Add comprehensive Copilot instructions for setup-uv repository

Co-authored-by: eifinger <1481961+eifinger@users.noreply.github.com>

.github/actionlint.yaml

@@ -0,0 +1,13 @@
+self-hosted-runner:
+  # Custom labels of self-hosted or large GitHub hosted runners
+  # so that actionlint knows that they are not a typo
+  labels:
+    - selfhosted-ubuntu-arm64
+# Configuration variables in array of strings defined in your repository or
+# organization. `null` means disabling configuration variables check.
+# Empty array means no configuration variable is allowed.
+config-variables: null
+paths:
+  .github/workflows/test.yml:
+    ignore:
+      - 'invalid runner name.+'

.github/copilot-instructions.md

@@ -0,0 +1,225 @@
+# Copilot Instructions for setup-uv
+
+This document provides essential information for GitHub Copilot coding agents working on the `astral-sh/setup-uv` repository.
+
+## Repository Overview
+
+**setup-uv** is a GitHub Action that sets up the [uv](https://docs.astral.sh/uv/) Python package installer in GitHub Actions workflows. It's a TypeScript-based action that downloads uv binaries, manages caching, handles version resolution, and configures the environment for subsequent workflow steps.
+
+### Key Features
+- Downloads and installs specific uv versions from GitHub releases
+- Supports version resolution from config files (pyproject.toml, uv.toml, .tool-versions)
+- Implements intelligent caching for both uv cache and Python installations
+- Provides cross-platform support (Linux, macOS, Windows, including ARM architectures)
+- Includes problem matchers for Python error reporting
+- Supports environment activation and custom tool directories
+
+## Repository Structure
+
+**Size**: Small-medium repository (~50 source files, ~400 total files including dependencies)
+**Languages**: TypeScript (primary), JavaScript (compiled output), JSON (configuration)
+**Runtime**: Node.js 24 (GitHub Actions runtime)
+**Key Dependencies**: @actions/core, @actions/cache, @actions/tool-cache, @octokit/core
+
+### Core Architecture
+```
+src/
+├── setup-uv.ts          # Main entry point and orchestration
+├── save-cache.ts        # Post-action cache saving logic
+├── update-known-versions.ts  # Maintenance script for version updates
+├── cache/               # Cache management functionality
+├── download/            # Version resolution and binary downloading
+├── utils/               # Input parsing, platform detection, configuration
+└── version/             # Version resolution from various file formats
+```
+
+### Key Files and Locations
+- **Action Definition**: `action.yml` - Defines all inputs/outputs and entry points
+- **Main Source**: `src/setup-uv.ts` - Primary action logic
+- **Configuration**: `biome.json` (linting), `tsconfig.json` (TypeScript), `jest.config.js` (testing)
+- **Compiled Output**: `dist/` - Contains compiled Node.js bundles (auto-generated, committed)
+- **Test Fixtures**: `__tests__/fixtures/` - Sample projects for different configuration scenarios
+- **Workflows**: `.github/workflows/test.yml` - Comprehensive CI/CD pipeline
+
+## Build and Development Process
+
+### Prerequisites
+- Node.js 24+ (matches GitHub Actions runtime)
+- npm (included with Node.js)
+
+### Essential Commands (ALWAYS run in this order)
+
+#### 1. Install Dependencies
+```bash
+npm install
+```
+**Timing**: ~20-30 seconds  
+**Note**: Always run this first after cloning or when package.json changes
+
+#### 2. Build TypeScript
+```bash
+npm run build
+```
+**Timing**: ~5-10 seconds  
+**Purpose**: Compiles TypeScript source to JavaScript in `lib/` directory
+
+#### 3. Lint and Format Code
+```bash
+npm run check
+```
+**Timing**: ~2-5 seconds  
+**Tool**: Biome (replaces ESLint/Prettier)  
+**Auto-fixes**: Formatting, import organization, basic linting issues
+
+#### 4. Package for Distribution
+```bash
+npm run package
+```
+**Timing**: ~20-30 seconds  
+**Purpose**: Creates bundled distributions in `dist/` using @vercel/ncc  
+**Critical**: This step MUST be run before committing - the `dist/` files are used by GitHub Actions
+
+#### 5. Run Tests
+```bash
+npm test
+```
+**Timing**: ~10-15 seconds  
+**Framework**: Jest with TypeScript support  
+**Coverage**: Unit tests for version resolution, input parsing, checksum validation
+
+#### 6. Complete Validation (Recommended)
+```bash
+npm run all
+```
+**Timing**: ~60-90 seconds  
+**Purpose**: Runs build → check → package → test in sequence  
+**Use**: Before making pull requests or when unsure about build state
+
+### Important Build Notes
+
+**CRITICAL**: Always run `npm run package` after making code changes. The `dist/` directory contains the compiled bundles that GitHub Actions actually executes. Forgetting this step will cause your changes to have no effect.
+
+**TypeScript Warnings**: You may see ts-jest warnings about "isolatedModules" - these are harmless and don't affect functionality.
+
+**Biome**: This project uses Biome instead of ESLint/Prettier. Run `npm run check` to fix formatting and linting issues automatically.
+
+## Testing Strategy
+
+### Unit Tests
+- **Location**: `__tests__/` directory
+- **Framework**: Jest with ts-jest transformer
+- **Coverage**: Version resolution, input parsing, checksum validation, utility functions
+
+### Integration Tests
+- **Location**: `.github/workflows/test.yml` 
+- **Scope**: Full end-to-end testing across multiple platforms and scenarios
+- **Key Test Categories**:
+  - Version installation (specific, latest, semver ranges)
+  - Cache behavior (setup, restore, invalidation)
+  - Cross-platform compatibility (Ubuntu, macOS, Windows, ARM)
+  - Configuration file parsing (pyproject.toml, uv.toml, requirements.txt)
+  - Error handling and edge cases
+
+### Test Fixtures
+Located in `__tests__/fixtures/`, these provide sample projects with different configurations:
+- `pyproject-toml-project/` - Standard Python project with uv version specification
+- `uv-toml-project/` - Project using uv.toml configuration
+- `requirements-txt-project/` - Legacy requirements.txt format
+- `cache-dir-defined-project/` - Custom cache directory configuration
+
+## Continuous Integration
+
+### GitHub Workflows
+
+#### Primary Test Suite (`.github/workflows/test.yml`)
+- **Triggers**: PRs, pushes to main, manual dispatch
+- **Matrix**: Multiple OS (Ubuntu, macOS, Windows), architecture (x64, ARM), and configuration combinations
+- **Duration**: ~20-30 minutes for full matrix
+- **Key Validations**:
+  - Cross-platform installation and functionality
+  - Cache behavior and performance
+  - Version resolution from various sources
+  - Tool directory configurations
+  - Problem matcher functionality
+
+#### Maintenance Workflows
+- **CodeQL Analysis**: Security scanning on pushes/PRs
+- **Update Known Versions**: Daily job to sync with latest uv releases
+- **Dependabot**: Automated dependency updates
+
+### Pre-commit Validation
+The CI runs these checks that you should run locally:
+1. `npm run all` - Complete build and test suite
+2. ActionLint - GitHub Actions workflow validation
+3. Change detection - Ensures no uncommitted build artifacts
+
+## Key Configuration Files
+
+### Action Configuration (`action.yml`)
+Defines 20+ inputs including version specifications, cache settings, tool directories, and environment options. This file is the authoritative source for understanding available action parameters.
+
+### TypeScript Configuration (`tsconfig.json`)
+- Target: ES2024
+- Module: nodenext (Node.js modules)
+- Strict mode enabled
+- Output directory: `lib/`
+
+### Linting Configuration (`biome.json`)
+- Formatter and linter combined
+- Enforces consistent code style
+- Automatically organizes imports and sorts object keys
+
+## Common Development Patterns
+
+### Making Code Changes
+1. Edit TypeScript source files in `src/`
+2. Run `npm run build` to compile
+3. Run `npm run check` to format and lint
+4. Run `npm run package` to update distribution bundles
+5. Run `npm test` to verify functionality
+6. Commit all changes including `dist/` files
+
+### Adding New Features
+- Follow existing patterns in `src/utils/inputs.ts` for new action inputs
+- Update `action.yml` to declare new inputs/outputs
+- Add corresponding tests in `__tests__/`
+- Update README.md with usage examples
+
+### Cache-Related Changes
+- Cache logic is complex and affects performance significantly
+- Test with multiple cache scenarios (hit, miss, invalidation)
+- Consider impact on both GitHub-hosted and self-hosted runners
+- Validate cache key generation and dependency detection
+
+### Version Resolution Changes
+- Version resolution supports multiple file formats and precedence rules
+- Test with fixtures in `__tests__/fixtures/`
+- Consider backward compatibility with existing projects
+- Validate semver and PEP 440 specification handling
+
+## Troubleshooting
+
+### Build Failures
+- **"Module not found"**: Run `npm install` to ensure dependencies are installed
+- **TypeScript errors**: Check `tsconfig.json` and ensure all imports are valid
+- **Test failures**: Check if test fixtures have been modified or if logic changes broke assumptions
+
+### Action Failures in Workflows
+- **Changes not taking effect**: Ensure `npm run package` was run and `dist/` files committed
+- **Version resolution issues**: Check version specification format and file existence
+- **Cache problems**: Verify cache key generation and dependency glob patterns
+
+### Common Gotchas
+- **Forgetting to package**: Code changes won't work without running `npm run package`
+- **Platform differences**: Windows paths use backslashes, test cross-platform behavior
+- **Cache invalidation**: Cache keys are sensitive to dependency file changes
+- **Tool directory permissions**: Some platforms require specific directory setups
+
+## Trust These Instructions
+
+These instructions are comprehensive and current. Only search for additional information if:
+- You encounter specific error messages not covered here
+- You need to understand implementation details of specific functions
+- The instructions appear outdated (check repository commit history)
+
+For most development tasks, following the build process and development patterns outlined above will be sufficient.

