powerbase-cli 0.1.4__tar.gz → 0.2.0__tar.gz

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: powerbase-cli
-Version: 0.1.4
+Version: 0.2.0
 Summary: CLI for operating Powerbase console workflows
 Author: Powerbase
 Requires-Python: >=3.11
@@ -41,10 +41,12 @@ Database model:
 Install from PyPI:
 
 ```bash
-python -m pip install powerbase-cli
+python -m pip install --upgrade powerbase-cli==0.2.0
 powerbase --help
 ```
 
+Version `0.2.x` is the production-pinned release line and always targets `https://console.appbuild.chat`.
+
 From the repository root during development:
 
 ```bash
@@ -121,7 +123,7 @@ powerbase auth token-set \
   --expires-at 1760000000
 ```
 
-Use `--base-url` or `--anon-key` here only when you intentionally want to override the built-in deployment defaults.
+The CLI is pinned to the production Powerbase console deployment and no longer exposes endpoint override flags.
 
 ### Check Auth State
 
@@ -240,6 +242,8 @@ powerbase agent login-url --instance-id INSTANCE_ID --provider cursor --json
 
 ### Sandbox Agent Chat And Config
 
+Powerbase provides a coding agent so users can build and evolve Powerbase-hosted apps through chat. `powerbase agent chat` is the default implementation interface for that workflow, while the rest of the CLI supports context, validation, and deployment around it. In the current product workflow, successful `agent chat` runs are also the normal path that produces previewable app changes.
+
 Send one prompt to the sandbox agent and stream events as JSONL:
 
 ```bash
@@ -257,6 +261,9 @@ powerbase agent chat \
 feature branch. `powerbase context use-branch ...` only changes the local default value;
 it does not switch the remote sandbox by itself.
 
+Treat `powerbase sandbox files ...`, `powerbase sql run`, and `powerbase publish diff` as inspection and validation tools around the Powerbase coding agent. Treat `powerbase publish run` as an explicit deployment action and do not run it unless the user asks to publish, deploy, release, or promote the result.
+Direct `powerbase sandbox files create-file`, `upload`, or `delete` operations can help inspect or adjust the remote project, but they do not by themselves trigger the preview build flow.
+
 Read and update opencode provider config:
 
 ```bash
@@ -278,11 +285,16 @@ When Openclaw or another LLM agent uses `powerbase`:
 - prefer `--json` on all commands
 - run discovery commands before write operations
 - set context for long multi-step tasks
+- treat `powerbase agent chat` as the default implementation interface for Powerbase-hosted apps
+- treat successful `powerbase agent chat` runs as the normal path that produces previewable app changes
 - use `auth status` before workflows that assume login
 - use `auth login --json` to generate a login URL, then stop and hand `login_url` to the user
 - do not have the agent open the browser login URL itself; the user must complete that approval step
 - after the user confirms approval, run `auth wait --login-id ... --json` to complete login
 - if a protected command says authentication is missing or expired, rerun `auth login --json` to generate a fresh login URL
+- use `sandbox files`, `sql run`, and `publish diff` for inspection or validation around the Powerbase coding agent
+- do not assume `sandbox files` write operations will trigger preview by themselves
+- do not run `publish run` unless the user explicitly asks to publish, deploy, release, or promote the result
 - remember that `--json` overrides a saved `config output text` setting for that command
 
 Recommended agent sequence:
@@ -296,7 +308,9 @@ Recommended agent sequence:
 7. Use `powerbase database ...` only for the advanced bring-your-own-database path
 8. Set context with `powerbase context use-instance ...`
 9. If you want the sandbox agent preview on a non-main branch, run `powerbase branch switch ...`
-10. Continue with `branch`, `sql`, `publish`, `sandbox files`, or `agent` commands
+10. Use `powerbase agent chat ...` as the primary implementation step for Powerbase-hosted app changes
+11. Use `sandbox files`, `sql`, and `publish diff` to inspect or validate the result
+12. Run `publish run` only when the user explicitly wants deployment or publication
 
