chore: update known checksums for 0.6.12 (#362)

chore: update known checksums for 0.6.12

Co-authored-by: eifinger <1481961+eifinger@users.noreply.github.com>

.github/actionlint.yaml

@@ -0,0 +1,9 @@
+self-hosted-runner:
+  # Custom labels of self-hosted or large GitHub hosted runners
+  # so that actionlint knows that they are not a typo
+  labels:
+    - selfhosted-ubuntu-arm64
+# Configuration variables in array of strings defined in your repository or
+# organization. `null` means disabling configuration variables check.
+# Empty array means no configuration variable is allowed.
+config-variables: null

.github/workflows/check-dist.yml

@@ -1,49 +0,0 @@
-# `dist/index.js` is a special file in Actions.
-# When you reference an action with `uses:` in a workflow,
-# `index.js` is the code that will run.
-# For our project, we generate this file through a build process from other source files.
-# We need to make sure the checked-in `index.js` actually matches what we expect it to be.
-name: Check dist/
-
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-  workflow_dispatch:
-
-jobs:
-  check-dist:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Set up Node.js 20
-        uses: actions/setup-node@v4
-        with:
-          node-version: 20
-
-      - name: Install dependencies
-        run: npm ci
-
-      - name: Rebuild the dist/ directory
-        run: |
-          npm run build
-          npm run package
-
-      - name: Compare the expected and actual dist/ directories
-        run: |
-          if [ "$(git diff --ignore-space-at-eol dist/ | wc -l)" -gt "0" ]; then
-            echo "Detected uncommitted changes after build.  See status below:"
-            git diff --text -v
-            exit 1
-          fi
-        id: diff
-
-      # If index.js was different than expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@v4
-        if: ${{ failure() && steps.diff.conclusion == 'failure' }}
-        with:
-          name: dist
-          path: dist/

.github/workflows/codeql-analysis.yml

@@ -12,13 +12,14 @@
 name: "CodeQL"
 
 on:
+  workflow_dispatch:
   push:
-    branches: [main]
+    branches:
+      - main
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [main]
-  schedule:
-    - cron: "31 7 * * 3"
+    branches:
+      - main
 
 jobs:
   analyze:

.github/workflows/release-drafter.yml

@@ -3,17 +3,20 @@ name: Release Drafter
 
 # yamllint disable-line rule:truthy
 on:
+  workflow_dispatch:
   push:
     branches:
       - main
-  workflow_dispatch:
 
 jobs:
   update_release_draft:
     name: ✏️ Draft release
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: read
     steps:
       - name: 🚀 Run Release Drafter
-        uses: release-drafter/release-drafter@v6.0.0
+        uses: release-drafter/release-drafter@v6.1.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/test-cache-windows.yml

@@ -1,43 +0,0 @@
-name: "test-cache-windows"
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  test-setup-cache:
-    runs-on: windows-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}
-      - run: uv sync
-        working-directory: __tests__\fixtures\uv-project
-  test-restore-cache:
-    runs-on: windows-latest
-    needs: test-setup-cache
-    steps:
-      - uses: actions/checkout@v4
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}
-      - name: Cache was hit
-        run: |
-          if ($env:CACHE_HIT -ne "true") {
-            exit 1
-          }
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - run: uv sync
-        working-directory: __tests__\fixtures\uv-project

.github/workflows/test-cache.yml

@@ -1,229 +0,0 @@
-name: "test-cache"
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  test-setup-cache:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        enable-cache: [ "true", "false", "auto" ]
-        os: ["ubuntu-latest", "selfhosted-ubuntu-arm64"]
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: ${{ matrix.enable-cache }}
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-${{ matrix.os }}-${{ matrix.enable-cache }}
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-  test-restore-cache:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        enable-cache: [ "true", "false", "auto" ]
-        os: [ "ubuntu-latest", "selfhosted-ubuntu-arm64" ]
-    needs: test-setup-cache
-    steps:
-      - uses: actions/checkout@v4
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-          enable-cache: ${{ matrix.enable-cache }}
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-${{ matrix.os }}-${{ matrix.enable-cache }}
-      - name: Cache was hit
-        if: ${{ matrix.enable-cache == 'true' || (matrix.enable-cache == 'auto' && matrix.os == 'ubuntu-latest') }}
-        run: |
-          if [ "$CACHE_HIT" != "true" ]; then
-            exit 1
-          fi
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - name: Cache was not hit
-        if: ${{ matrix.enable-cache == 'false' || (matrix.enable-cache == 'auto' && matrix.os == 'selfhosted-ubuntu-arm64') }}
-        run: |
-          if [ "$CACHE_HIT" == "true" ]; then
-            exit 1
-          fi
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-  test-setup-cache-requirements-txt:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-requirements-txt
-      - run: |
-          uv venv
-          uv pip install -r requirements.txt
-        working-directory: __tests__/fixtures/requirements-txt-project
-  test-restore-cache-requirements-txt:
-    runs-on: ubuntu-latest
-    needs: test-setup-cache
-    steps:
-      - uses: actions/checkout@v4
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-requirements-txt
-      - name: Cache was hit
-        run: |
-          if [ "$CACHE_HIT" != "true" ]; then
-            exit 1
-          fi
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - run: |
-          uv venv
-          uv pip install -r requirements.txt
-        working-directory: __tests__/fixtures/requirements-txt-project
-
-  test-setup-cache-dependency-glob:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-dependency-glob: |
-            __tests__/fixtures/uv-project/uv.lock
-            **/pyproject.toml
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-dependency-glob
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-  test-restore-cache-dependency-glob:
-    runs-on: ubuntu-latest
-    needs: test-setup-cache-dependency-glob
-    steps:
-      - uses: actions/checkout@v4
-      - name: Change pyproject.toml
-        run: |
-          echo '[tool.uv]' >> __tests__/fixtures/uv-project/pyproject.toml
-          echo 'dev-dependencies = []' >> __tests__/fixtures/uv-project/pyproject.toml
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-          enable-cache: true
-          cache-dependency-glob: |
-            __tests__/fixtures/uv-project/uv.lock
-            **/pyproject.toml
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-dependency-glob
-          ignore-nothing-to-cache: true
-      - name: Cache was not hit
-        run: |
-          if [ "$CACHE_HIT" == "true" ]; then
-            exit 1
-          fi
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-
-  test-setup-cache-local:
-    runs-on: selfhosted-ubuntu-arm64
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-local
-          cache-local-path: /tmp/uv-cache
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-  test-restore-cache-local:
-    runs-on: selfhosted-ubuntu-arm64
-    needs: test-setup-cache-local
-    steps:
-      - uses: actions/checkout@v4
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-local
-          cache-local-path: /tmp/uv-cache
-      - name: Cache was hit
-        run: |
-          if [ "$CACHE_HIT" != "true" ]; then
-            exit 1
-          fi
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-
-  test-tilde-expansion-cache-local-path:
-    runs-on: selfhosted-ubuntu-arm64
-    steps:
-      - uses: actions/checkout@v4
-      - name: Create cache directory
-        run: mkdir -p ~/uv-cache
-        shell: bash
-      - name: Setup with cache
-        uses: ./
-        with:
-          cache-local-path: ~/uv-cache/cache-local-path
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-
-  test-tilde-expansion-cache-dependency-glob:
-    runs-on: selfhosted-ubuntu-arm64
-    steps:
-      - uses: actions/checkout@v4
-      - name: Create cache directory
-        run: mkdir -p ~/uv-cache
-        shell: bash
-      - name: Create cache dependency glob file
-        run: touch ~/uv-cache.glob
-        shell: bash
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-local-path: ~/uv-cache/cache-dependency-glob
-          cache-dependency-glob: "~/uv-cache.glob"
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-
-  cleanup-tilde-expansion-tests:
-    needs:
-      - test-tilde-expansion-cache-local-path
-      - test-tilde-expansion-cache-dependency-glob
-    runs-on: selfhosted-ubuntu-arm64
-    steps:
-      - name: Remove cache directory
-        run: rm -rf ~/uv-cache
-        shell: bash
-      - name: Remove cache dependency glob file
-        run: rm -f ~/uv-cache.glob
-        shell: bash
-
-  test-no-python-version:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Fake pyproject.toml at root
-        run: cp __tests__/fixtures/old-python-constraint-project/pyproject.toml pyproject.toml
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-      - run: uv sync
-        working-directory: __tests__/fixtures/old-python-constraint-project