.github/python.json

@@ -4,13 +4,13 @@
       "owner": "python",
       "pattern": [
         {
-          "regexp": "^\\s*File\\s\\\"(.*)\\\",\\sline\\s(\\d+),\\sin\\s(.*)$",
           "file": 1,
-          "line": 2
+          "line": 2,
+          "regexp": "^\\s*File\\s\\\"(.*)\\\",\\sline\\s(\\d+),\\sin\\s(.*)$"
         },
         {
-          "regexp": "^\\s*raise\\s(.*)\\(\\'(.*)\\'\\)$",
-          "message": 2
+          "message": 2,
+          "regexp": "^\\s*raise\\s(.*)\\(\\'(.*)\\'\\)$"
         }
       ]
     }

.github/release-drafter.yml

@@ -19,7 +19,7 @@ categories:
     labels:
       - "maintenance"
       - "ci"
-      - "update-known-checksums"
+      - "update-known-versions"
   - title: "📚 Documentation"
     labels:
       - "documentation"

.github/scripts/check-all-tests-passed-needs.js

@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+var fs = require("node:fs");
+var yaml = require("js-yaml");
+var workflow = yaml.load(fs.readFileSync("../workflows/test.yml", "utf8"));
+var jobs = Object.keys(workflow.jobs);
+var allTestsPassed = workflow.jobs["all-tests-passed"];
+var needs = allTestsPassed.needs || [];
+var expectedNeeds = jobs.filter(function (j) { return j !== "all-tests-passed"; });
+var missing = expectedNeeds.filter(function (j) { return !needs.includes(j); });
+if (missing.length > 0) {
+    console.error("Missing jobs in all-tests-passed needs: ".concat(missing.join(", ")));
+    console.info("Please add the missing jobs to the needs section of all-tests-passed in test.yml.");
+    process.exit(1);
+}
+console.log("All jobs in test.yml are in the needs section of all-tests-passed.");

.github/scripts/check-all-tests-passed-needs.ts

@@ -0,0 +1,35 @@
+import * as fs from "node:fs";
+import * as yaml from "js-yaml";
+
+interface WorkflowJob {
+  needs?: string[];
+  [key: string]: unknown;
+}
+
+interface Workflow {
+  jobs: Record<string, WorkflowJob>;
+  [key: string]: unknown;
+}
+
+const workflow = yaml.load(
+  fs.readFileSync("../workflows/test.yml", "utf8"),
+) as Workflow;
+const jobs = Object.keys(workflow.jobs);
+const allTestsPassed = workflow.jobs["all-tests-passed"];
+const needs: string[] = allTestsPassed.needs || [];
+
+const expectedNeeds = jobs.filter((j) => j !== "all-tests-passed");
+const missing = expectedNeeds.filter((j) => !needs.includes(j));
+
+if (missing.length > 0) {
+  console.error(
+    `Missing jobs in all-tests-passed needs: ${missing.join(", ")}`,
+  );
+  console.info(
+    "Please add the missing jobs to the needs section of all-tests-passed in test.yml.",
+  );
+  process.exit(1);
+}
+console.log(
+  "All jobs in test.yml are in the needs section of all-tests-passed.",
+);

.github/workflows/check-dist.yml

@@ -1,49 +0,0 @@
-# `dist/index.js` is a special file in Actions.
-# When you reference an action with `uses:` in a workflow,
-# `index.js` is the code that will run.
-# For our project, we generate this file through a build process from other source files.
-# We need to make sure the checked-in `index.js` actually matches what we expect it to be.
-name: Check dist/
-
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-  workflow_dispatch:
-
-jobs:
-  check-dist:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Set up Node.js 20
-        uses: actions/setup-node@v4
-        with:
-          node-version: 20
-
-      - name: Install dependencies
-        run: npm ci
-
-      - name: Rebuild the dist/ directory
-        run: |
-          npm run build
-          npm run package
-
-      - name: Compare the expected and actual dist/ directories
-        run: |
-          if [ "$(git diff --ignore-space-at-eol dist/ | wc -l)" -gt "0" ]; then
-            echo "Detected uncommitted changes after build.  See status below:"
-            git diff --text -v
-            exit 1
-          fi
-        id: diff
-
-      # If index.js was different than expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@v4
-        if: ${{ failure() && steps.diff.conclusion == 'failure' }}
-        with:
-          name: dist
-          path: dist/

.github/workflows/codeql-analysis.yml

@@ -12,13 +12,16 @@
 name: "CodeQL"
 
 on:
+  workflow_dispatch:
   push:
-    branches: [main]
+    branches:
+      - main
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [main]
-  schedule:
-    - cron: "31 7 * * 3"
+    branches:
+      - main
+
+permissions: {}
 
 jobs:
   analyze:
@@ -38,11 +41,13 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: false
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
         with:
           languages: ${{ matrix.language }}
           source-root: src
@@ -54,7 +59,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
+        uses: github/codeql-action/autobuild@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -68,4 +73,4 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7

.github/workflows/release-drafter.yml

@@ -3,17 +3,22 @@ name: Release Drafter
 
 # yamllint disable-line rule:truthy
 on:
+  workflow_dispatch:
   push:
     branches:
       - main
-  workflow_dispatch:
+
+permissions: {}
 
 jobs:
   update_release_draft:
     name: ✏️ Draft release
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04-arm
+    permissions:
+      contents: write
+      pull-requests: read
     steps:
       - name: 🚀 Run Release Drafter
-        uses: release-drafter/release-drafter@v6.0.0
+        uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6.1.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/test-cache-windows.yml

@@ -1,49 +0,0 @@
-name: "test-cache-windows"
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  test-setup-cache:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: [windows-latest]
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}
-      - run: uv sync
-        working-directory: __tests__\fixtures\uv-project
-  test-restore-cache:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: [windows-latest]
-    needs: test-setup-cache
-    steps:
-      - uses: actions/checkout@v4
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}
-      - name: Cache was hit
-        run: |
-          if ($env:CACHE_HIT -ne "true") {
-            exit 1
-          }
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - run: uv sync
-        working-directory: __tests__\fixtures\uv-project

.github/workflows/test-cache.yml

@@ -1,170 +0,0 @@
-name: "test-cache"
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  test-setup-cache:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: [ubuntu-latest, macos-latest, macos-14]
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-  test-restore-cache:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: [ubuntu-latest, macos-latest, macos-14]
-    needs: test-setup-cache
-    steps:
-      - uses: actions/checkout@v4
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache
-      - name: Cache was hit
-        run: |
-          if [ "$CACHE_HIT" != "true" ]; then
-            exit 1
-          fi
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-
-  test-setup-cache-dependency-glob:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-dependency-glob: |
-            __tests__/fixtures/uv-project/uv.lock
-            **/pyproject.toml
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-dependency-glob
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-  test-restore-cache-dependency-glob:
-    runs-on: ubuntu-latest
-    needs: test-setup-cache-dependency-glob
-    steps:
-      - uses: actions/checkout@v4
-      - name: Change pyproject.toml
-        run: |
-          echo '[tool.uv]' >> __tests__/fixtures/uv-project/pyproject.toml
-          echo 'dev-dependencies = []' >> __tests__/fixtures/uv-project/pyproject.toml
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-          enable-cache: true
-          cache-dependency-glob: |
-            __tests__/fixtures/uv-project/uv.lock
-            **/pyproject.toml
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-dependency-glob
-          ignore-nothing-to-cache: true
-      - name: Cache was not hit
-        run: |
-          if [ "$CACHE_HIT" == "true" ]; then
-            exit 1
-          fi
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-
-  test-setup-cache-local:
-    runs-on: selfhosted-ubuntu-arm64
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-local
-          cache-local-path: /tmp/uv-cache
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-  test-restore-cache-local:
-    runs-on: selfhosted-ubuntu-arm64
-    needs: test-setup-cache-local
-    steps:
-      - uses: actions/checkout@v4
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}-test-setup-cache-local
-          cache-local-path: /tmp/uv-cache
-      - name: Cache was hit
-        run: |
-          if [ "$CACHE_HIT" != "true" ]; then
-            exit 1
-          fi
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-
-  test-tilde-expansion-cache-local-path:
-    runs-on: selfhosted-ubuntu-arm64
-    steps:
-      - uses: actions/checkout@v4
-      - name: Create cache directory
-        run: mkdir -p ~/uv-cache
-        shell: bash
-      - name: Setup with cache
-        uses: ./
-        with:
-          cache-local-path: ~/uv-cache/cache-local-path
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-
-  test-tilde-expansion-cache-dependency-glob:
-    runs-on: selfhosted-ubuntu-arm64
-    steps:
-      - uses: actions/checkout@v4
-      - name: Create cache directory
-        run: mkdir -p ~/uv-cache
-        shell: bash
-      - name: Create cache dependency glob file
-        run: touch ~/uv-cache.glob
-        shell: bash
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-local-path: ~/uv-cache/cache-dependency-glob
-          cache-dependency-glob: "~/uv-cache.glob"
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-
-  cleanup-tilde-expansion-tests:
-    needs:
-      - test-tilde-expansion-cache-local-path
-      - test-tilde-expansion-cache-dependency-glob
-    runs-on: selfhosted-ubuntu-arm64
-    steps:
-      - name: Remove cache directory
-        run: rm -rf ~/uv-cache
-        shell: bash
-      - name: Remove cache dependency glob file
-        run: rm -f ~/uv-cache.glob
-        shell: bash

