi(client);
+    const table = await api.get(parseInt(id));
+    console.log(formatJson(table));
+  });
+  cmd.command("metadata <id>").description("Show table metadata with fields").option("--format <format>", "Output format: table, json", "table").addHelpText("after", `
+Examples:
+  $ metabase-cli table metadata 15
+  $ metabase-cli table metadata 15 --format json`).action(async (id, opts) => {
+    const client = await resolveClient();
+    const api = new TableApi(client);
+    const meta = await api.queryMetadata(parseInt(id));
+    if (opts.format === "json") {
+      console.log(formatJson(meta));
+      return;
+    }
+    console.log(`Table: ${meta.name} (${meta.display_name})`);
+    console.log(
+      formatEntityTable(meta.fields, [
+        { key: "id", header: "ID" },
+        { key: "name", header: "Name" },
+        { key: "display_name", header: "Display Name" },
+        { key: "base_type", header: "Type" },
+        { key: "semantic_type", header: "Semantic" }
+      ])
+    );
+  });
+  cmd.command("fks <id>").description("Show foreign keys for a table").addHelpText("after", `
+Examples:
+  $ metabase-cli table fks 15`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new TableApi(client);
+    const fks = await api.foreignKeys(parseInt(id));
+    console.log(formatJson(fks));
+  });
+  return cmd;
+}
+function fieldCommand() {
+  const cmd = new import_commander6.Command("field").description("Inspect fields").addHelpText("after", `
+Examples:
+  $ metabase-cli field show 100
+  $ metabase-cli field values 100`);
+  cmd.command("show <id>").description("Show field details").addHelpText("after", `
+Examples:
+  $ metabase-cli field show 100`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new FieldApi(client);
+    const field = await api.get(parseInt(id));
+    console.log(formatJson(field));
+  });
+  cmd.command("values <id>").description("Show distinct values for a field").addHelpText("after", `
+Examples:
+  $ metabase-cli field values 100`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new FieldApi(client);
+    const result = await api.values(parseInt(id));
+    console.log(formatJson(result));
+  });
+  return cmd;
+}
+
+// src/commands/search.ts
+var import_commander7 = require("commander");
+
+// src/api/search.ts
+var SearchApi = class {
+  constructor(client) {
+    this.client = client;
+  }
+  async search(query, params) {
+    const qs = { q: query };
+    if (params?.models?.length) {
+      qs.models = params.models.join(",");
+    }
+    if (params?.limit !== void 0) qs.limit = String(params.limit);
+    if (params?.offset !== void 0) qs.offset = String(params.offset);
+    return this.client.get("/api/search", qs);
+  }
+};
+
+// src/commands/search.ts
+function searchCommand() {
+  const cmd = new import_commander7.Command("search").description("Search across all entities").argument("<query>", "Search query").option("--models <models>", "Filter by type: card, dashboard, collection, table, database").option("--limit <n>", "Max results", parseInt).option("--format <format>", "Output format: table, json", "table").addHelpText("after", `
+Examples:
+  $ metabase-cli search "revenue"
+  $ metabase-cli search "users" --models card,dashboard
+  $ metabase-cli search "orders" --limit 5 --format json`).action(async (query, opts) => {
+    const client = await resolveClient();
+    const api = new SearchApi(client);
+    const result = await api.search(query, {
+      models: opts.models?.split(","),
+      limit: opts.limit
+    });
+    if (opts.format === "json") {
+      console.log(formatJson(result));
+      return;
+    }
+    console.log(
+      formatEntityTable(result.data, [
+        { key: "id", header: "ID" },
+        { key: "model", header: "Type" },
+        { key: "name", header: "Name" },
+        { key: "description", header: "Description" },
+        { key: "collection_id", header: "Collection" }
+      ])
+    );
+    console.log(`
+${result.total} result(s).`);
+  });
+  return cmd;
+}
+
+// src/commands/snippet.ts
+var import_commander8 = require("commander");
+
+// src/api/snippet.ts
+var SnippetApi = class {
+  constructor(client) {
+    this.client = client;
+  }
+  async list(params) {
+    return this.client.get("/api/native-query-snippet", params);
+  }
+  async get(id) {
+    return this.client.get(`/api/native-query-snippet/${id}`);
+  }
+  async create(params) {
+    return this.client.post("/api/native-query-snippet", params);
+  }
+  async update(id, params) {
+    return this.client.put(`/api/native-query-snippet/${id}`, params);
+  }
+};
+
+// src/commands/snippet.ts
+function snippetCommand() {
+  const cmd = new import_commander8.Command("snippet").description("Manage SQL snippets").addHelpText("after", `
+Examples:
+  $ metabase-cli snippet list
+  $ metabase-cli snippet show 3
+  $ metabase-cli snippet create --name "Active filter" --content "WHERE active = true"
+  $ metabase-cli snippet update 3 --content "WHERE active AND NOT deleted" --unsafe`);
+  cmd.command("list").description("List snippets").option("--archived", "Include archived snippets").option("--format <format>", "Output format: table, json", "table").addHelpText("after", `
+Examples:
+  $ metabase-cli snippet list
+  $ metabase-cli snippet list --archived --format json`).action(async (opts) => {
+    const client = await resolveClient();
+    const api = new SnippetApi(client);
+    const params = {};
+    if (opts.archived) params.archived = "true";
+    const snippets = await api.list(params);
+    if (opts.format === "json") {
+      console.log(formatJson(snippets));
+      return;
+    }
+    console.log(
+      formatEntityTable(snippets, [
+        { key: "id", header: "ID" },
+        { key: "name", header: "Name" },
+        { key: "description", header: "Description" },
+        { key: "creator_id", header: "Creator" }
+      ])
+    );
+  });
+  cmd.command("show <id>").description("Show snippet details and content").addHelpText("after", `
+Examples:
+  $ metabase-cli snippet show 3`).action(async (id) => {
+    const client = await resolveClient();
+    const api = new SnippetApi(client);
+    const snippet = await api.get(parseInt(id));
+    console.log(formatJson(snippet));
+  });
+  cmd.command("create").description("Create a new snippet").requiredOption("--name <name>", "Snippet name").requiredOption("--content <sql>", "SQL content").option("--description <desc>", "Description").option("--collection <id>", "Collection ID", parseInt).addHelpText("after", `
+Examples:
+  $ metabase-cli snippet create --name "Active filter" --content "WHERE active = true"
+  $ metabase-cli snippet create --name "Date range" --content "WHERE created_at > NOW() - INTERVAL '30 days'"`).action(async (opts) => {
+    const client = await resolveClient();
+    const api = new SnippetApi(client);
+    const snippet = await api.create({
+      name: opts.name,
+      content: opts.content,
+      description: opts.description,
+      collection_id: opts.collection
+    });
+    console.log(`Snippet #${snippet.id} "${snippet.name}" created.`);
+  });
+  cmd.command("update <id>").description("Update a snippet (safe mode by default)").option("--name <name>", "New name").option("--content <sql>", "New SQL content").option("--description <desc>", "New description").option("--unsafe", "Bypass safe mode", false).addHelpText("after", `
+Safe mode blocks updates to snippets you didn't create. Use --unsafe to bypass.