.github/workflows/test-windows.yml

@@ -1,27 +0,0 @@
-name: "test-windows"
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  test-default-version:
-    runs-on: windows-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Should not be on path
-        run: |
-          if (!(Get-Command -Name "uv" -ErrorAction SilentlyContinue)) {
-            exit 0
-          } else {
-            exit 1
-          }
-      - name: Setup uv
-        uses: ./
-      - run: uv sync
-        working-directory: __tests__\fixtures\uv-project

.github/workflows/test.yml

@@ -1,6 +1,9 @@
 name: "test"
 on:
+  workflow_dispatch:
   pull_request:
+    branches:
+      - main
   push:
     branches:
       - main
@@ -9,11 +12,16 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
+permissions:
+  contents: read
+
 jobs:
-  build:
+  lint:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
+      - name: Actionlint
+        uses: eifinger/actionlint-action@23c85443d840cd73bbecb9cddfc933cc21649a38  # v1.9.1
       - uses: actions/setup-node@v4
         with:
           node-version: "20"
@@ -23,18 +31,26 @@ jobs:
           npm run all
       - name: Make sure no changes from linters are detected
         run: |
-          git diff --exit-code
+          git diff --exit-code || (echo "::error::Please run 'npm run all' to fix the issues" && exit 1)
+
   test-default-version:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ubuntu-latest, macos-latest, macos-14]
+        os: [ubuntu-latest, macos-latest, macos-14, windows-latest]
     steps:
       - uses: actions/checkout@v4
       - name: Install latest version
+        id: setup-uv
         uses: ./
       - run: uv sync
         working-directory: __tests__/fixtures/uv-project
+        shell: bash
+      - name: Check uv-path is set
+        run: ${{ steps.setup-uv.outputs.uv-path }} --version
+      - name: Check uvx-path is set
+        run: ${{ steps.setup-uv.outputs.uvx-path }} --version
+
   test-specific-version:
     runs-on: ubuntu-latest
     strategy:
@@ -48,6 +64,7 @@ jobs:
           version: ${{ matrix.uv-version }}
       - run: uv sync
         working-directory: __tests__/fixtures/uv-project
+
   test-semver-range:
     runs-on: ubuntu-latest
     steps:
@@ -64,17 +81,78 @@ jobs:
           fi
         env:
           UV_VERSION: ${{ steps.setup-uv.outputs.uv-version }}
+
+  test-pep440-version:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install version 0.4.30
+        id: setup-uv
+        uses: ./
+        with:
+          version: ">=0.4.25,<0.5"
+      - name: Correct version gets installed
+        run: |
+          if [ "$UV_VERSION" != "0.4.30" ]; then
+            exit 1
+          fi
+        env:
+          UV_VERSION: ${{ steps.setup-uv.outputs.uv-version }}
+
+  test-pyproject-file-version:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install version 0.5.14
+        id: setup-uv
+        uses: ./
+        with:
+          pyproject-file: "__tests__/fixtures/pyproject-toml-project/pyproject.toml"
+      - name: Correct version gets installed
+        run: |
+          if [ "$UV_VERSION" != "0.5.14" ]; then
+            exit 1
+          fi
+        env:
+          UV_VERSION: ${{ steps.setup-uv.outputs.uv-version }}
+
+  test-malformed-pyproject-file-fallback:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install using malformed pyproject.toml
+        id: setup-uv
+        uses: ./
+        with:
+          pyproject-file: "__tests__/fixtures/malformed-pyproject-toml-project/pyproject.toml"
+      - run: uv sync
+        working-directory: __tests__/fixtures/uv-project
+
+  test-uv-file-version:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install version 0.5.15
+        id: setup-uv
+        uses: ./
+        with:
+          pyproject-file: "__tests__/fixtures/uv-toml-project/pyproject.toml"
+          uv-file: "__tests__/fixtures/uv-toml-project/uv.toml"
+      - name: Correct version gets installed
+        run: |
+          if [ "$UV_VERSION" != "0.5.15" ]; then
+            exit 1
+          fi
+        env:
+          UV_VERSION: ${{ steps.setup-uv.outputs.uv-version }}
+
   test-checksum:
-    runs-on: ${{ matrix.os }}
+    runs-on: ${{ matrix.inputs.os }}
     strategy:
       matrix:
-        os: [ubuntu-latest, macos-latest]
-        checksum:
-          ["4d9279ad5ca596b1e2d703901d508430eb07564dc4d8837de9e2fca9c90f8ecd"]
-        exclude:
-          - os: macos-latest
+        inputs:
+          - os: ubuntu-latest
             checksum: "4d9279ad5ca596b1e2d703901d508430eb07564dc4d8837de9e2fca9c90f8ecd"
-        include:
           - os: macos-latest
             checksum: "a70cbfbf3bb5c08b2f84963b4f12c94e08fbb2468ba418a3bfe1066fbe9e7218"
     steps:
@@ -83,9 +161,10 @@ jobs:
         uses: ./
         with:
           version: "0.3.2"
-          checksum: ${{ matrix.checksum }}
+          checksum: ${{ matrix.inputs.checksum }}
       - run: uv sync
         working-directory: __tests__/fixtures/uv-project
+
   test-with-explicit-token:
     runs-on: ubuntu-latest
     steps:
@@ -96,6 +175,7 @@ jobs:
           github-token: ${{ secrets.GITHUB_TOKEN }}
       - run: uv sync
         working-directory: __tests__/fixtures/uv-project
+
   test-uvx:
     runs-on: ubuntu-latest
     steps:
@@ -103,6 +183,7 @@ jobs:
       - name: Install default version
         uses: ./
       - run: uvx ruff --version
+
   test-tool-install:
     runs-on: ${{ matrix.os }}
     strategy:
@@ -120,6 +201,7 @@ jobs:
         uses: ./
       - run: uv tool install ruff
       - run: ruff --version
+
   test-tilde-expansion-tool-dirs:
     runs-on: selfhosted-ubuntu-arm64
     steps:
@@ -139,6 +221,7 @@ jobs:
               echo "UV_TOOL_DIR does not contain /home/ubuntu/tool-dir: $UV_TOOL_DIR"
               exit 1
           fi
+
   test-python-version:
     runs-on: ubuntu-latest
     strategy:
@@ -167,3 +250,271 @@ jobs:
             exit 1
           fi
         shell: bash
+
+  test-musl:
+    runs-on: ubuntu-latest
+    container: alpine
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install latest version
+        uses: ./
+      - run: uv sync
+        working-directory: __tests__/fixtures/uv-project
+
+  test-setup-cache:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        enable-cache: [ "true", "false", "auto" ]
+        os: [ "ubuntu-latest", "selfhosted-ubuntu-arm64", "windows-latest" ]
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup with cache
+        uses: ./
+        with:
+          enable-cache: ${{ matrix.enable-cache }}
+          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-${{ matrix.os }}-${{ matrix.enable-cache }}
+      - run: uv sync
+        working-directory: __tests__/fixtures/uv-project
+        shell: bash
+  test-restore-cache:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        enable-cache: [ "true", "false", "auto" ]
+        os: [ "ubuntu-latest", "selfhosted-ubuntu-arm64", "windows-latest" ]
+    needs: test-setup-cache
+    steps:
+      - uses: actions/checkout@v4
+      - name: Restore with cache
+        id: restore
+        uses: ./
+        with:
+          enable-cache: ${{ matrix.enable-cache }}
+          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-${{ matrix.os }}-${{ matrix.enable-cache }}