.github/workflows/test-windows.yml

@@ -1,27 +0,0 @@
-name: "test-windows"
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  test-default-version:
-    runs-on: windows-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Should not be on path
-        run: |
-          if (!(Get-Command -Name "uv" -ErrorAction SilentlyContinue)) {
-            exit 0
-          } else {
-            exit 1
-          }
-      - name: Setup uv
-        uses: ./
-      - run: uv sync
-        working-directory: __tests__\fixtures\uv-project

.github/workflows/update-known-checksums.yml

@@ -1,32 +0,0 @@
-name: "Update known checksums"
-on:
-  workflow_dispatch:
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: "20"
-      - name: Update known checksums
-        id: update-known-checksums
-        run:
-          node dist/update-known-checksums/index.js
-          src/download/checksum/known-checksums.ts ${{ secrets.GITHUB_TOKEN }}
-      - run: npm install && npm run all
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
-        with:
-          commit-message: "chore: update known checksums"
-          title:
-            "chore: update known checksums for ${{
-            steps.update-known-checksums.outputs.latest-version }}"
-          body:
-            "chore: update known checksums for ${{
-            steps.update-known-checksums.outputs.latest-version }}"
-          base: main
-          labels: "automated-pr,update-known-checksums"
-          branch: update-known-checksums-pr
-          delete-branch: true

.github/workflows/update-known-versions.yml

@@ -0,0 +1,70 @@
+name: "Update known versions"
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 4 * * *" # Run every day at 4am UTC
+  repository_dispatch:
+    types: [ pypi_release ]
+
+permissions: {}
+
+jobs:
+  build:
+    runs-on: ubuntu-24.04-arm
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: true
+      - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
+        with:
+          node-version: "20"
+      - name: Update known versions
+        id: update-known-versions
+        run:
+          node dist/update-known-versions/index.js
+          src/download/checksum/known-checksums.ts
+          version-manifest.json
+          ${{ secrets.GITHUB_TOKEN }}
+      - name: Check for changes
+        id: changes-exist
+        run: |
+          git status --porcelain
+          if [ -n "$(git status --porcelain)" ]; then
+              echo "changes-exist=true" >> "$GITHUB_OUTPUT"
+          else
+              echo "changes-exist=false" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Compile changes
+        if: ${{ steps.changes-exist.outputs.changes-exist == 'true' }}
+        run: npm ci && npm run all
+      - name: Commit and push changes
+        if: ${{ steps.changes-exist.outputs.changes-exist == 'true' }}
+        id: commit-and-push
+        continue-on-error: true
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+          git add .
+          git commit -m "chore: update known versions for $LATEST_VERSION"
+          git push origin HEAD:refs/heads/main
+        env:
+          LATEST_VERSION: ${{ steps.update-known-versions.outputs.latest-version }}
+
+      - name: Create Pull Request
+        if: ${{ steps.changes-exist.outputs.changes-exist == 'true' && steps.commit-and-push.outcome != 'success' }}
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
+        with:
+          commit-message: "chore: update known checksums"
+          title:
+            "chore: update known checksums for ${{
+            steps.update-known-versions.outputs.latest-version }}"
+          body:
+            "chore: update known checksums for ${{
+            steps.update-known-versions.outputs.latest-version }}"
+          base: main
+          labels: "automated-pr,update-known-versions"
+          branch: update-known-versions-pr
+          delete-branch: true

.github/workflows/update-major-minor-tags.yml

@@ -1,7 +1,6 @@
 ---
 name: Update Major Minor Tags
 
-# yamllint disable-line rule:truthy
 on:
   push:
     branches-ignore:
@@ -9,11 +8,44 @@ on:
     tags:
       - "v*.*.*"
 
+permissions: {}
+
 jobs:
   update_major_minor_tags:
     name: Make sure major and minor tags are up to date on a patch release
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04-arm
+    permissions:
+      contents: write
     steps:
-      - uses: actions/checkout@v4
-      - name: Run Update semver
-        uses: haya14busa/action-update-semver@v1.2.1
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: true # needed for git push below
+      - name: Update Major Minor Tags
+        run: |
+          set -x
+
+          cd "${GITHUB_WORKSPACE}" || exit
+
+          # Set up variables.
+          TAG="${GITHUB_REF#refs/tags/}" # v1.2.3
+          MINOR="${TAG%.*}"              # v1.2
+          MAJOR="${MINOR%.*}"            # v1
+
+          if [ "${GITHUB_REF}" = "${TAG}" ]; then
+            echo "This workflow is not triggered by tag push: GITHUB_REF=${GITHUB_REF}"
+            exit 1
+          fi
+
+          MESSAGE="Release ${TAG}"
+
+          # Set up Git.
+          git config user.name "${GITHUB_ACTOR}"
+          git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
+
+          # Update MAJOR/MINOR tag
+          git tag -fa "${MAJOR}" -m "${MESSAGE}"
+          git tag -fa "${MINOR}" -m "${MESSAGE}"
+
+          # Push
+          git push --force origin "${MINOR}"
+          git push --force origin "${MAJOR}"

.vscode/extensions.json

@@ -0,0 +1,3 @@
+{
+  "recommendations": ["biomejs.biome"]
+}

.vscode/settings.json

@@ -0,0 +1,16 @@
+{
+  "editor.codeActionsOnSave": {
+    "source.action.useSortedAttributes.biome": "explicit",
+    "source.action.useSortedKeys.biome": "explicit",
+    "source.fixAll.biome": "explicit"
+  },
+  "editor.defaultFormatter": "biomejs.biome",
+  "editor.formatOnSave": true,
+  "explorer.excludeGitIgnore": false,
+  "search.defaultViewMode": "list",
+  "search.exclude": {
+    "**/node_modules": true
+  },
+  "typescript.enablePromptUseWorkspaceTsdk": true,
+  "typescript.tsdk": "node_modules/typescript/lib"
+}

README.md

@@ -11,70 +11,178 @@ Set up your GitHub Actions workflow with a specific version of [uv](https://docs
 ## Contents
 
 - [Usage](#usage)
-  - [Install the latest version (default)](#install-the-latest-version-default)
+  - [Install a required-version or latest (default)](#install-a-required-version-or-latest-default)
+  - [Install the latest version](#install-the-latest-version)
   - [Install a specific version](#install-a-specific-version)
-  - [Install a version by supplying a semver range](#install-a-version-by-supplying-a-semver-range)
+  - [Install a version by supplying a semver range or pep440 specifier](#install-a-version-by-supplying-a-semver-range-or-pep440-specifier)
+  - [Install a version defined in a requirements or config file](#install-a-version-defined-in-a-requirements-or-config-file)
+  - [Python version](#python-version)
+  - [Activate environment](#activate-environment)
+  - [Working directory](#working-directory)
   - [Validate checksum](#validate-checksum)
   - [Enable Caching](#enable-caching)
     - [Cache dependency glob](#cache-dependency-glob)
+    - [Restore cache](#restore-cache)
+    - [Save cache](#save-cache)
   - [Local cache path](#local-cache-path)
   - [Disable cache pruning](#disable-cache-pruning)
+  - [Cache Python installs](#cache-python-installs)
   - [Ignore nothing to cache](#ignore-nothing-to-cache)
   - [GitHub authentication token](#github-authentication-token)
   - [UV_TOOL_DIR](#uv_tool_dir)
   - [UV_TOOL_BIN_DIR](#uv_tool_bin_dir)
   - [Tilde Expansion](#tilde-expansion)
+  - [Manifest file](#manifest-file)
+  - [Add problem matchers](#add-problem-matchers)
 - [How it works](#how-it-works)
 - [FAQ](#faq)
 
 ## Usage
 
-### Install the latest version (default)
+### Install a required-version or latest (default)
 
 ```yaml
 - name: Install the latest version of uv
-  uses: astral-sh/setup-uv@v3
-  with:
-    version: "latest"
+  uses: astral-sh/setup-uv@v6
 ```
 
+If you do not specify a version, this action will look for a [required-version](https://docs.astral.sh/uv/reference/settings/#required-version)
+in a `uv.toml` or `pyproject.toml` file in the repository root. If none is found, the latest version will be installed.
+
 For an example workflow, see
 [here](https://github.com/charliermarsh/autobot/blob/e42c66659bf97b90ca9ff305a19cc99952d0d43f/.github/workflows/ci.yaml).
 