 ## Testing
 
@@ -316,7 +330,7 @@ PYTHONDONTWRITEBYTECODE=1 PYTHONPATH=src python3 -m py_compile src/powerbase_cli
 
 A project skill for Cursor/Openclaw-style agent usage lives in:
 
-`./.cursor/skills/powerbase-cli-openclaw/SKILL.md`
+`./skills/powerbase-cli/SKILL.md`
 
 Design and auth review notes live in:
 

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/README.md

@@ -33,10 +33,12 @@ Database model:
 Install from PyPI:
 
 ```bash
-python -m pip install powerbase-cli
+python -m pip install --upgrade powerbase-cli==0.2.0
 powerbase --help
 ```
 
+Version `0.2.x` is the production-pinned release line and always targets `https://console.appbuild.chat`.
+
 From the repository root during development:
 
 ```bash
@@ -113,7 +115,7 @@ powerbase auth token-set \
   --expires-at 1760000000
 ```
 
-Use `--base-url` or `--anon-key` here only when you intentionally want to override the built-in deployment defaults.
+The CLI is pinned to the production Powerbase console deployment and no longer exposes endpoint override flags.
 
 ### Check Auth State
 
@@ -232,6 +234,8 @@ powerbase agent login-url --instance-id INSTANCE_ID --provider cursor --json
 
 ### Sandbox Agent Chat And Config
 
+Powerbase provides a coding agent so users can build and evolve Powerbase-hosted apps through chat. `powerbase agent chat` is the default implementation interface for that workflow, while the rest of the CLI supports context, validation, and deployment around it. In the current product workflow, successful `agent chat` runs are also the normal path that produces previewable app changes.
+
 Send one prompt to the sandbox agent and stream events as JSONL:
 
 ```bash
@@ -249,6 +253,9 @@ powerbase agent chat \
 feature branch. `powerbase context use-branch ...` only changes the local default value;
 it does not switch the remote sandbox by itself.
 
+Treat `powerbase sandbox files ...`, `powerbase sql run`, and `powerbase publish diff` as inspection and validation tools around the Powerbase coding agent. Treat `powerbase publish run` as an explicit deployment action and do not run it unless the user asks to publish, deploy, release, or promote the result.
+Direct `powerbase sandbox files create-file`, `upload`, or `delete` operations can help inspect or adjust the remote project, but they do not by themselves trigger the preview build flow.
+
 Read and update opencode provider config:
 
 ```bash
@@ -270,11 +277,16 @@ When Openclaw or another LLM agent uses `powerbase`:
 - prefer `--json` on all commands
 - run discovery commands before write operations
 - set context for long multi-step tasks
+- treat `powerbase agent chat` as the default implementation interface for Powerbase-hosted apps
+- treat successful `powerbase agent chat` runs as the normal path that produces previewable app changes
 - use `auth status` before workflows that assume login
 - use `auth login --json` to generate a login URL, then stop and hand `login_url` to the user
 - do not have the agent open the browser login URL itself; the user must complete that approval step
 - after the user confirms approval, run `auth wait --login-id ... --json` to complete login
 - if a protected command says authentication is missing or expired, rerun `auth login --json` to generate a fresh login URL
+- use `sandbox files`, `sql run`, and `publish diff` for inspection or validation around the Powerbase coding agent
+- do not assume `sandbox files` write operations will trigger preview by themselves
+- do not run `publish run` unless the user explicitly asks to publish, deploy, release, or promote the result
 - remember that `--json` overrides a saved `config output text` setting for that command
 
 Recommended agent sequence:
@@ -288,7 +300,9 @@ Recommended agent sequence:
 7. Use `powerbase database ...` only for the advanced bring-your-own-database path
 8. Set context with `powerbase context use-instance ...`
 9. If you want the sandbox agent preview on a non-main branch, run `powerbase branch switch ...`
-10. Continue with `branch`, `sql`, `publish`, `sandbox files`, or `agent` commands
+10. Use `powerbase agent chat ...` as the primary implementation step for Powerbase-hosted app changes
+11. Use `sandbox files`, `sql`, and `publish diff` to inspect or validate the result
+12. Run `publish run` only when the user explicitly wants deployment or publication
 