+      - name: Cache was hit
+        if: ${{ matrix.enable-cache == 'true' || (matrix.enable-cache == 'auto' && matrix.os == 'ubuntu-latest') }}
+        run: |
+          if [ "$CACHE_HIT" != "true" ]; then
+            exit 1
+          fi
+        env:
+          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
+        shell: bash
+      - name: Cache was not hit
+        if: ${{ matrix.enable-cache == 'false' || (matrix.enable-cache == 'auto' && matrix.os == 'selfhosted-ubuntu-arm64') }}
+        run: |
+          if [ "$CACHE_HIT" == "true" ]; then
+            exit 1
+          fi
+        env:
+          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
+        shell: bash
+      - run: uv sync
+        working-directory: __tests__/fixtures/uv-project
+        shell: bash
+
+  test-setup-cache-requirements-txt:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup with cache
+        uses: ./
+        with:
+          enable-cache: true
+          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-requirements-txt
+      - run: |
+          uv venv
+          uv pip install -r requirements.txt
+        working-directory: __tests__/fixtures/requirements-txt-project
+  test-restore-cache-requirements-txt:
+    runs-on: ubuntu-latest
+    needs: test-setup-cache
+    steps:
+      - uses: actions/checkout@v4
+      - name: Restore with cache
+        id: restore
+        uses: ./
+        with:
+          enable-cache: true
+          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-requirements-txt
+      - name: Cache was hit
+        run: |
+          if [ "$CACHE_HIT" != "true" ]; then
+            exit 1
+          fi
+        env:
+          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
+      - run: |
+          uv venv
+          uv pip install -r requirements.txt
+        working-directory: __tests__/fixtures/requirements-txt-project
+
+  test-setup-cache-dependency-glob:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup with cache
+        uses: ./
+        with:
+          enable-cache: true
+          cache-dependency-glob: |
+            __tests__/fixtures/uv-project/uv.lock
+            **/pyproject.toml
+          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-dependency-glob
+      - run: uv sync
+        working-directory: __tests__/fixtures/uv-project
+  test-restore-cache-dependency-glob:
+    runs-on: ubuntu-latest
+    needs: test-setup-cache-dependency-glob
+    steps:
+      - uses: actions/checkout@v4
+      - name: Change pyproject.toml
+        run: |
+          echo '[tool.uv]' >> __tests__/fixtures/uv-project/pyproject.toml
+          echo 'dev-dependencies = []' >> __tests__/fixtures/uv-project/pyproject.toml
+      - name: Restore with cache
+        id: restore
+        uses: ./
+        with:
+          enable-cache: true
+          cache-dependency-glob: |
+            __tests__/fixtures/uv-project/uv.lock
+            **/pyproject.toml
+          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-dependency-glob
+          ignore-nothing-to-cache: true
+      - name: Cache was not hit
+        run: |
+          if [ "$CACHE_HIT" == "true" ]; then
+            exit 1
+          fi
+        env:
+          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
+
+  test-setup-cache-local:
+    runs-on: selfhosted-ubuntu-arm64
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup with cache
+        uses: ./
+        with:
+          enable-cache: true
+          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-local
+          cache-local-path: /tmp/uv-cache
+      - run: uv sync
+        working-directory: __tests__/fixtures/uv-project
+  test-restore-cache-local:
+    runs-on: selfhosted-ubuntu-arm64
+    needs: test-setup-cache-local
+    steps:
+      - uses: actions/checkout@v4
+      - name: Restore with cache
+        id: restore
+        uses: ./
+        with:
+          enable-cache: true
+          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-local
+          cache-local-path: /tmp/uv-cache
+      - name: Cache was hit
+        run: |
+          if [ "$CACHE_HIT" != "true" ]; then
+            exit 1
+          fi
+        env:
+          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
+      - run: uv sync
+        working-directory: __tests__/fixtures/uv-project
+
+  test-tilde-expansion-cache-local-path:
+    runs-on: selfhosted-ubuntu-arm64
+    steps:
+      - uses: actions/checkout@v4
+      - name: Create cache directory
+        run: mkdir -p ~/uv-cache
+        shell: bash
+      - name: Setup with cache
+        uses: ./
+        with:
+          cache-local-path: ~/uv-cache/cache-local-path
+      - run: uv sync
+        working-directory: __tests__/fixtures/uv-project
+
+  test-tilde-expansion-cache-dependency-glob:
+    runs-on: selfhosted-ubuntu-arm64
+    steps:
+      - uses: actions/checkout@v4
+      - name: Create cache directory
+        run: mkdir -p ~/uv-cache
+        shell: bash
+      - name: Create cache dependency glob file
+        run: touch ~/uv-cache.glob
+        shell: bash
+      - name: Setup with cache
+        uses: ./
+        with:
+          enable-cache: true
+          cache-local-path: ~/uv-cache/cache-dependency-glob
+          cache-dependency-glob: "~/uv-cache.glob"
+      - run: uv sync
+        working-directory: __tests__/fixtures/uv-project
+
+  cleanup-tilde-expansion-tests:
+    needs:
+      - test-tilde-expansion-cache-local-path
+      - test-tilde-expansion-cache-dependency-glob
+    if: always()
+    runs-on: selfhosted-ubuntu-arm64
+    steps:
+      - name: Remove cache directory
+        run: rm -rf ~/uv-cache
+        shell: bash
+      - name: Remove cache dependency glob file
+        run: rm -f ~/uv-cache.glob
+        shell: bash
+
+  test-no-python-version:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Fake pyproject.toml at root
+        run: cp __tests__/fixtures/old-python-constraint-project/pyproject.toml pyproject.toml
+      - name: Setup with cache
+        uses: ./
+        with:
+          enable-cache: true
+      - run: uv sync
+        working-directory: __tests__/fixtures/old-python-constraint-project
+
+  all-tests-passed:
+    runs-on: ubuntu-latest
+    needs:
+      - lint
+      - test-default-version
+      - test-specific-version
+      - test-semver-range
+      - test-pep440-version
+      - test-pyproject-file-version
+      - test-malformed-pyproject-file-fallback
+      - test-uv-file-version
+      - test-checksum
+      - test-with-explicit-token
+      - test-uvx
+      - test-tool-install
+      - test-tilde-expansion-tool-dirs
+      - test-python-version
+      - test-musl
+      - test-restore-cache
+      - test-restore-cache-requirements-txt
+      - test-restore-cache-dependency-glob
+      - test-restore-cache-local
+      - test-tilde-expansion-cache-local-path
+      - test-tilde-expansion-cache-dependency-glob
+      - cleanup-tilde-expansion-tests
+      - test-no-python-version
+    if: always()
+    steps:
+      - name: All tests passed
+        run: |
+          echo "All jobs passed: ${{ !contains(needs.*.result, 'failure') }}"
+          # shellcheck disable=SC2242
+          exit ${{ contains(needs.*.result, 'failure') && 1 || 0 }}