-> [!TIP]
->
-> Using `latest` requires to download the uv executable on every run, which incurs a cost
-> (especially on self-hosted runners). As a best practice, consider pinning the version to a
-> specific release.
+### Install the latest version
+
+```yaml
+- name: Install the latest version of uv
+  uses: astral-sh/setup-uv@v6
+  with:
+    version: "latest"
+```
 
 ### Install a specific version
 
 ```yaml
 - name: Install a specific version of uv
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     version: "0.4.4"
 ```
 
-### Install a version by supplying a semver range
+### Install a version by supplying a semver range or pep440 specifier
 
 You can specify a [semver range](https://github.com/npm/node-semver?tab=readme-ov-file#ranges)
+or [pep440 specifier](https://peps.python.org/pep-0440/#version-specifiers)
 to install the latest version that satisfies the range.
 
 ```yaml
 - name: Install a semver range of uv
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     version: ">=0.4.0"
 ```
 
 ```yaml
 - name: Pinning a minor version of uv
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     version: "0.4.x"
 ```
 
+```yaml
+- name: Install a pep440-specifier-satisfying version of uv
+  uses: astral-sh/setup-uv@v6
+  with:
+    version: ">=0.4.25,<0.5"
+```
+
+### Install a version defined in a requirements or config file
+
+You can use the `version-file` input to specify a file that contains the version of uv to install.
+This can either be a `pyproject.toml` or `uv.toml` file which defines a `required-version` or
+uv defined as a dependency in `pyproject.toml` or `requirements.txt`.
+
+[asdf](https://asdf-vm.com/) `.tool-versions` is also supported, but without the `ref` syntax.
+
+```yaml
+- name: Install uv based on the version defined in pyproject.toml
+  uses: astral-sh/setup-uv@v6
+  with:
+    version-file: "pyproject.toml"
+```
+
+### Python version
+
+You can use the input `python-version` to set the environment variable `UV_PYTHON` for the rest of your workflow
+
+This will override any python version specifications in `pyproject.toml` and `.python-version`
+
+```yaml
+- name: Install the latest version of uv and set the python version to 3.13t
+  uses: astral-sh/setup-uv@v6
+  with:
+    python-version: 3.13t
+- run: uv pip install --python=3.13t pip
+```
+
+You can combine this with a matrix to test multiple Python versions:
+
+```yaml
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.10", "3.11", "3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v5
+      - name: Install the latest version of uv and set the python version
+        uses: astral-sh/setup-uv@v6
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Test with python ${{ matrix.python-version }}
+        run: uv run --frozen pytest
+```
+
+### Activate environment
+
+You can set `activate-environment` to `true` to automatically activate a venv.
+This allows directly using it in later steps:
+
+```yaml
+- name: Install the latest version of uv and activate the environment
+  uses: astral-sh/setup-uv@v6
+  with:
+    activate-environment: true
+- run: uv pip install pip
+```
+
+> [!WARNING]
+>
+> Activating the environment adds your dependencies to the `PATH`, which could break some workflows.
+> For example, if you have a dependency which requires uv, e.g., `hatch`, activating the
+> environment will shadow the `uv` binary installed by this action and may result in a different uv
+> version being used.
+>
+> We do not recommend using this setting for most use-cases. Instead, use `uv run` to execute
+> commands in the environment.
+
+### Working directory
+
+You can set the working directory with the `working-directory` input.
+This controls where we look for `pyproject.toml`, `uv.toml` and `.python-version` files
+which are used to determine the version of uv and python to install.
+
+It also controls where [the venv gets created](#activate-environment).
+
+```yaml
+- name: Install uv based on the config files in the working-directory
+  uses: astral-sh/setup-uv@v6
+  with:
+    working-directory: my/subproject/dir
+```
+
 ### Validate checksum
 
 You can specify a checksum to validate the downloaded executable. Checksums up to the default version
@@ -83,7 +191,7 @@ are automatically verified by this action. The sha256 hashes can be found on the
 
 ```yaml
 - name: Install a specific version and validate the checksum
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     version: "0.3.1"
     checksum: "e11b01402ab645392c7ad6044db63d37e4fd1e745e015306993b07695ea5f9f8"
@@ -91,8 +199,13 @@ are automatically verified by this action. The sha256 hashes can be found on the
 
 ### Enable caching
 
+> [!NOTE]
+> The cache is pruned before it is uploaded to the GitHub Actions cache. This can lead to
+> a small or empty cache. See [Disable cache pruning](#disable-cache-pruning) for more details.
+
 If you enable caching, the [uv cache](https://docs.astral.sh/uv/concepts/cache/) will be uploaded to
 the GitHub Actions cache. This can speed up runs that reuse the cache by several minutes.
+Caching is enabled by default on GitHub-hosted runners.
 
 > [!TIP]
 >
@@ -104,7 +217,7 @@ You can optionally define a custom cache key suffix.
 ```yaml
 - name: Enable caching and define a custom cache key suffix
   id: setup-uv
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     enable-cache: true
     cache-suffix: "optional-suffix"
@@ -127,19 +240,31 @@ changes. If you use relative paths, they are relative to the repository root.
 
 > [!NOTE]
 >
-> The default is `**/uv.lock`.
+> You can look up supported patterns [here](https://github.com/actions/toolkit/tree/main/packages/glob#patterns)
+>
+> The default is
+> ```yaml
+> cache-dependency-glob: |
+>   **/*requirements*.txt
+>   **/*requirements*.in
+>   **/*constraints*.txt
+>   **/*constraints*.in
+>   **/pyproject.toml
+>   **/uv.lock
+>   **/*.py.lock
+> ```
 
 ```yaml
 - name: Define a cache dependency glob
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     enable-cache: true
-    cache-dependency-glob: "**/requirements*.txt"
+    cache-dependency-glob: "**/pyproject.toml"
 ```
 
 ```yaml
 - name: Define a list of cache dependency globs
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     enable-cache: true
     cache-dependency-glob: |
@@ -149,7 +274,7 @@ changes. If you use relative paths, they are relative to the repository root.
 
 ```yaml
 - name: Define an absolute cache dependency glob
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     enable-cache: true
     cache-dependency-glob: "/tmp/my-folder/requirements*.txt"
@@ -157,22 +282,56 @@ changes. If you use relative paths, they are relative to the repository root.
 
 ```yaml
 - name: Never invalidate the cache
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     enable-cache: true
     cache-dependency-glob: ""
 ```
 
+#### Restore cache
+
+Restoring an existing cache can be enabled or disabled with the `restore-cache` input.
+By default, the cache will be restored.
+
+```yaml
+- name: Don't restore an existing cache
+  uses: astral-sh/setup-uv@v6
+  with:
+    enable-cache: true
+    restore-cache: false
+```
+
+#### Save cache
+
+You can also disable saving the cache after the run with the `save-cache` input.
+This can be useful to save cache storage when you know you will not use the cache of the run again.
+By default, the cache will be saved.
+
+```yaml
+- name: Don't save the cache after the run
+  uses: astral-sh/setup-uv@v6
+  with:
+    enable-cache: true
+    save-cache: false
+```
+
 ### Local cache path
 
-This action controls where uv stores its cache on the runner's filesystem by setting `UV_CACHE_DIR`.
+If caching is enabled, this action controls where uv stores its cache on the runner's filesystem
+by setting `UV_CACHE_DIR`.
+
 It defaults to `setup-uv-cache` in the `TMP` dir, `D:\a\_temp\uv-tool-dir` on Windows and
 `/tmp/setup-uv-cache` on Linux/macOS. You can change the default by specifying the path with the
 `cache-local-path` input.
 