 ## Testing
 
@@ -308,7 +322,7 @@ PYTHONDONTWRITEBYTECODE=1 PYTHONPATH=src python3 -m py_compile src/powerbase_cli
 
 A project skill for Cursor/Openclaw-style agent usage lives in:
 
-`./.cursor/skills/powerbase-cli-openclaw/SKILL.md`
+`./skills/powerbase-cli/SKILL.md`
 
 Design and auth review notes live in:
 

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "powerbase-cli"
-version = "0.1.4"
+version = "0.2.0"
 description = "CLI for operating Powerbase console workflows"
 readme = "README.md"
 requires-python = ">=3.11"
@@ -17,8 +17,5 @@ powerbase = "powerbase_cli.cli:main"
 [tool.setuptools]
 package-dir = { "" = "src" }
 
-[tool.setuptools.package-data]
-powerbase_cli = ["certs/*.pem"]
-
 [tool.setuptools.packages.find]
 where = ["src"]

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/__init__.py

@@ -2,4 +2,4 @@
 
 __all__ = ["__version__"]
 
-__version__ = "0.1.0"
+__version__ = "0.2.0"

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/commands/agent.py

@@ -115,11 +115,14 @@ def register_agent_commands(subparsers: argparse._SubParsersAction[argparse.Argu
         "chat",
         help="Send a prompt to the sandbox agent.",
         description=(
-            "Send one prompt to the sandbox agent running in an instance. Use this when you want the sandbox "
-            "itself to inspect or modify the project. The automatic preview build follows the sandbox's current "
-            "branch, so run `powerbase branch switch` first when you want a feature-branch preview. By default "
-            "the command collects all streamed events and prints them as JSON. Use --stream-jsonl to print one "
-            "JSON event per line as events arrive."
+            "Send one prompt to the Powerbase coding agent running in an instance. This is the default "
+            "implementation interface when you want to build or evolve a Powerbase-hosted app through chat, "
+            "while the rest of the CLI handles context, validation, and deployment around that workflow. "
+            "In the current product workflow, successful runs here are also the normal path that produces "
+            "previewable app changes. "
+            "The automatic preview build follows the sandbox's current branch, so run `powerbase branch switch` "
+            "first when you want a feature-branch preview. By default the command collects all streamed events "
+            "and prints them as JSON. Use --stream-jsonl to print one JSON event per line as events arrive."
         ),
     )
     p.add_argument("--instance-id", help="Instance ID. Falls back to context.json.")

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/commands/branch.py

@@ -67,7 +67,10 @@ def register_branch_commands(subparsers: argparse._SubParsersAction[argparse.Arg
     p = branch_sub.add_parser(
         "switch",
         help="Switch the sandbox branch.",
-        description="Switch the sandbox branch and update context.json.",
+        description=(
+            "Switch the remote sandbox branch and update context.json. Use this before `powerbase agent chat` "
+            "when you want the coding agent and preview build to target a specific branch."
+        ),
     )
     p.add_argument("branch_name", help="Branch slug to switch to.")
     p.add_argument("--instance-id", help="Instance ID. Falls back to context.json.")

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/commands/context.py

@@ -69,7 +69,10 @@ def register_context_commands(subparsers: argparse._SubParsersAction[argparse.Ar
     p = context_sub.add_parser(
         "use-branch",
         help="Set the default branch.",
-        description="Set the default branch slug, such as main or feature/my-change.",
+        description=(
+            "Set the default branch slug, such as main or feature/my-change. This updates only the local default "
+            "context value; it does not switch the remote sandbox branch used by previews or `powerbase agent chat`."
+        ),
     )
     p.add_argument("branch")
     p.set_defaults(handler=lambda args: _save_context_update(args, branch=args.branch))