.github/workflows/update-known-checksums.yml

@@ -1,10 +1,15 @@
 name: "Update known checksums"
 on:
   workflow_dispatch:
+  schedule:
+    - cron: "0 4 * * *" # Run every day at 4am UTC
 
 jobs:
   build:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
@@ -17,7 +22,7 @@ jobs:
           src/download/checksum/known-checksums.ts ${{ secrets.GITHUB_TOKEN }}
       - run: npm install && npm run all
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
         with:
           commit-message: "chore: update known checksums"
           title:

.github/workflows/update-major-minor-tags.yml

@@ -1,7 +1,6 @@
 ---
 name: Update Major Minor Tags
 
-# yamllint disable-line rule:truthy
 on:
   push:
     branches-ignore:
@@ -13,7 +12,36 @@ jobs:
   update_major_minor_tags:
     name: Make sure major and minor tags are up to date on a patch release
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
     steps:
       - uses: actions/checkout@v4
-      - name: Run Update semver
-        uses: haya14busa/action-update-semver@v1.2.1
+      - name: Update Major Minor Tags
+        run: |
+          set -x
+
+          cd "${GITHUB_WORKSPACE}" || exit
+
+          # Set up variables.
+          TAG="${GITHUB_REF#refs/tags/}" # v1.2.3
+          MINOR="${TAG%.*}"              # v1.2
+          MAJOR="${MINOR%.*}"            # v1
+
+          if [ "${GITHUB_REF}" = "${TAG}" ]; then
+            echo "This workflow is not triggered by tag push: GITHUB_REF=${GITHUB_REF}"
+            exit 1
+          fi
+
+          MESSAGE="Release ${TAG}"
+
+          # Set up Git.
+          git config user.name "${GITHUB_ACTOR}"
+          git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
+
+          # Update MAJOR/MINOR tag
+          git tag -fa "${MAJOR}" -m "${MESSAGE}"
+          git tag -fa "${MINOR}" -m "${MESSAGE}"
+
+          # Push
+          git push --force origin "${MINOR}"
+          git push --force origin "${MAJOR}"

README.md

@@ -11,9 +11,11 @@ Set up your GitHub Actions workflow with a specific version of [uv](https://docs
 ## Contents
 
 - [Usage](#usage)
-  - [Install the latest version (default)](#install-the-latest-version-default)
+  - [Install a required-version or latest (default)](#install-a-required-version-or-latest-default)
+  - [Install the latest version](#install-the-latest-version)
   - [Install a specific version](#install-a-specific-version)
-  - [Install a version by supplying a semver range](#install-a-version-by-supplying-a-semver-range)
+  - [Install a version by supplying a semver range or pep440 specifier](#install-a-version-by-supplying-a-semver-range-or-pep440-specifier)
+  - [Install a required-version](#install-a-required-version)
   - [Python version](#python-version)
   - [Validate checksum](#validate-checksum)
   - [Enable Caching](#enable-caching)
@@ -30,46 +32,83 @@ Set up your GitHub Actions workflow with a specific version of [uv](https://docs
 
 ## Usage
 
-### Install the latest version (default)
+### Install a required-version or latest (default)
 
 ```yaml
 - name: Install the latest version of uv
-  uses: astral-sh/setup-uv@v4
-  with:
-    version: "latest"
+  uses: astral-sh/setup-uv@v5
 ```
 
+If you do not specify a version, this action will look for a [required-version](https://docs.astral.sh/uv/reference/settings/#required-version)
+in a `uv.toml` or `pyproject.toml` file in the repository root. If none is found, the latest version will be installed.
+
 For an example workflow, see
 [here](https://github.com/charliermarsh/autobot/blob/e42c66659bf97b90ca9ff305a19cc99952d0d43f/.github/workflows/ci.yaml).
 
+### Install the latest version
+
+```yaml
+- name: Install the latest version of uv
+  uses: astral-sh/setup-uv@v5
+  with:
+    version: "latest"
+```
+
 ### Install a specific version
 
 ```yaml
 - name: Install a specific version of uv
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     version: "0.4.4"
 ```
 
-### Install a version by supplying a semver range
+### Install a version by supplying a semver range or pep440 specifier
 
 You can specify a [semver range](https://github.com/npm/node-semver?tab=readme-ov-file#ranges)
+or [pep440 specifier](https://peps.python.org/pep-0440/#version-specifiers)
 to install the latest version that satisfies the range.
 
 ```yaml
 - name: Install a semver range of uv
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     version: ">=0.4.0"
 ```
 
 ```yaml
 - name: Pinning a minor version of uv
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     version: "0.4.x"
 ```
 
+```yaml
+- name: Install a pep440-specifier-satisfying version of uv
+  uses: astral-sh/setup-uv@v5
+  with:
+    version: ">=0.4.25,<0.5"
+```
+
+### Install a required-version
+
+You can specify a [required-version](https://docs.astral.sh/uv/reference/settings/#required-version)
+in either a `uv.toml` or `pyproject.toml` file:
+
+```yaml
+- name: Install required-version defined in uv.toml
+  uses: astral-sh/setup-uv@v5
+  with:
+    uv-file: "path/to/uv.toml"
+```
+
+```yaml
+- name: Install required-version defined in pyproject.toml
+  uses: astral-sh/setup-uv@v5
+  with:
+    pyproject-file: "path/to/pyproject.toml"
+```
+
 ### Python version
 
 You can use the input `python-version` to
@@ -82,7 +121,7 @@ This will override any python version specifications in `pyproject.toml` and `.p
 
 ```yaml
 - name: Install the latest version of uv and set the python version to 3.13t
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     python-version: 3.13t
 - run: uv pip install --python=3.13t pip
@@ -100,7 +139,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Install the latest version of uv and set the python version
-        uses: astral-sh/setup-uv@v4
+        uses: astral-sh/setup-uv@v5
         with:
           python-version: ${{ matrix.python-version }}
       - name: Test with python ${{ matrix.python-version }}
@@ -115,7 +154,7 @@ are automatically verified by this action. The sha256 hashes can be found on the
 
 ```yaml
 - name: Install a specific version and validate the checksum
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     version: "0.3.1"
     checksum: "e11b01402ab645392c7ad6044db63d37e4fd1e745e015306993b07695ea5f9f8"
@@ -125,6 +164,7 @@ are automatically verified by this action. The sha256 hashes can be found on the
 
 If you enable caching, the [uv cache](https://docs.astral.sh/uv/concepts/cache/) will be uploaded to
 the GitHub Actions cache. This can speed up runs that reuse the cache by several minutes.
+Caching is enabled by default on GitHub-hosted runners.
 
 > [!TIP]
 >
@@ -136,7 +176,7 @@ You can optionally define a custom cache key suffix.
 ```yaml
 - name: Enable caching and define a custom cache key suffix
   id: setup-uv
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     enable-cache: true
     cache-suffix: "optional-suffix"
@@ -159,6 +199,8 @@ changes. If you use relative paths, they are relative to the repository root.
 
 > [!NOTE]
 >
+> You can look up supported patterns [here](https://github.com/actions/toolkit/tree/main/packages/glob#patterns)
+>
 > The default is
 > ```yaml
 > cache-dependency-glob: |
@@ -168,7 +210,7 @@ changes. If you use relative paths, they are relative to the repository root.
 
 ```yaml
 - name: Define a cache dependency glob
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     enable-cache: true
     cache-dependency-glob: "**/pyproject.toml"
@@ -176,7 +218,7 @@ changes. If you use relative paths, they are relative to the repository root.
 
 ```yaml
 - name: Define a list of cache dependency globs
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     enable-cache: true
     cache-dependency-glob: |
@@ -186,7 +228,7 @@ changes. If you use relative paths, they are relative to the repository root.
 