+> [!NOTE]
+> If the environment variable `UV_CACHE_DIR` is already set this action will not override it.
+> If you configured [cache-dir](https://docs.astral.sh/uv/reference/settings/#cache-dir) in your
+> config file then it is also respected and this action will not set `UV_CACHE_DIR`.
+
 ```yaml
 - name: Define a custom uv cache path
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     cache-local-path: "/path/to/cache"
 ```
@@ -191,25 +350,53 @@ input.
 
 ```yaml
 - name: Don't prune the cache before saving it
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     enable-cache: true
     prune-cache: false
 ```
 
+### Cache Python installs
+
+By default, the Python install dir (`uv python dir` / `UV_PYTHON_INSTALL_DIR`) is not cached,
+for the same reason that the dependency cache is pruned.
+If you want to cache Python installs along with your dependencies, set the `cache-python` input to `true`.
+
+```yaml
+- name: Cache Python installs
+  uses: astral-sh/setup-uv@v6
+  with:
+    enable-cache: true
+    cache-python: true
+```
+
 ### Ignore nothing to cache
 
-By default, the action will fail if there is nothing to cache (the uv cache directory does not exist).
+By default, the action will fail if caching is enabled but there is nothing to upload (the uv cache directory does not exist).
 If you want to ignore this, set the `ignore-nothing-to-cache` input to `true`.
 
 ```yaml
 - name: Ignore nothing to cache
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     enable-cache: true
     ignore-nothing-to-cache: true
 ```
 
+### Ignore empty workdir
+
+By default, the action will warn if the workdir is empty, because this is usually the case when
+`actions/checkout` is configured to run after `setup-uv`, which is not supported.
+
+If you want to ignore this, set the `ignore-empty-workdir` input to `true`.
+
+```yaml
+- name: Ignore empty workdir
+  uses: astral-sh/setup-uv@v6
+  with:
+    ignore-empty-workdir: true
+```
+
 ### GitHub authentication token
 
 This action uses the GitHub API to fetch the uv release artifacts. To avoid hitting the GitHub API
@@ -222,7 +409,7 @@ are not sufficient, you can provide a custom GitHub token with the necessary per
 
 ```yaml
 - name: Install the latest version of uv with a custom GitHub token
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     github-token: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
 ```
@@ -240,7 +427,7 @@ input:
 
 ```yaml
 - name: Install the latest version of uv with a custom tool dir
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     tool-dir: "/path/to/tool/dir"
 ```
@@ -259,7 +446,7 @@ If you want to change this behaviour (especially on self-hosted runners) you can
 
 ```yaml
 - name: Install the latest version of uv with a custom tool bin dir
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     tool-bin-dir: "/path/to/tool-bin/dir"
 ```
@@ -268,6 +455,7 @@ If you want to change this behaviour (especially on self-hosted runners) you can
 
 This action supports expanding the `~` character to the user's home directory for the following inputs:
 
+- `version-file`
 - `cache-local-path`
 - `tool-dir`
 - `tool-bin-dir`
@@ -275,7 +463,7 @@ This action supports expanding the `~` character to the user's home directory fo
 
 ```yaml
 - name: Expand the tilde character
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     cache-local-path: "~/path/to/cache"
     tool-dir: "~/path/to/tool/dir"
@@ -283,6 +471,59 @@ This action supports expanding the `~` character to the user's home directory fo
     cache-dependency-glob: "~/my-cache-buster"
 ```
 
+### Manifest file
+
+The `manifest-file` input allows you to specify a JSON manifest that lists available uv versions,
+architectures, and their download URLs. By default, this action uses the manifest file contained
+in this repository, which is automatically updated with each release of uv.
+
+The manifest file contains an array of objects, each describing a version,
+architecture, platform, and the corresponding download URL. For example:
+
+```json
+[
+  {
+    "version": "0.7.13",
+    "artifactName": "uv-aarch64-apple-darwin.tar.gz",
+    "arch": "aarch64",
+    "platform": "apple-darwin",
+    "downloadUrl": "https://github.com/astral-sh/uv/releases/download/0.7.13/uv-aarch64-apple-darwin.tar.gz"
+  },
+  ...
+]
+```
+
+You can supply a custom manifest file URL to define additional versions,
+architectures, or different download URLs.
+This is useful if you maintain your own uv builds or want to override the default sources.
+
+```yaml
+- name: Use a custom manifest file
+  uses: astral-sh/setup-uv@v6
+  with:
+    manifest-file: "https://example.com/my-custom-manifest.json"
+```
+
+> [!NOTE]
+> When you use a custom manifest file and do not set the `version` input, its default value is `latest`.
+> This means the action will install the latest version available in the custom manifest file.
+> This is different from the default behavior of installing the latest version from the official uv releases.
+
+### Add problem matchers
+
+This action automatically adds
+[problem matchers](https://github.com/actions/toolkit/blob/main/docs/problem-matchers.md)
+for python errors.
+
+You can disable this by setting the `add-problem-matchers` input to `false`.
+
+```yaml
+- name: Install the latest version of uv without problem matchers
+  uses: astral-sh/setup-uv@v6
+  with:
+    add-problem-matchers: false
+```
+
 ## How it works
 
 This action downloads uv from the uv repo's official
@@ -290,28 +531,29 @@ This action downloads uv from the uv repo's official
 [GitHub Actions Toolkit](https://github.com/actions/toolkit) to cache it as a tool to speed up
 consecutive runs on self-hosted runners.
 
-The installed version of uv is then added to the runner PATH, enabling subsequent steps to invoke it
+The installed version of uv is then added to the runner PATH, enabling later steps to invoke it
 by name (`uv`).
 
 ## FAQ
 
 ### Do I still need `actions/setup-python` alongside `setup-uv`?
 
-No. This action is modelled as a drop-in replacement for `actions/setup-python` when using uv. With
-`setup-uv`, you can install a specific version of Python using `uv python install` rather than
+With `setup-uv`, you can install a specific version of Python using `uv python install` rather than
 relying on `actions/setup-python`.
 
+Using `actions/setup-python` can be faster, because GitHub caches the Python versions alongside the runner.
+
 For example:
 
 ```yaml
 - name: Checkout the repository
   uses: actions/checkout@main
 - name: Install the latest version of uv
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     enable-cache: true
 - name: Test
-  run: uv run --frozen pytest
+  run: uv run --frozen pytest  # Uses the Python version automatically installed by uv
 ```
 
 To install a specific version of Python, use
@@ -319,7 +561,7 @@ To install a specific version of Python, use
 
 ```yaml
 - name: Install the latest version of uv
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
   with:
     enable-cache: true
 - name: Install Python 3.12
@@ -338,11 +580,74 @@ output:
   uses: actions/checkout@main
 - name: Install the default version of uv
   id: setup-uv
-  uses: astral-sh/setup-uv@v3
+  uses: astral-sh/setup-uv@v6
 - name: Print the installed version
   run: echo "Installed uv version is ${{ steps.setup-uv.outputs.uv-version }}"
 ```
 
+### Should I include the resolution strategy in the cache key?
+
+**Yes!**
+
+The cache key gets computed by using the [cache-dependency-glob](#cache-dependency-glob).
+
+If you
+have jobs which use the same dependency definitions from `requirements.txt` or
+`pyproject.toml` but different
+[resolution strategies](https://docs.astral.sh/uv/concepts/resolution/#resolution-strategy),
+each job will have different dependencies or dependency versions.
+But if you do not add the resolution strategy as a [cache-suffix](#enable-caching),
+they will have the same cache key.
+
+This means the first job which starts uploading its cache will win and all other job will fail
+uploading the cache,
+because they try to upload with the same cache key.
+
+You might see errors like
+`Failed to save: Failed to CreateCacheEntry: Received non-retryable error: Failed request: (409) Conflict: cache entry with the same key, version, and scope already exists`
+
+### Why do I see warnings like `No GitHub Actions cache found for key`
+
+When a workflow runs for the first time on a branch and has a new cache key, because the
+[cache-dependency-glob](#cache-dependency-glob) found changed files (changed dependencies),
+the cache will not be found and the warning `No GitHub Actions cache found for key` will be printed.
+
+While this might be irritating at first, it is expected behaviour and the cache will be created
+and reused in later workflows.
+
+The reason for the warning is, that we have to way to know if this is the first run of a new
+cache key or the user accidentally misconfigured the [cache-dependency-glob](#cache-dependency-glob)
+or [cache-suffix](#enable-caching) and the cache never gets used.
+
+### Do I have to run `actions/checkout` before or after `setup-uv`?
+
+Some workflows need uv but do not need to access the repository content.
+
+But **if** you need to access the repository content, you have run `actions/checkout` before running `setup-uv`.
+Running `actions/checkout` after `setup-uv` **is not supported**.
+
+### Does `setup-uv` also install my project or its dependencies automatically?
+
+No, `setup-uv` alone wont install any libraries from your `pyproject.toml` or `requirements.txt`, it only sets up `uv`.
+You should run `uv sync` or `uv pip install .` separately, or use `uv run ...` to ensure necessary dependencies are installed.
+
+### Why is a changed cache not detected and not the full cache uploaded?
+
+When `setup-uv` starts it has to know whether it is better to download an existing cache
+or start fresh and download every dependency again.
+It does this by using a combination of hashes calculated on the contents of e.g. `uv.lock`.
+
+By calculating these hashes and combining them in a key `setup-uv` can check
+if an uploaded cache exists for this key.
+If yes (e.g. contents of `uv.lock` did not change since last run) the dependencies in the cache
+are up to date and the cache will be downloaded and used.
+
+Details on determining which files will lead to different caches can be read under
+[cache-dependency-glob](#cache-dependency-glob)
+
+Some dependencies will never be uploaded to the cache and will be downloaded again on each run
+as described in [disable-cache-pruning](#disable-cache-pruning)
+
 ## Acknowledgements
 