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/commands/parser.py

@@ -19,10 +19,6 @@ from .sql import register_sql_commands
 
 GLOBAL_OPTION_ARITY = {
     "--config-dir": 1,
-    "--base-url": 1,
-    "--anon-key": 1,
-    "--ca-cert": 1,
-    "--insecure": 0,
     "--json": 0,
 }
 
@@ -62,6 +58,9 @@ def build_parser() -> argparse.ArgumentParser:
         prog="powerbase",
         description=(
             "Operate Powerbase console workflows from the command line. "
+            "Powerbase supports agent-driven development for Powerbase-hosted apps, with "
+            "`powerbase agent chat` as the default implementation interface and the rest of the CLI "
+            "covering auth, context, resources, validation, and publish operations. "
             "Default instance creation uses the managed Powerbase database flow; "
             "`powerbase database ...` is the advanced bring-your-own-database path."
         ),
@@ -71,18 +70,6 @@ def build_parser() -> argparse.ArgumentParser:
         ),
     )
     parser.add_argument("--config-dir", help="Override the config directory. Defaults to ~/.config/powerbase.")
-    parser.add_argument("--base-url", help="Console base URL. Overrides the built-in default console endpoint.")
-    parser.add_argument("--anon-key", help="Supabase anon key used for functions and auth requests. Overrides the built-in default.")
-    parser.add_argument(
-        "--ca-cert",
-        dest="ca_cert_file",
-        help="Path to a CA certificate PEM file to trust for HTTPS requests.",
-    )
-    parser.add_argument(
-        "--insecure",
-        action="store_true",
-        help="Disable TLS certificate verification for HTTPS requests. Use only for testing with self-signed certs.",
-    )
     parser.add_argument("--json", action="store_true", help="Print JSON output.")
 
     subparsers = parser.add_subparsers(dest="command")

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/commands/publish.py

@@ -25,9 +25,17 @@ def handle_publish_run(args: argparse.Namespace) -> int:
 
 
 def register_publish_commands(subparsers: argparse._SubParsersAction[argparse.ArgumentParser]) -> None:
-    publish = subparsers.add_parser("publish", help="Publish commands.", description="Generate diffs and publish an instance.")
+    publish = subparsers.add_parser(
+        "publish",
+        help="Publish commands.",
+        description="Inspect publish diffs and publish an instance when the user explicitly wants deployment.",
+    )
     publish_sub = publish.add_subparsers(dest="publish_command")
-    p = publish_sub.add_parser("diff", help="Show publish diff.", description="Generate publish diff for the current instance.")
+    p = publish_sub.add_parser(
+        "diff",
+        help="Show publish diff.",
+        description="Generate publish diff for the current instance as an inspection step before deployment.",
+    )
     p.add_argument("--instance-id", help="Instance ID. Falls back to context.json.")
     p.add_argument("--target", default="prod", help="Publish target. Default: prod")
     p.set_defaults(handler=handle_publish_diff)
@@ -35,7 +43,9 @@ def register_publish_commands(subparsers: argparse._SubParsersAction[argparse.Ar
         "run",
         help="Run publish flow.",
         description=(
-            "Publish the current instance. If --sql is omitted, the command first runs publish diff and uses its SQL."
+            "Publish the current instance. Use this only when the user explicitly asks to publish, deploy, "
+            "release, or promote the result. If --sql is omitted, the command first runs publish diff and uses "
+            "its SQL."
         ),
     )
     p.add_argument("--instance-id", help="Instance ID. Falls back to context.json.")