 ```yaml
 - name: Define an absolute cache dependency glob
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     enable-cache: true
     cache-dependency-glob: "/tmp/my-folder/requirements*.txt"
@@ -194,7 +236,7 @@ changes. If you use relative paths, they are relative to the repository root.
 
 ```yaml
 - name: Never invalidate the cache
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     enable-cache: true
     cache-dependency-glob: ""
@@ -209,7 +251,7 @@ It defaults to `setup-uv-cache` in the `TMP` dir, `D:\a\_temp\uv-tool-dir` on Wi
 
 ```yaml
 - name: Define a custom uv cache path
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     cache-local-path: "/path/to/cache"
 ```
@@ -228,7 +270,7 @@ input.
 
 ```yaml
 - name: Don't prune the cache before saving it
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     enable-cache: true
     prune-cache: false
@@ -241,12 +283,26 @@ If you want to ignore this, set the `ignore-nothing-to-cache` input to `true`.
 
 ```yaml
 - name: Ignore nothing to cache
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     enable-cache: true
     ignore-nothing-to-cache: true
 ```
 
+### Ignore empty workdir
+
+By default, the action will warn if the workdir is empty, because this is usually the case when
+`actions/checkout` is configured to run after `setup-uv`, which is not supported.
+
+If you want to ignore this, set the `ignore-empty-workdir` input to `true`.
+
+```yaml
+- name: Ignore empty workdir
+  uses: astral-sh/setup-uv@v5
+  with:
+    ignore-empty-workdir: true
+```
+
 ### GitHub authentication token
 
 This action uses the GitHub API to fetch the uv release artifacts. To avoid hitting the GitHub API
@@ -259,7 +315,7 @@ are not sufficient, you can provide a custom GitHub token with the necessary per
 
 ```yaml
 - name: Install the latest version of uv with a custom GitHub token
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     github-token: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
 ```
@@ -277,7 +333,7 @@ input:
 
 ```yaml
 - name: Install the latest version of uv with a custom tool dir
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     tool-dir: "/path/to/tool/dir"
 ```
@@ -296,7 +352,7 @@ If you want to change this behaviour (especially on self-hosted runners) you can
 
 ```yaml
 - name: Install the latest version of uv with a custom tool bin dir
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     tool-bin-dir: "/path/to/tool-bin/dir"
 ```
@@ -312,7 +368,7 @@ This action supports expanding the `~` character to the user's home directory fo
 
 ```yaml
 - name: Expand the tilde character
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     cache-local-path: "~/path/to/cache"
     tool-dir: "~/path/to/tool/dir"
@@ -334,21 +390,22 @@ by name (`uv`).
 
 ### Do I still need `actions/setup-python` alongside `setup-uv`?
 
-No. This action is modelled as a drop-in replacement for `actions/setup-python` when using uv. With
-`setup-uv`, you can install a specific version of Python using `uv python install` rather than
+With `setup-uv`, you can install a specific version of Python using `uv python install` rather than
 relying on `actions/setup-python`.
 
+Using `actions/setup-python` can be faster, because GitHub caches the Python versions alongside the runner.
+
 For example:
 
 ```yaml
 - name: Checkout the repository
   uses: actions/checkout@main
 - name: Install the latest version of uv
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     enable-cache: true
 - name: Test
-  run: uv run --frozen pytest
+  run: uv run --frozen pytest  # Uses the Python version automatically installed by uv
 ```
 
 To install a specific version of Python, use
@@ -356,7 +413,7 @@ To install a specific version of Python, use
 