 `setup-uv` was initially written and published by [Kevin Stillhammer](https://github.com/eifinger)

__tests__/download/checksum/checksum.test.ts

@@ -1,4 +1,4 @@
-import { expect, test, it } from "@jest/globals";
+import { expect, it, test } from "@jest/globals";
 import {
   isknownVersion,
   validateChecksum,
@@ -22,12 +22,12 @@ type KnownVersionFixture = { version: string; known: boolean };
 
 it.each<KnownVersionFixture>([
   {
-    version: "0.3.0",
     known: true,
+    version: "0.3.0",
   },
   {
-    version: "0.0.15",
     known: false,
+    version: "0.0.15",
   },
 ])(
   "isknownVersion should return $known for version $version",

__tests__/download/custom-manifest.json

@@ -0,0 +1,9 @@
+[
+  {
+    "arch": "x86_64",
+    "artifactName": "uv-x86_64-unknown-linux-gnu.tar.gz",
+    "downloadUrl": "https://release.pyx.dev/0.7.12-alpha.1/uv-x86_64-unknown-linux-gnu.tar.gz",
+    "platform": "unknown-linux-gnu",
+    "version": "0.7.12-alpha.1"
+  }
+]

__tests__/fixtures/.tool-versions

@@ -0,0 +1 @@
+uv 0.5.15

__tests__/fixtures/cache-dir-defined-project/pyproject.toml

@@ -0,0 +1,16 @@
+[project]
+name = "uv-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "ruff>=0.6.2",
+]
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[tool.uv]
+cache-dir = "/tmp/pyproject-toml-defined-cache-path"

__tests__/fixtures/cache-dir-defined-project/src/uv_project/__init__.py

@@ -0,0 +1,2 @@
+def hello() -> str:
+    return "Hello from uv-project!"

__tests__/fixtures/cache-dir-defined-project/uv.lock

@@ -0,0 +1,38 @@
+version = 1
+requires-python = ">=3.12"
+
+[[package]]
+name = "ruff"
+version = "0.6.2"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/23/f4/279d044f66b79261fd37df76bf72b64471afab5d3b7906a01499c4451910/ruff-0.6.2.tar.gz", hash = "sha256:239ee6beb9e91feb8e0ec384204a763f36cb53fb895a1a364618c6abb076b3be", size = 2460281 }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/72/4b/47dd7a69287afb4069fa42c198e899463605460a58120196711bfcf0446b/ruff-0.6.2-py3-none-linux_armv6l.whl", hash = "sha256:5c8cbc6252deb3ea840ad6a20b0f8583caab0c5ef4f9cca21adc5a92b8f79f3c", size = 9695871 },
+    { url = "https://files.pythonhosted.org/packages/ae/c3/8aac62ac4638c14a740ee76a755a925f2d0d04580ab790a9887accb729f6/ruff-0.6.2-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:17002fe241e76544448a8e1e6118abecbe8cd10cf68fde635dad480dba594570", size = 9459354 },
+    { url = "https://files.pythonhosted.org/packages/2f/cf/77fbd8d4617b9b9c503f9bffb8552c4e3ea1a58dc36975e7a9104ffb0f85/ruff-0.6.2-py3-none-macosx_11_0_arm64.whl", hash = "sha256:3dbeac76ed13456f8158b8f4fe087bf87882e645c8e8b606dd17b0b66c2c1158", size = 9163871 },
+    { url = "https://files.pythonhosted.org/packages/05/1c/765192bab32b79efbb498b06f0b9dcb3629112b53b8777ae1d19b8209e09/ruff-0.6.2-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:094600ee88cda325988d3f54e3588c46de5c18dae09d683ace278b11f9d4d534", size = 10096250 },
+    { url = "https://files.pythonhosted.org/packages/08/d0/86f3cb0f6934c99f759c232984a5204d67a26745cad2d9edff6248adf7d2/ruff-0.6.2-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:316d418fe258c036ba05fbf7dfc1f7d3d4096db63431546163b472285668132b", size = 9475376 },
+    { url = "https://files.pythonhosted.org/packages/cd/cc/4c8d0e225b559a3fae6092ec310d7150d3b02b4669e9223f783ef64d82c0/ruff-0.6.2-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d72b8b3abf8a2d51b7b9944a41307d2f442558ccb3859bbd87e6ae9be1694a5d", size = 10295634 },
+    { url = "https://files.pythonhosted.org/packages/db/96/d2699cfb1bb5a01c68122af43454c76c31331e1c8a9bd97d653d7c82524b/ruff-0.6.2-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:2aed7e243be68487aa8982e91c6e260982d00da3f38955873aecd5a9204b1d66", size = 11024941 },
+    { url = "https://files.pythonhosted.org/packages/8b/a9/6ecd66af8929e0f2a1ed308a4137f3521789f28f0eb97d32c2ca3aa7000c/ruff-0.6.2-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:d371f7fc9cec83497fe7cf5eaf5b76e22a8efce463de5f775a1826197feb9df8", size = 10606894 },
+    { url = "https://files.pythonhosted.org/packages/e4/73/2ee4cd19f44992fedac1cc6db9e3d825966072f6dcbd4032f21cbd063170/ruff-0.6.2-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a8f310d63af08f583363dfb844ba8f9417b558199c58a5999215082036d795a1", size = 11552886 },
+    { url = "https://files.pythonhosted.org/packages/60/4c/c0f1cd35ce4a93c54a6bb1ee6934a3a205fa02198dd076678193853ceea1/ruff-0.6.2-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7db6880c53c56addb8638fe444818183385ec85eeada1d48fc5abe045301b2f1", size = 10264945 },
+    { url = "https://files.pythonhosted.org/packages/c4/89/e45c9359b9cdd4245512ea2b9f2bb128a997feaa5f726fc9e8c7a66afadf/ruff-0.6.2-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:1175d39faadd9a50718f478d23bfc1d4da5743f1ab56af81a2b6caf0a2394f23", size = 10100007 },
+    { url = "https://files.pythonhosted.org/packages/06/74/0bd4e0a7ed5f6908df87892f9bf60a2356c0fd74102d8097298bd9b4f346/ruff-0.6.2-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:5b939f9c86d51635fe486585389f54582f0d65b8238e08c327c1534844b3bb9a", size = 9559267 },
+    { url = "https://files.pythonhosted.org/packages/54/03/3dc6dc9419f276f05805bf888c279e3e0b631284abd548d9e87cebb93aec/ruff-0.6.2-py3-none-musllinux_1_2_i686.whl", hash = "sha256:d0d62ca91219f906caf9b187dea50d17353f15ec9bb15aae4a606cd697b49b4c", size = 9905304 },
+    { url = "https://files.pythonhosted.org/packages/5c/5b/d6a72a6a6bbf097c09de468326ef5fa1c9e7aa5e6e45979bc0d984b0dbe7/ruff-0.6.2-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:7438a7288f9d67ed3c8ce4d059e67f7ed65e9fe3aa2ab6f5b4b3610e57e3cb56", size = 10341480 },
+    { url = "https://files.pythonhosted.org/packages/79/a9/0f2f21fe15ba537c46598f96aa9ae4a3d4b9ec64926664617ca6a8c772f4/ruff-0.6.2-py3-none-win32.whl", hash = "sha256:279d5f7d86696df5f9549b56b9b6a7f6c72961b619022b5b7999b15db392a4da", size = 7961901 },
+    { url = "https://files.pythonhosted.org/packages/b0/80/fff12ffe11853d9f4ea3e5221e6dd2e93640a161c05c9579833e09ad40a7/ruff-0.6.2-py3-none-win_amd64.whl", hash = "sha256:d9f3469c7dd43cd22eb1c3fc16926fb8258d50cb1b216658a07be95dd117b0f2", size = 8783320 },
+    { url = "https://files.pythonhosted.org/packages/56/91/577cdd64cce5e74d3f8b5ecb93f29566def569c741eb008aed4f331ef821/ruff-0.6.2-py3-none-win_arm64.whl", hash = "sha256:f28fcd2cd0e02bdf739297516d5643a945cc7caf09bd9bcb4d932540a5ea4fa9", size = 8225886 },
+]
+
+[[package]]
+name = "uv-project"
+version = "0.1.0"
+source = { editable = "." }
+dependencies = [
+    { name = "ruff" },
+]
+
+[package.metadata]
+requires-dist = [{ name = "ruff" }]

__tests__/fixtures/malformed-pyproject-toml-project/.python-version

@@ -0,0 +1 @@
+3.11

__tests__/fixtures/malformed-pyproject-toml-project/hello.py

@@ -0,0 +1,6 @@
+def main():
+    print("Hello from malformed-pyproject-toml-project!")
+
+
+if __name__ == "__main__":
+    main()

__tests__/fixtures/malformed-pyproject-toml-project/pyproject.toml

@@ -0,0 +1,9 @@
+[project]
+name = "malformed-pyproject-toml-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.11"
+dependencies = []
+
+[malformed-toml

__tests__/fixtures/old-python-constraint-project/pyproject.toml

@@ -0,0 +1,13 @@
+[project]
+name = "old-python-constraint-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.8,<=3.9"
+dependencies = [
+    "ruff>=0.6.2",
+]
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"

__tests__/fixtures/old-python-constraint-project/src/old_python_constraint_project/__init__.py

@@ -0,0 +1,2 @@
+def hello() -> str:
+    return "Hello from uv-project!"