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/commands/sandbox.py

@@ -48,9 +48,27 @@ def handle_files_delete(args: argparse.Namespace) -> int:
 
 
 def register_sandbox_commands(subparsers: argparse._SubParsersAction[argparse.ArgumentParser]) -> None:
-    sandbox = subparsers.add_parser("sandbox", help="Sandbox commands.", description="Read or modify sandbox files.")
+    sandbox = subparsers.add_parser(
+        "sandbox",
+        help="Sandbox commands.",
+        description=(
+            "Inspect or modify the remote sandbox filesystem for a Powerbase instance. Treat this as the "
+            "remote inspection and control surface around the Powerbase coding agent, not the default full-app "
+            "implementation interface. Direct file operations here do not by themselves trigger the preview "
+            "build flow."
+        ),
+    )
     sandbox_sub = sandbox.add_subparsers(dest="sandbox_command")
-    files = sandbox_sub.add_parser("files", help="Sandbox file commands.", description="Read or modify sandbox files.")
+    files = sandbox_sub.add_parser(
+        "files",
+        help="Sandbox file commands.",
+        description=(
+            "Read or modify files in the remote Powerbase sandbox. Use these commands for inspection, validation, "
+            "and targeted file operations around agent-driven development. Successful `powerbase agent chat` runs "
+            "are the normal path for previewable app changes; these file operations do not trigger preview by "
+            "themselves."
+        ),
+    )
     files_sub = files.add_subparsers(dest="files_command")
     p = files_sub.add_parser("list", help="List a directory.", description="List sandbox files at one path.")
     p.add_argument("--instance-id", help="Instance ID. Falls back to context.json.")

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/commands/shared.py

@@ -8,7 +8,6 @@ from typing import Any
 
 from ..api import PowerbaseApi
 from ..config import (
-    BUNDLED_CA_CERT_SENTINEL,
     DEFAULT_ANON_KEY,
     DEFAULT_BASE_URL,
     AppConfig,
@@ -16,8 +15,6 @@ from ..config import (
     AuthState,
     ConfigStore,
     ContextState,
-    load_bundled_ca_cert,
-    merge_config_with_env,
     merge_context_with_env,
 )
 from ..session import SessionManager
@@ -33,18 +30,11 @@ def build_store(args: argparse.Namespace) -> ConfigStore:
 
 
 def resolve_config(args: argparse.Namespace, store: ConfigStore) -> AppConfig:
-    config = merge_config_with_env(store.load_config())
-    saved_auth = store.load_auth()
-    explicit_ca_cert_file = getattr(args, "ca_cert_file", None) or config.ca_cert_file
+    config = store.load_config()
     return AppConfig(
-        base_url=args.base_url or config.base_url or (saved_auth.base_url if saved_auth else None) or DEFAULT_BASE_URL,
-        anon_key=args.anon_key or config.anon_key or (saved_auth.anon_key if saved_auth else None) or DEFAULT_ANON_KEY,
+        base_url=DEFAULT_BASE_URL,
+        anon_key=DEFAULT_ANON_KEY,
         output="json" if args.json else config.output,
-        tls_insecure=bool(getattr(args, "insecure", False) or config.tls_insecure),
-        # Keep explicit CA settings first. The bundled test CA is only the final fallback for the
-        # current self-signed test environment and should be removed once the deployment uses a
-        # publicly trusted certificate.
-        ca_cert_file=explicit_ca_cert_file or (BUNDLED_CA_CERT_SENTINEL if load_bundled_ca_cert() else None),
     )
 
 
@@ -60,8 +50,6 @@ def build_api(args: argparse.Namespace) -> tuple[ConfigStore, AppConfig, Context
         store,
         config.base_url,
         config.anon_key,
-        tls_insecure=config.tls_insecure,
-        ca_cert_file=config.ca_cert_file,
     )
     api = PowerbaseApi(PowerbaseTransport(config, session_manager))
     return store, config, context, session_manager, api

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/config.py

@@ -1,6 +1,5 @@
 from __future__ import annotations
 
-import importlib.resources
 import json
 import os
 from dataclasses import asdict, dataclass
@@ -12,13 +11,8 @@ try:
 except ModuleNotFoundError:  # pragma: no cover
     tomllib = None  # type: ignore[assignment]
 