 ```yaml
 - name: Install the latest version of uv
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
   with:
     enable-cache: true
 - name: Install Python 3.12
@@ -375,11 +432,52 @@ output:
   uses: actions/checkout@main
 - name: Install the default version of uv
   id: setup-uv
-  uses: astral-sh/setup-uv@v4
+  uses: astral-sh/setup-uv@v5
 - name: Print the installed version
   run: echo "Installed uv version is ${{ steps.setup-uv.outputs.uv-version }}"
 ```
 
+### Should I include the resolution strategy in the cache key?
+
+**Yes!**
+
+The cache key gets computed by using the [cache-dependency-glob](#cache-dependency-glob).
+
+If you
+have jobs which use the same dependency definitions from `requirements.txt` or
+`pyproject.toml` but different
+[resolution strategies](https://docs.astral.sh/uv/concepts/resolution/#resolution-strategy),
+each job will have different dependencies or dependency versions.
+But if you do not add the resolution strategy as a [cache-suffix](#enable-caching),
+they will have the same cache key.
+
+This means the first job which starts uploading its cache will win and all other job will fail
+uploading the cache,
+because they try to upload with the same cache key.
+
+You might see errors like
+`Failed to save: Failed to CreateCacheEntry: Received non-retryable error: Failed request: (409) Conflict: cache entry with the same key, version, and scope already exists`
+
+### Why do I see warnings like `No GitHub Actions cache found for key`
+
+When a workflow runs for the first time on a branch and has a new cache key, because the
+[cache-dependency-glob](#cache-dependency-glob) found changed files (changed dependencies),
+the cache will not be found and the warning `No GitHub Actions cache found for key` will be printed.
+
+While this might be irritating at first, it is expected behaviour and the cache will be created
+and reused in later workflows.
+
+The reason for the warning is, that we have to way to know if this is the first run of a new
+cache key or the user accidentally misconfigured the [cache-dependency-glob](#cache-dependency-glob)
+or [cache-suffix](#enable-caching) and the cache never gets used.
+
+### Do I have to run `actions/checkout` before or after `setup-uv`?
+
+Some workflows need uv but do not need to access the repository content.
+
+But **if** you need to access the repository content, you have run `actions/checkout` before running `setup-uv`.
+Running `actions/checkout` after `setup-uv` **is not supported**.
+
 ## Acknowledgements
 
 `setup-uv` was initially written and published by [Kevin Stillhammer](https://github.com/eifinger)

__tests__/fixtures/malformed-pyproject-toml-project/.python-version

@@ -0,0 +1 @@
+3.11

__tests__/fixtures/malformed-pyproject-toml-project/hello.py

@@ -0,0 +1,6 @@
+def main():
+    print("Hello from malformed-pyproject-toml-project!")
+
+
+if __name__ == "__main__":
+    main()

__tests__/fixtures/malformed-pyproject-toml-project/pyproject.toml

@@ -0,0 +1,9 @@
+[project]
+name = "malformed-pyproject-toml-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.11"
+dependencies = []
+
+[malformed-toml

__tests__/fixtures/pyproject-toml-project/.python-version

@@ -0,0 +1 @@
+3.11

__tests__/fixtures/pyproject-toml-project/hello.py

@@ -0,0 +1,6 @@
+def main():
+    print("Hello from pyproject-toml-project!")
+
+
+if __name__ == "__main__":
+    main()

__tests__/fixtures/pyproject-toml-project/pyproject.toml

@@ -0,0 +1,19 @@
+[project]
+name = "pyproject-toml-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.11"
+dependencies = []
+
+[dependency-groups]
+dev = [
+  "reuse==5.0.2",
+  {include-group = "lint"},
+]
+lint = [
+  "flake8==4.0.1",
+]
+
+[tool.uv]
+required-version = "==0.5.14"

__tests__/fixtures/uv-toml-project/.python-version

@@ -0,0 +1 @@
+3.11

__tests__/fixtures/uv-toml-project/hello.py

@@ -0,0 +1,6 @@
+def main():
+    print("Hello from uv-toml-project!")
+
+
+if __name__ == "__main__":
+    main()

__tests__/fixtures/uv-toml-project/pyproject.toml

@@ -0,0 +1,10 @@
+[project]
+name = "uv-toml-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.11"
+dependencies = []
+
+[tool.uv]
+required-version = "==0.5.14"

__tests__/fixtures/uv-toml-project/uv.toml

@@ -0,0 +1 @@
+required-version = "==0.5.15"

action.yml

@@ -4,8 +4,14 @@ description:
 author: "astral-sh"
 inputs:
   version:
-    description: "The version of uv to install"
-    default: "latest"
+    description: "The version of uv to install e.g., `0.5.0` Defaults to the version in pyproject.toml or 'latest'."
+    default: ""
+  pyproject-file:
+    description: "Path to a pyproject.toml"
+    default: ""
+  uv-file:
+    description: "Path to a uv.toml"
+    default: ""
   python-version:
     description: "The version of Python to set UV_PYTHON to"
     required: false
@@ -18,7 +24,7 @@ inputs:
     required: false
     default: ${{ github.token }}
   enable-cache:
-    description: "Enable caching of the uv cache"
+    description: "Enable uploading of the uv cache"
     default: "auto"
   cache-dependency-glob:
     description:
@@ -39,6 +45,9 @@ inputs:
   ignore-nothing-to-cache:
     description: "Ignore when nothing is found to cache."
     default: "false"
+  ignore-empty-workdir:
+    description: "Ignore when the working directory is empty."
+    default: "false"
   tool-dir:
     description: "Custom path to set UV_TOOL_DIR to."
     required: false
@@ -48,6 +57,10 @@ inputs:
 outputs:
   uv-version:
     description: "The installed uv version. Useful when using latest."
+  uv-path:
+    description: "The path to the installed uv binary."
+  uvx-path:
+    description: "The path to the installed uvx binary."
   cache-hit:
     description: "A boolean value to indicate a cache entry was found"
 runs:

package.json

@@ -23,23 +23,27 @@
   "author": "@eifinger",
   "license": "MIT",
   "dependencies": {
-    "@actions/cache": "^4.0.0",
+    "@actions/cache": "^4.0.3",
     "@actions/core": "^1.11.1",
     "@actions/exec": "^1.1.1",
-    "@actions/github": "^6.0.0",
     "@actions/glob": "^0.5.0",
     "@actions/io": "^1.1.3",
-    "@actions/tool-cache": "^2.0.1",
-    "@octokit/rest": "^21.0.2"
+    "@actions/tool-cache": "^2.0.2",
+    "@octokit/core": "^6.1.4",
+    "@octokit/plugin-paginate-rest": "^11.4.3",
+    "@octokit/plugin-rest-endpoint-methods": "^13.3.1",
+    "@renovatebot/pep440": "^4.1.0",
+    "smol-toml": "^1.3.1",
+    "undici": "^7.5.0"
   },
   "devDependencies": {
     "@biomejs/biome": "1.9.4",
-    "@types/node": "^22.10.2",
+    "@types/node": "^22.13.10",
     "@types/semver": "^7.5.8",
     "@vercel/ncc": "^0.38.3",
     "jest": "^29.7.0",
     "js-yaml": "^4.1.0",
-    "ts-jest": "^29.2.5",
-    "typescript": "^5.7.2"
+    "ts-jest": "^29.2.6",
+    "typescript": "^5.8.2"
   }
 }

src/cache/restore-cache.ts

@@ -14,8 +14,8 @@ export const STATE_CACHE_KEY = "cache-key";
 export const STATE_CACHE_MATCHED_KEY = "cache-matched-key";
 const CACHE_VERSION = "1";
 
-export async function restoreCache(version: string): Promise<void> {
-  const cacheKey = await computeKeys(version);
+export async function restoreCache(): Promise<void> {
+  const cacheKey = await computeKeys();
 
   let matchedKey: string | undefined;
   core.info(
@@ -35,7 +35,7 @@ export async function restoreCache(version: string): Promise<void> {
   handleMatchResult(matchedKey, cacheKey);
 }
 
-async function computeKeys(version: string): Promise<string> {
+async function computeKeys(): Promise<string> {
   let cacheDependencyPathHash = "-";
   if (cacheDependencyGlob !== "") {
     core.info(
@@ -53,7 +53,8 @@ async function computeKeys(version: string): Promise<string> {
   }
   const suffix = cacheSuffix ? `-${cacheSuffix}` : "";
   const pythonVersion = await getPythonVersion();
-  return `setup-uv-${CACHE_VERSION}-${getArch()}-${getPlatform()}-${version}-${pythonVersion}${cacheDependencyPathHash}${suffix}`;
+  const platform = await getPlatform();
+  return `setup-uv-${CACHE_VERSION}-${getArch()}-${platform}-${pythonVersion}${cacheDependencyPathHash}${suffix}`;
 }
 
 async function getPythonVersion(): Promise<string> {