__tests__/fixtures/old-python-constraint-project/uv.lock

@@ -0,0 +1,38 @@
+version = 1
+requires-python = ">=3.12"
+
+[[package]]
+name = "ruff"
+version = "0.6.2"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/23/f4/279d044f66b79261fd37df76bf72b64471afab5d3b7906a01499c4451910/ruff-0.6.2.tar.gz", hash = "sha256:239ee6beb9e91feb8e0ec384204a763f36cb53fb895a1a364618c6abb076b3be", size = 2460281 }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/72/4b/47dd7a69287afb4069fa42c198e899463605460a58120196711bfcf0446b/ruff-0.6.2-py3-none-linux_armv6l.whl", hash = "sha256:5c8cbc6252deb3ea840ad6a20b0f8583caab0c5ef4f9cca21adc5a92b8f79f3c", size = 9695871 },
+    { url = "https://files.pythonhosted.org/packages/ae/c3/8aac62ac4638c14a740ee76a755a925f2d0d04580ab790a9887accb729f6/ruff-0.6.2-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:17002fe241e76544448a8e1e6118abecbe8cd10cf68fde635dad480dba594570", size = 9459354 },
+    { url = "https://files.pythonhosted.org/packages/2f/cf/77fbd8d4617b9b9c503f9bffb8552c4e3ea1a58dc36975e7a9104ffb0f85/ruff-0.6.2-py3-none-macosx_11_0_arm64.whl", hash = "sha256:3dbeac76ed13456f8158b8f4fe087bf87882e645c8e8b606dd17b0b66c2c1158", size = 9163871 },
+    { url = "https://files.pythonhosted.org/packages/05/1c/765192bab32b79efbb498b06f0b9dcb3629112b53b8777ae1d19b8209e09/ruff-0.6.2-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:094600ee88cda325988d3f54e3588c46de5c18dae09d683ace278b11f9d4d534", size = 10096250 },
+    { url = "https://files.pythonhosted.org/packages/08/d0/86f3cb0f6934c99f759c232984a5204d67a26745cad2d9edff6248adf7d2/ruff-0.6.2-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:316d418fe258c036ba05fbf7dfc1f7d3d4096db63431546163b472285668132b", size = 9475376 },
+    { url = "https://files.pythonhosted.org/packages/cd/cc/4c8d0e225b559a3fae6092ec310d7150d3b02b4669e9223f783ef64d82c0/ruff-0.6.2-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d72b8b3abf8a2d51b7b9944a41307d2f442558ccb3859bbd87e6ae9be1694a5d", size = 10295634 },
+    { url = "https://files.pythonhosted.org/packages/db/96/d2699cfb1bb5a01c68122af43454c76c31331e1c8a9bd97d653d7c82524b/ruff-0.6.2-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:2aed7e243be68487aa8982e91c6e260982d00da3f38955873aecd5a9204b1d66", size = 11024941 },
+    { url = "https://files.pythonhosted.org/packages/8b/a9/6ecd66af8929e0f2a1ed308a4137f3521789f28f0eb97d32c2ca3aa7000c/ruff-0.6.2-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:d371f7fc9cec83497fe7cf5eaf5b76e22a8efce463de5f775a1826197feb9df8", size = 10606894 },
+    { url = "https://files.pythonhosted.org/packages/e4/73/2ee4cd19f44992fedac1cc6db9e3d825966072f6dcbd4032f21cbd063170/ruff-0.6.2-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a8f310d63af08f583363dfb844ba8f9417b558199c58a5999215082036d795a1", size = 11552886 },
+    { url = "https://files.pythonhosted.org/packages/60/4c/c0f1cd35ce4a93c54a6bb1ee6934a3a205fa02198dd076678193853ceea1/ruff-0.6.2-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7db6880c53c56addb8638fe444818183385ec85eeada1d48fc5abe045301b2f1", size = 10264945 },
+    { url = "https://files.pythonhosted.org/packages/c4/89/e45c9359b9cdd4245512ea2b9f2bb128a997feaa5f726fc9e8c7a66afadf/ruff-0.6.2-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:1175d39faadd9a50718f478d23bfc1d4da5743f1ab56af81a2b6caf0a2394f23", size = 10100007 },
+    { url = "https://files.pythonhosted.org/packages/06/74/0bd4e0a7ed5f6908df87892f9bf60a2356c0fd74102d8097298bd9b4f346/ruff-0.6.2-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:5b939f9c86d51635fe486585389f54582f0d65b8238e08c327c1534844b3bb9a", size = 9559267 },
+    { url = "https://files.pythonhosted.org/packages/54/03/3dc6dc9419f276f05805bf888c279e3e0b631284abd548d9e87cebb93aec/ruff-0.6.2-py3-none-musllinux_1_2_i686.whl", hash = "sha256:d0d62ca91219f906caf9b187dea50d17353f15ec9bb15aae4a606cd697b49b4c", size = 9905304 },
+    { url = "https://files.pythonhosted.org/packages/5c/5b/d6a72a6a6bbf097c09de468326ef5fa1c9e7aa5e6e45979bc0d984b0dbe7/ruff-0.6.2-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:7438a7288f9d67ed3c8ce4d059e67f7ed65e9fe3aa2ab6f5b4b3610e57e3cb56", size = 10341480 },
+    { url = "https://files.pythonhosted.org/packages/79/a9/0f2f21fe15ba537c46598f96aa9ae4a3d4b9ec64926664617ca6a8c772f4/ruff-0.6.2-py3-none-win32.whl", hash = "sha256:279d5f7d86696df5f9549b56b9b6a7f6c72961b619022b5b7999b15db392a4da", size = 7961901 },
+    { url = "https://files.pythonhosted.org/packages/b0/80/fff12ffe11853d9f4ea3e5221e6dd2e93640a161c05c9579833e09ad40a7/ruff-0.6.2-py3-none-win_amd64.whl", hash = "sha256:d9f3469c7dd43cd22eb1c3fc16926fb8258d50cb1b216658a07be95dd117b0f2", size = 8783320 },
+    { url = "https://files.pythonhosted.org/packages/56/91/577cdd64cce5e74d3f8b5ecb93f29566def569c741eb008aed4f331ef821/ruff-0.6.2-py3-none-win_arm64.whl", hash = "sha256:f28fcd2cd0e02bdf739297516d5643a945cc7caf09bd9bcb4d932540a5ea4fa9", size = 8225886 },
+]
+
+[[package]]
+name = "uv-project"
+version = "0.1.0"
+source = { editable = "." }
+dependencies = [
+    { name = "ruff" },
+]
+
+[package.metadata]
+requires-dist = [{ name = "ruff" }]

__tests__/fixtures/pyproject-toml-project/.python-version

@@ -0,0 +1 @@
+3.11

__tests__/fixtures/pyproject-toml-project/hello.py

@@ -0,0 +1,6 @@
+def main():
+    print("Hello from pyproject-toml-project!")
+
+
+if __name__ == "__main__":
+    main()

__tests__/fixtures/pyproject-toml-project/pyproject.toml

@@ -0,0 +1,19 @@
+[project]
+name = "pyproject-toml-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.11"
+dependencies = []
+
+[dependency-groups]
+dev = [
+  "reuse==5.0.2",
+  {include-group = "lint"},
+]
+lint = [
+  "flake8==4.0.1",
+]
+
+[tool.uv]
+required-version = "==0.5.14"

__tests__/fixtures/requirements-txt-project/hello_world.py

@@ -0,0 +1 @@
+print("Hello world")

__tests__/fixtures/requirements-txt-project/requirements.txt

@@ -0,0 +1 @@
+ruff>=0.6.2

__tests__/fixtures/uv-in-requirements-hash-txt-project/hello_world.py

@@ -0,0 +1 @@
+print("Hello world")