-DEFAULT_BASE_URL = "https://console.6.12.235.165.nip.io"
+DEFAULT_BASE_URL = "https://console.appbuild.chat"
 DEFAULT_ANON_KEY = "reallyreallyreallyreallyverysafe"
-# This bundled CA is only for the self-signed test deployment so `pip install powerbase-cli`
-# can work out of the box. Remove it after the deployed console switches to a publicly trusted
-# TLS certificate, then delete the bundled PEM file and its package-data entry as well.
-BUNDLED_CA_CERT_SENTINEL = "<bundled test CA>"
-BUNDLED_CA_CERT_RESOURCE = "certs/powerbase-test-ca.pem"
 
 
 def default_config_dir() -> Path:
@@ -33,8 +27,6 @@ class AppConfig:
     base_url: str | None = DEFAULT_BASE_URL
     anon_key: str | None = DEFAULT_ANON_KEY
     output: str = "text"
-    tls_insecure: bool = False
-    ca_cert_file: str | None = None
 
 
 @dataclass
@@ -69,26 +61,6 @@ def _as_path(path: str | Path | None) -> Path:
     return Path(path).expanduser()
 
 
-def env_flag(name: str) -> bool:
-    value = os.environ.get(name)
-    if value is None:
-        return False
-    return value.strip().lower() in {"1", "true", "yes", "on"}
-
-
-def load_bundled_ca_cert() -> str | None:
-    # The PEM contents are loaded at runtime so test builds can trust the packaged self-signed CA
-    # without asking end users to pass `--ca-cert`. Once the server uses a trusted certificate,
-    # this helper and its callers can be removed.
-    try:
-        resource = importlib.resources.files("powerbase_cli").joinpath(BUNDLED_CA_CERT_RESOURCE)
-        if not resource.is_file():
-            return None
-        return resource.read_text(encoding="utf-8")
-    except (FileNotFoundError, ModuleNotFoundError):
-        return None
-
-
 class ConfigStore:
     def __init__(self, base_dir: str | Path | None = None) -> None:
         self.base_dir = _as_path(base_dir)
@@ -101,31 +73,19 @@ class ConfigStore:
 
     def load_config(self) -> AppConfig:
         if not self.config_path.exists():
-            return AppConfig(base_url=None, anon_key=None)
+            return AppConfig()
         if tomllib is None:
             raise RuntimeError("tomllib is required to read config.toml")
         data = tomllib.loads(self.config_path.read_text(encoding="utf-8"))
         return AppConfig(
-            base_url=data.get("base_url"),
-            anon_key=data.get("anon_key"),
             output=data.get("output", "text"),
-            tls_insecure=bool(data.get("tls_insecure", False)),
-            ca_cert_file=data.get("ca_cert_file"),
         )
 
     def save_config(self, config: AppConfig) -> None:
         self.ensure_base_dir()
         lines = []
-        if config.base_url and config.base_url != DEFAULT_BASE_URL:
-            lines.append(f'base_url = "{config.base_url}"')
-        if config.anon_key and config.anon_key != DEFAULT_ANON_KEY:
-            lines.append(f'anon_key = "{config.anon_key}"')
         if config.output:
             lines.append(f'output = "{config.output}"')
-        if config.tls_insecure:
-            lines.append("tls_insecure = true")
-        if config.ca_cert_file:
-            lines.append(f'ca_cert_file = "{config.ca_cert_file}"')
         self.config_path.write_text("\n".join(lines) + ("\n" if lines else ""), encoding="utf-8")
 
     def load_auth(self) -> AuthState | None:
@@ -210,8 +170,8 @@ def env_auth_state() -> AuthState | None:
     expires_at = int(expires_at_raw) if expires_at_raw and expires_at_raw.isdigit() else None
     return AuthState(
         source="env",
-        base_url=os.environ.get("POWERBASE_BASE_URL"),
-        anon_key=os.environ.get("POWERBASE_ANON_KEY"),
+        base_url=DEFAULT_BASE_URL,
+        anon_key=DEFAULT_ANON_KEY,
         session=AuthSession(
             access_token=access_token,
             refresh_token=refresh_token,
@@ -220,16 +180,6 @@ def env_auth_state() -> AuthState | None:
     )
 