src/download/download-version.ts

@@ -1,16 +1,12 @@
 import * as core from "@actions/core";
 import * as tc from "@actions/tool-cache";
 import * as path from "node:path";
+import * as pep440 from "@renovatebot/pep440";
 import { promises as fs } from "node:fs";
-import {
-  GITHUB_COM_API,
-  OWNER,
-  REPO,
-  TOOL_CACHE_NAME,
-} from "../utils/constants";
+import { OWNER, REPO, TOOL_CACHE_NAME } from "../utils/constants";
 import type { Architecture, Platform } from "../utils/platforms";
 import { validateChecksum } from "./checksum/checksum";
-import * as github from "@actions/github";
+import { Octokit } from "../utils/octokit";
 
 export function tryGetFromToolCache(
   arch: Architecture,
@@ -79,6 +75,7 @@ export async function resolveVersion(
   versionInput: string,
   githubToken: string,
 ): Promise<string> {
+  core.debug(`Resolving version: ${versionInput}`);
   const version =
     versionInput === "latest"
       ? await getLatestVersion(githubToken)
@@ -88,16 +85,35 @@ export async function resolveVersion(
     return version;
   }
   const availableVersions = await getAvailableVersions(githubToken);
-  const resolvedVersion = tc.evaluateVersions(availableVersions, version);
-  if (resolvedVersion === "") {
+  core.debug(`Available versions: ${availableVersions}`);
+  const resolvedVersion = maxSatisfying(availableVersions, version);
+  if (resolvedVersion === undefined) {
     throw new Error(`No version found for ${version}`);
   }
   return resolvedVersion;
 }
 
 async function getAvailableVersions(githubToken: string): Promise<string[]> {
-  const octokit = github.getOctokit(githubToken, { baseUrl: GITHUB_COM_API });
+  try {
+    const octokit = new Octokit({
+      auth: githubToken,
+    });
+    return await getReleaseTagNames(octokit);
+  } catch (err) {
+    if ((err as Error).message.includes("Bad credentials")) {
+      core.info(
+        "No (valid) GitHub token provided. Falling back to anonymous. Requests might be rate limited.",
+      );
+      const octokit = new Octokit();
+      return await getReleaseTagNames(octokit);
+    }
+    throw err;
+  }
+}
 
+async function getReleaseTagNames(
+  octokit: InstanceType<typeof Octokit>,
+): Promise<string[]> {
   const response = await octokit.paginate(octokit.rest.repos.listReleases, {
     owner: OWNER,
     repo: REPO,
@@ -106,15 +122,55 @@ async function getAvailableVersions(githubToken: string): Promise<string[]> {
 }
 
 async function getLatestVersion(githubToken: string) {
-  const octokit = github.getOctokit(githubToken, { baseUrl: GITHUB_COM_API });
-
-  const { data: latestRelease } = await octokit.rest.repos.getLatestRelease({
-    owner: OWNER,
-    repo: REPO,
+  core.debug("Getting latest version...");
+  const octokit = new Octokit({
+    auth: githubToken,
   });
 
+  let latestRelease: { tag_name: string } | undefined;
+  try {
+    latestRelease = await getLatestRelease(octokit);
+  } catch (err) {
+    core.info(
+      "No (valid) GitHub token provided. Falling back to anonymous. Requests might be rate limited.",
+    );
+    if (err instanceof Error) {
+      core.debug(err.message);
+    }
+    const octokit = new Octokit();
+    latestRelease = await getLatestRelease(octokit);
+  }
+
   if (!latestRelease) {
     throw new Error("Could not determine latest release.");
   }
+  core.debug(`Latest version: ${latestRelease.tag_name}`);
   return latestRelease.tag_name;
 }
+
+async function getLatestRelease(octokit: InstanceType<typeof Octokit>) {
+  const { data: latestRelease } = await octokit.rest.repos.getLatestRelease({
+    owner: OWNER,
+    repo: REPO,
+  });
+  return latestRelease;
+}
+
+function maxSatisfying(
+  versions: string[],
+  version: string,
+): string | undefined {
+  const maxSemver = tc.evaluateVersions(versions, version);
+  if (maxSemver !== "") {
+    core.debug(`Found a version that satisfies the semver range: ${maxSemver}`);
+    return maxSemver;
+  }
+  const maxPep440 = pep440.maxSatisfying(versions, version);
+  if (maxPep440 !== null) {
+    core.debug(
+      `Found a version that satisfies the pep440 specifier: ${maxPep440}`,
+    );
+    return maxPep440;
+  }
+  return undefined;
+}

src/setup-uv.ts

@@ -16,17 +16,23 @@ import {
 import {
   cacheLocalPath,
   checkSum,
+  ignoreEmptyWorkdir,
   enableCache,
   githubToken,
+  pyProjectFile,
   pythonVersion,
   toolBinDir,
   toolDir,
-  version,
+  uvFile,
+  version as versionInput,
 } from "./utils/inputs";
 import * as exec from "@actions/exec";
+import fs from "node:fs";
+import { getUvVersionFromConfigFile } from "./utils/pyproject";
 
 async function run(): Promise<void> {
-  const platform = getPlatform();
+  detectEmptyWorkdir();
+  const platform = await getPlatform();
   const arch = getArch();
 
   try {
@@ -36,15 +42,9 @@ async function run(): Promise<void> {
     if (arch === undefined) {
       throw new Error(`Unsupported architecture: ${process.arch}`);
     }
-    const setupResult = await setupUv(
-      platform,
-      arch,
-      version,
-      checkSum,
-      githubToken,
-    );
+    const setupResult = await setupUv(platform, arch, checkSum, githubToken);
 
-    addUvToPath(setupResult.uvDir);
+    addUvToPathAndOutput(setupResult.uvDir);
     addToolBinToPath();
     setToolDir();
     await setupPython();
@@ -55,7 +55,7 @@ async function run(): Promise<void> {
     core.info(`Successfully installed uv version ${setupResult.version}`);
 
     if (enableCache) {
-      await restoreCache(setupResult.version);
+      await restoreCache();
     }
     process.exit(0);
   } catch (err) {
@@ -63,14 +63,27 @@ async function run(): Promise<void> {
   }
 }
 
+function detectEmptyWorkdir(): void {
+  if (fs.readdirSync(".").length === 0) {
+    if (ignoreEmptyWorkdir) {
+      core.info(
+        "Empty workdir detected. Ignoring because ignore-empty-workdir is enabled",
+      );
+    } else {
+      core.warning(
+        "Empty workdir detected. This may cause unexpected behavior. You can enable ignore-empty-workdir to mute this warning.",
+      );
+    }
+  }
+}
+
 async function setupUv(
   platform: Platform,
   arch: Architecture,
-  versionInput: string,
   checkSum: string | undefined,
   githubToken: string,
 ): Promise<{ uvDir: string; version: string }> {
-  const resolvedVersion = await resolveVersion(versionInput, githubToken);
+  const resolvedVersion = await determineVersion();
   const toolCacheResult = tryGetFromToolCache(arch, resolvedVersion);
   if (toolCacheResult.installedPath) {
     core.info(`Found uv in tool-cache for ${toolCacheResult.version}`);
@@ -94,7 +107,31 @@ async function setupUv(
   };
 }
 
-function addUvToPath(cachedPath: string): void {
+async function determineVersion(): Promise<string> {
+  if (versionInput !== "") {
+    return await resolveVersion(versionInput, githubToken);
+  }
+  const configFile = uvFile !== "" ? uvFile : pyProjectFile;
+  if (configFile !== "") {
+    const versionFromConfigFile = getUvVersionFromConfigFile(configFile);
+    if (versionFromConfigFile === undefined) {
+      core.warning(
+        `Could not find required-version under [tool.uv] in ${configFile}. Falling back to latest`,
+      );
+    }
+    return await resolveVersion(versionFromConfigFile || "latest", githubToken);
+  }
+  if (!fs.existsSync("uv.toml") && !fs.existsSync("pyproject.toml")) {
+    return await resolveVersion("latest", githubToken);
+  }
+  const versionFile = fs.existsSync("uv.toml") ? "uv.toml" : "pyproject.toml";
+  const versionFromConfigFile = getUvVersionFromConfigFile(versionFile);
+  return await resolveVersion(versionFromConfigFile || "latest", githubToken);
+}
+
+function addUvToPathAndOutput(cachedPath: string): void {
+  core.setOutput("uv-path", `${cachedPath}${path.sep}uv`);
+  core.setOutput("uvx-path", `${cachedPath}${path.sep}uvx`);
   core.addPath(cachedPath);
   core.info(`Added ${cachedPath} to the path`);
 }
@@ -142,8 +179,8 @@ async function setupPython(): Promise<void> {
     if (process.platform === "win32") {
       venvBinPath = ".venv/Scripts";
     }
-    core.addPath(venvBinPath);