+
+Examples:
+  $ metabase-cli snippet update 3 --content "WHERE active = true AND deleted_at IS NULL"
+  $ metabase-cli snippet update 3 --name "New Name" --unsafe`).action(async function(id, opts) {
+    const client = await resolveClient();
+    const api = new SnippetApi(client);
+    const guard = new SafetyGuard(client, isUnsafe(this, opts.unsafe));
+    const snippetId = parseInt(id);
+    await guard.guard("snippet", snippetId, "update", async () => {
+      const updates = {};
+      if (opts.name) updates.name = opts.name;
+      if (opts.content) updates.content = opts.content;
+      if (opts.description) updates.description = opts.description;
+      const snippet = await api.update(snippetId, updates);
+      console.log(`Snippet #${snippet.id} "${snippet.name}" updated.`);
+    });
+  });
+  return cmd;
+}
+
+// src/utils/errors.ts
+function handleError(err) {
+  if (err instanceof Error) {
+    console.error(`Error: ${err.message}`);
+  } else {
+    console.error("Unknown error:", err);
+  }
+  process.exit(1);
+}
+
+// bin/metabase.ts
+var pkg = JSON.parse((0, import_node_fs3.readFileSync)((0, import_node_path3.resolve)(__dirname, "..", "package.json"), "utf-8"));
+var program = new import_commander9.Command();
+program.name("metabase-cli").description("Headless CLI for Metabase instances").version(pkg.version).option("--unsafe", "Bypass safe mode globally");
+program.addCommand(profileCommand());
+program.addCommand(queryCommand());
+program.addCommand(questionCommand());
+program.addCommand(dashboardCommand());
+program.addCommand(collectionCommand());
+program.addCommand(databaseCommand());
+program.addCommand(tableCommand());
+program.addCommand(fieldCommand());
+program.addCommand(searchCommand());
+program.addCommand(snippetCommand());
+program.command("login").description("Login to the active profile").addHelpText("after", `
+Examples:
+  $ metabase-cli login`).action(async () => {
+  const profile = getActiveProfile();
+  if (!profile) {
+    console.error("No active profile. Run: metabase-cli profile add <name>");
+    process.exit(1);
+  }
+  if (profile.auth.method !== "session") {
+    console.log("Profile uses API key auth \u2014 no login needed.");
+    return;
+  }
+  const client = new MetabaseClient(profile);
+  await client.login();
+  console.log(`Logged in to ${profile.domain} as ${profile.auth.email}.`);
+  if (client.getProfile().user) {
+    console.log(`User: ${client.getProfile().user.first_name} ${client.getProfile().user.last_name} (ID: ${client.getProfile().user.id})`);
+  }
+});
+program.command("logout").description("Logout from the active profile").addHelpText("after", `
+Examples:
+  $ metabase-cli logout`).action(async () => {
+  const profile = getActiveProfile();
+  if (!profile) {
+    console.error("No active profile.");
+    process.exit(1);
+  }
+  const client = new MetabaseClient(profile);
+  await client.logout();
+  console.log("Logged out.");
+});
+program.command("whoami").description("Show current user info").option("--refresh", "Refresh cached user info from server").addHelpText("after", `
+Examples:
+  $ metabase-cli whoami
+  $ metabase-cli whoami --refresh`).action(async (opts) => {
+  const profile = getActiveProfile();
+  if (!profile) {
+    console.error("No active profile.");
+    process.exit(1);
+  }
+  if (!opts.refresh && profile.user) {
+    console.log(`${profile.user.first_name} ${profile.user.last_name}`);
+    console.log(`Email:      ${profile.user.email}`);
+    console.log(`User ID:    ${profile.user.id}`);
+    console.log(`Superuser:  ${profile.user.is_superuser}`);
+    console.log(`Profile:    ${profile.name}`);
+    console.log(`Domain:     ${profile.domain}`);
+    return;
+  }
+  const client = new MetabaseClient(profile);
+  await client.ensureAuthenticated();
+  const user = await client.get("/api/user/current");
+  updateProfile(profile.name, {
+    user: {
+      id: user.id,
+      email: user.email,
+      first_name: user.first_name,
+      last_name: user.last_name,
+      is_superuser: user.is_superuser
+    }
+  });
+  console.log(formatJson(user));
+});
+program.parseAsync(process.argv).catch(handleError);