 
-def merge_config_with_env(config: AppConfig) -> AppConfig:
-    return AppConfig(
-        base_url=os.environ.get("POWERBASE_BASE_URL") or config.base_url,
-        anon_key=os.environ.get("POWERBASE_ANON_KEY") or config.anon_key,
-        output=os.environ.get("POWERBASE_OUTPUT") or config.output,
-        tls_insecure=env_flag("POWERBASE_TLS_INSECURE") or config.tls_insecure,
-        ca_cert_file=os.environ.get("POWERBASE_CA_CERT_FILE") or config.ca_cert_file,
-    )
-
-
 def merge_context_with_env(context: ContextState) -> ContextState:
     return ContextState(
         instance_id=os.environ.get("POWERBASE_INSTANCE_ID") or context.instance_id,

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/session.py

@@ -11,7 +11,7 @@ from typing import Iterator
 from urllib import request
 from urllib.error import HTTPError, URLError
 
-from .config import BUNDLED_CA_CERT_SENTINEL, AuthState, ConfigStore, env_auth_state, load_bundled_ca_cert
+from .config import AuthState, ConfigStore, env_auth_state
 
 try:
     import fcntl
@@ -29,15 +29,10 @@ class SessionManager:
         store: ConfigStore,
         base_url: str | None,
         anon_key: str | None,
-        *,
-        tls_insecure: bool = False,
-        ca_cert_file: str | None = None,
     ) -> None:
         self.store = store
         self.base_url = base_url
         self.anon_key = anon_key
-        self.tls_insecure = tls_insecure
-        self.ca_cert_file = ca_cert_file
 
     def _login_guidance(self) -> str:
         return (
@@ -47,20 +42,6 @@ class SessionManager:
         )
 
     def _urlopen(self, req: request.Request):
-        if self.tls_insecure:
-            context = ssl.create_default_context()
-            context.check_hostname = False
-            context.verify_mode = ssl.CERT_NONE
-            return request.urlopen(req, context=context)
-        if self.ca_cert_file:
-            if self.ca_cert_file == BUNDLED_CA_CERT_SENTINEL:
-                bundled_ca_cert = load_bundled_ca_cert()
-                if not bundled_ca_cert:
-                    raise SessionError("Bundled test CA certificate is unavailable.")
-                context = ssl.create_default_context(cadata=bundled_ca_cert)
-            else:
-                context = ssl.create_default_context(cafile=self.ca_cert_file)
-            return request.urlopen(req, context=context)
         return request.urlopen(req)
 
     def get_auth_state(self) -> AuthState | None:

{powerbase_cli-0.1.4 → powerbase_cli-0.2.0}/src/powerbase_cli/transport.py

@@ -7,7 +7,7 @@ from typing import Any
 from urllib import request
 from urllib.error import HTTPError, URLError
 
-from .config import BUNDLED_CA_CERT_SENTINEL, AppConfig, load_bundled_ca_cert
+from .config import AppConfig
 from .session import SessionError, SessionManager
 
 
@@ -35,20 +35,6 @@ class PowerbaseTransport:
         )
 
     def _urlopen(self, req: request.Request):
-        if self.config.tls_insecure:
-            context = ssl.create_default_context()
-            context.check_hostname = False
-            context.verify_mode = ssl.CERT_NONE
-            return request.urlopen(req, context=context)
-        if self.config.ca_cert_file:
-            if self.config.ca_cert_file == BUNDLED_CA_CERT_SENTINEL:
-                bundled_ca_cert = load_bundled_ca_cert()
-                if not bundled_ca_cert:
-                    raise ApiError("Bundled test CA certificate is unavailable.")
-                context = ssl.create_default_context(cadata=bundled_ca_cert)
-            else:
-                context = ssl.create_default_context(cafile=self.config.ca_cert_file)
-            return request.urlopen(req, context=context)
         return request.urlopen(req)
 
     def _build_headers(