-    core.exportVariable("VIRTUAL_ENV", venvBinPath);
+    core.addPath(path.resolve(venvBinPath));
+    core.exportVariable("VIRTUAL_ENV", path.resolve(".venv"));
   }
 }
 

src/update-known-checksums.ts

@@ -1,8 +1,8 @@
-import * as github from "@actions/github";
-import * as core from "@actions/core";
-
-import { GITHUB_COM_API, OWNER, REPO } from "./utils/constants";
 import * as semver from "semver";
+import * as core from "@actions/core";
+import { Octokit } from "./utils/octokit";
+
+import { OWNER, REPO } from "./utils/constants";
 
 import { updateChecksums } from "./download/checksum/update-known-checksums";
 
@@ -10,7 +10,9 @@ async function run(): Promise<void> {
   const checksumFilePath = process.argv.slice(2)[0];
   const github_token = process.argv.slice(2)[1];
 
-  const octokit = github.getOctokit(github_token, { baseUrl: GITHUB_COM_API });
+  const octokit = new Octokit({
+    auth: github_token,
+  });
 
   const response = await octokit.paginate(octokit.rest.repos.listReleases, {
     owner: OWNER,

src/utils/constants.ts

@@ -1,4 +1,3 @@
 export const REPO = "uv";
 export const OWNER = "astral-sh";
 export const TOOL_CACHE_NAME = "uv";
-export const GITHUB_COM_API = "https://api.github.com";

src/utils/inputs.ts

@@ -2,6 +2,8 @@ import * as core from "@actions/core";
 import path from "node:path";
 
 export const version = core.getInput("version");
+export const pyProjectFile = core.getInput("pyproject-file");
+export const uvFile = core.getInput("uv-file");
 export const pythonVersion = core.getInput("python-version");
 export const checkSum = core.getInput("checksum");
 export const enableCache = getEnableCache();
@@ -11,6 +13,8 @@ export const cacheDependencyGlob = core.getInput("cache-dependency-glob");
 export const pruneCache = core.getInput("prune-cache") === "true";
 export const ignoreNothingToCache =
   core.getInput("ignore-nothing-to-cache") === "true";
+export const ignoreEmptyWorkdir =
+  core.getInput("ignore-empty-workdir") === "true";
 export const toolBinDir = getToolBinDir();
 export const toolDir = getToolDir();
 export const githubToken = core.getInput("github-token");

src/utils/octokit.ts

@@ -0,0 +1,58 @@
+import { Octokit as Core } from "@octokit/core";
+import type {
+  Constructor,
+  OctokitOptions,
+} from "@octokit/core/dist-types/types";
+import {
+  paginateRest,
+  type PaginateInterface,
+} from "@octokit/plugin-paginate-rest";
+import { legacyRestEndpointMethods } from "@octokit/plugin-rest-endpoint-methods";
+import { fetch as undiciFetch, ProxyAgent, type RequestInit } from "undici";
+
+export type { RestEndpointMethodTypes } from "@octokit/plugin-rest-endpoint-methods";
+
+const DEFAULTS = {
+  baseUrl: "https://api.github.com",
+  userAgent: "setup-uv",
+};
+
+export function getProxyAgent() {
+  const httpProxy = process.env.HTTP_PROXY || process.env.http_prox;
+  if (httpProxy) {
+    return new ProxyAgent(httpProxy);
+  }
+
+  const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
+  if (httpsProxy) {
+    return new ProxyAgent(httpsProxy);
+  }
+
+  return undefined;
+}
+
+export const customFetch = async (url: string, opts: RequestInit) =>
+  await undiciFetch(url, {
+    dispatcher: getProxyAgent(),
+    ...opts,
+  });
+
+export const Octokit: typeof Core &
+  Constructor<
+    {
+      paginate: PaginateInterface;
+    } & ReturnType<typeof legacyRestEndpointMethods>
+  > = Core.plugin(paginateRest, legacyRestEndpointMethods).defaults(
+  function buildDefaults(options: OctokitOptions): OctokitOptions {
+    return {
+      ...DEFAULTS,
+      ...options,
+      request: {
+        fetch: customFetch,
+        ...options.request,
+      },
+    };
+  },
+);
+
+export type Octokit = InstanceType<typeof Octokit>;

src/utils/platforms.ts

@@ -1,10 +1,17 @@
+import * as exec from "@actions/exec";
+import * as core from "@actions/core";
 export type Platform =
   | "unknown-linux-gnu"
   | "unknown-linux-musl"
   | "unknown-linux-musleabihf"
   | "apple-darwin"
   | "pc-windows-msvc";
-export type Architecture = "i686" | "x86_64" | "aarch64";
+export type Architecture =
+  | "i686"
+  | "x86_64"
+  | "aarch64"
+  | "s390x"
+  | "powerpc64le";
 
 export function getArch(): Architecture | undefined {
   const arch = process.arch;
@@ -12,6 +19,8 @@ export function getArch(): Architecture | undefined {
     ia32: "i686",
     x64: "x86_64",
     arm64: "aarch64",
+    s390x: "s390x",
+    ppc64: "powerpc64le",
   };
 
   if (arch in archMapping) {
@@ -19,15 +28,49 @@ export function getArch(): Architecture | undefined {
   }
 }
 
-export function getPlatform(): Platform | undefined {
-  const platform = process.platform;
+export async function getPlatform(): Promise<Platform | undefined> {
+  const processPlatform = process.platform;
   const platformMapping: { [key: string]: Platform } = {
     linux: "unknown-linux-gnu",
     darwin: "apple-darwin",
     win32: "pc-windows-msvc",
   };
 
-  if (platform in platformMapping) {
-    return platformMapping[platform];
+  if (processPlatform in platformMapping) {
+    const platform = platformMapping[processPlatform];
+    if (platform === "unknown-linux-gnu") {
+      const isMusl = await isMuslOs();
+      return isMusl ? "unknown-linux-musl" : platform;
+    }
+    return platform;
+  }
+}
+
+async function isMuslOs(): Promise<boolean> {
+  let stdOutput = "";
+  let errOutput = "";
+  const options: exec.ExecOptions = {
+    silent: !core.isDebug(),
+    listeners: {
+      stdout: (data: Buffer) => {
+        stdOutput += data.toString();
+      },
+      stderr: (data: Buffer) => {
+        errOutput += data.toString();
+      },
+    },
+    ignoreReturnCode: true,
+  };
+
+  try {
+    const execArgs = ["--version"];
+    await exec.exec("ldd", execArgs, options);
+    return stdOutput.includes("musl") || errOutput.includes("musl");
+  } catch (error) {
+    const err = error as Error;
+    core.warning(
+      `Failed to determine glibc or musl. Falling back to glibc. Error: ${err.message}`,
+    );
+    return false;
   }
 }

src/utils/pyproject.ts

@@ -0,0 +1,46 @@
+import fs from "node:fs";
+import * as core from "@actions/core";
+import * as toml from "smol-toml";
+
+export function getUvVersionFromConfigFile(
+  filePath: string,
+): string | undefined {
+  core.debug(`Trying to find required-version for uv in: ${filePath}`);
+  if (!fs.existsSync(filePath)) {
+    core.warning(`Could not find file: ${filePath}`);
+    return undefined;
+  }
+  let requiredVersion: string | undefined;
+  try {
+    requiredVersion = getRequiredVersion(filePath);
+  } catch (err) {
+    const message = (err as Error).message;
+    core.warning(`Error while parsing ${filePath}: ${message}`);
+    return undefined;
+  }
+
+  if (requiredVersion?.startsWith("==")) {
+    requiredVersion = requiredVersion.slice(2);
+  }
+  if (requiredVersion !== undefined) {
+    core.info(
+      `Found required-version for uv in ${filePath}: ${requiredVersion}`,
+    );
+  }
+  return requiredVersion;
+}
+
+function getRequiredVersion(filePath: string): string | undefined {
+  const fileContent = fs.readFileSync(filePath, "utf-8");
+
+  if (filePath.endsWith("pyproject.toml")) {
+    const tomlContent = toml.parse(fileContent) as {
+      tool?: { uv?: { "required-version"?: string } };
+    };
+    return tomlContent?.tool?.uv?.["required-version"];
+  }
+  const tomlContent = toml.parse(fileContent) as {
+    "required-version"?: string;
+  };
+  return tomlContent["required-version"];
+}

tsconfig.json

@@ -1,6 +1,6 @@
 {
   "compilerOptions": {
-    "target": "es6" /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019' or 'ESNEXT'. */,
+    "target": "ES2022" /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019' or 'ESNEXT'. */,
     "module": "commonjs" /* Specify module code generation: 'none', 'commonjs', 'amd', 'system', 'umd', 'es2015', or 'ESNext'. */,
     "outDir": "./lib" /* Redirect output structure to the directory. */,
     "rootDir": "./src" /* Specify the root directory of input files. Use to control the output directory structure with --outDir. */,