__tests__/fixtures/uv-in-requirements-hash-txt-project/requirements.txt

@@ -0,0 +1,33 @@
+# This file was autogenerated by uv via the following command:
+#    uv pip compile --generate-hashes - -o ex-requirements.txt
+click==8.2.1 \
+    --hash=sha256:27c491cc05d968d271d5a1db13e3b5a184636d9d930f148c50b038f0d0646202 \
+    --hash=sha256:61a3265b914e850b85317d0b3109c7f8cd35a670f963866005d6ef1d5175a12b
+    # via uvicorn
+h11==0.16.0 \
+    --hash=sha256:4e35b956cf45792e4caa5885e69fba00bdbc6ffafbfa020300e549b208ee5ff1 \
+    --hash=sha256:63cf8bbe7522de3bf65932fda1d9c2772064ffb3dae62d55932da54b31cb6c86
+    # via uvicorn
+uv==0.8.3 \
+    --hash=sha256:1121ad1c9389b865d029385031d3fd7d90d343c92a2149a4d4aa20bf469cb27f \
+    --hash=sha256:17bcdb0615e37cc5f985f7d7546f755ac6343c1dc8bbe876c892437f14f8f904 \
+    --hash=sha256:2ccaae4c749126c99f6404d67a0ae1eae29cbafb05603d09094a775061fdf4e5 \
+    --hash=sha256:2e311c029bff2ca07c6ddf877ccc5935cabb78e09b94b53a849542665b6a6fa1 \
+    --hash=sha256:391c97577048a40fd8c85b370055df6420f26e81df7fa906f0e0ce1aa2af3527 \
+    --hash=sha256:3f904f574dc2d7aa1d96ddf2483480ecd121dc9d060108cadd8bff100b754b64 \
+    --hash=sha256:526f2c3bd6f311ce31f6f7b6b7d818b191f41e76bed3aaab671b716220c02d8f \
+    --hash=sha256:5313ee776ad65731ffa8ac585246f987d3a2bf72e6153c12add1fff22ad6e500 \
+    --hash=sha256:5843cc43bafad05cc710d8e31bd347ee37202462a63d32c30746e9df48cfbda2 \
+    --hash=sha256:76de331a07e5ae9b6490e70a9439a072b91b3167a5684510af10c2752c4ece9a \
+    --hash=sha256:8486f7576d15cc73509f93f47b3190f44701ea36839906369301b58c8604d5db \
+    --hash=sha256:8b16f1bddfdf8f7470924ab34a7b55e4c372d5340c7c1e47e7fc84a743dc541f \
+    --hash=sha256:966ec7d7f57521fef0fee685d71e183c9cafb358ddcfe27519dfeaf40550f247 \
+    --hash=sha256:989898caeb6e972979543b57547d1c28ab8af81ff8fc15921fd354c17d432749 \
+    --hash=sha256:9ce7981f4fbeecf93dc5cf0a5a7915e84956fd99ad3ac977c048fe0cfdb1a17e \
+    --hash=sha256:ad13453ab0a1dfa64a221aac8f52199efdcaa52c97134fffd7bcebed794a6f4b \
+    --hash=sha256:ae7efe91dcfc24126fa91e0fb69a1daf6c0e494a781ba192bb0cc62d7ab623ee \
+    --hash=sha256:daa6e0d657a94f20e962d4a03d833ef7af5c8e51b7c8a2d92ba6cf64a4c07ac1 \
+    --hash=sha256:f1eb7c896fc0d80ed534748aaf46697b6ebc8ce401f1c51666ce0b9923c3db9a
+uvicorn==0.35.0 \
+    --hash=sha256:197535216b25ff9b785e29a0b79199f55222193d47f820816e7da751e9bc8d4a \
+    --hash=sha256:bc662f087f7cf2ce11a1d7fd70b90c9f98ef2e2831556dd078d131b96cc94a01

__tests__/fixtures/uv-in-requirements-txt-project/hello_world.py

@@ -0,0 +1 @@
+print("Hello world")

__tests__/fixtures/uv-in-requirements-txt-project/requirements.txt

@@ -0,0 +1,2 @@
+uvicorn==0.35.0
+uv==0.6.17

__tests__/fixtures/uv-toml-project/.python-version

@@ -0,0 +1 @@
+3.11

__tests__/fixtures/uv-toml-project/hello.py

@@ -0,0 +1,6 @@
+def main():
+    print("Hello from uv-toml-project!")
+
+
+if __name__ == "__main__":
+    main()

__tests__/fixtures/uv-toml-project/pyproject.toml

@@ -0,0 +1,10 @@
+[project]
+name = "uv-toml-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.11"
+dependencies = []
+
+[tool.uv]
+required-version = "==0.5.14"

__tests__/fixtures/uv-toml-project/uv.toml

@@ -0,0 +1 @@
+required-version = "==0.5.15"

__tests__/utils/inputs.test.ts

@@ -0,0 +1,86 @@
+jest.mock("@actions/core", () => {
+  return {
+    debug: jest.fn(),
+    getBooleanInput: jest.fn(
+      (name: string) => (mockInputs[name] ?? "") === "true",
+    ),
+    getInput: jest.fn((name: string) => mockInputs[name] ?? ""),
+  };
+});
+
+import {
+  afterEach,
+  beforeEach,
+  describe,
+  expect,
+  it,
+  jest,
+} from "@jest/globals";
+
+// Will be mutated per test before (re-)importing the module under test
+let mockInputs: Record<string, string> = {};
+const ORIGINAL_HOME = process.env.HOME;
+
+describe("cacheDependencyGlob", () => {
+  beforeEach(() => {
+    jest.resetModules();
+    mockInputs = {};
+    process.env.HOME = "/home/testuser";
+  });
+
+  afterEach(() => {
+    process.env.HOME = ORIGINAL_HOME;
+  });
+
+  it("returns empty string when input not provided", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe("");
+  });
+
+  it("resolves a single relative path", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    mockInputs["cache-dependency-glob"] = "requirements.txt";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe("/workspace/requirements.txt");
+  });
+
+  it("strips leading ./ from relative path", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    mockInputs["cache-dependency-glob"] = "./uv.lock";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe("/workspace/uv.lock");
+  });
+
+  it("handles multiple lines, trimming whitespace, tilde expansion and absolute paths", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    mockInputs["cache-dependency-glob"] =
+      "  ~/.cache/file1\n ./rel/file2  \nfile3.txt";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe(
+      [
+        "/home/testuser/.cache/file1", // expanded tilde, absolute path unchanged
+        "/workspace/rel/file2", // ./ stripped and resolved
+        "/workspace/file3.txt", // relative path resolved
+      ].join("\n"),
+    );
+  });
+
+  it("keeps absolute path unchanged in multiline input", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    mockInputs["cache-dependency-glob"] = "/abs/path.lock\nrelative.lock";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe(
+      ["/abs/path.lock", "/workspace/relative.lock"].join("\n"),
+    );
+  });
+
+  it("handles exclusions in relative paths correct", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    mockInputs["cache-dependency-glob"] = "!/abs/path.lock\n!relative.lock";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe(
+      ["!/abs/path.lock", "!/workspace/relative.lock"].join("\n"),
+    );
+  });
+});

__tests__/version/requirements-file.test.ts

@@ -0,0 +1,9 @@
+import { expect, test } from "@jest/globals";
+import { getUvVersionFromFile } from "../../src/version/resolve";
+
+test("ignores dependencies starting with uv", async () => {
+  const parsedVersion = getUvVersionFromFile(
+    "__tests__/fixtures/uv-in-requirements-txt-project/requirements.txt",
+  );
+  expect(parsedVersion).toBe("0.6.17");
+});

__tests__/version/requirements-hashes-file.test.ts

@@ -0,0 +1,9 @@
+import { expect, test } from "@jest/globals";
+import { getUvVersionFromFile } from "../../src/version/resolve";
+
+test("ignores dependencies starting with uv", async () => {
+  const parsedVersion = getUvVersionFromFile(
+    "__tests__/fixtures/uv-in-requirements-hash-txt-project/requirements.txt",
+  );
+  expect(parsedVersion).toBe("0.8.3");
+});

__tests__/version/tool-versions-file.test.ts

@@ -0,0 +1,115 @@
+jest.mock("node:fs");
+jest.mock("@actions/core", () => ({
+  warning: jest.fn(),
+}));
+
+import fs from "node:fs";
+import * as core from "@actions/core";
+import { beforeEach, describe, expect, it, jest } from "@jest/globals";
+import { getUvVersionFromToolVersions } from "../../src/version/tool-versions-file";
+
+const mockedFs = fs as jest.Mocked<typeof fs>;
+const mockedCore = core as jest.Mocked<typeof core>;
+
+describe("getUvVersionFromToolVersions", () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+  });
+
+  it("should return undefined for non-.tool-versions files", () => {
+    const result = getUvVersionFromToolVersions("package.json");
+    expect(result).toBeUndefined();
+    expect(mockedFs.readFileSync).not.toHaveBeenCalled();
+  });
+
+  it("should return version for valid uv entry", () => {
+    const fileContent = "python 3.11.0\nuv 0.1.0\nnodejs 18.0.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBe("0.1.0");
+    expect(mockedFs.readFileSync).toHaveBeenCalledWith(
+      ".tool-versions",
+      "utf8",
+    );
+  });
+
+  it("should return version for uv entry with v prefix", () => {
+    const fileContent = "uv v0.2.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBe("0.2.0");
+  });
+
+  it("should handle whitespace around uv entry", () => {
+    const fileContent = "  uv   0.3.0  ";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBe("0.3.0");
+  });
+
+  it("should skip commented lines", () => {
+    const fileContent = "# uv 0.1.0\npython 3.11.0\nuv 0.2.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBe("0.2.0");
+  });
+
+  it("should return first matching uv version", () => {
+    const fileContent = "uv 0.1.0\npython 3.11.0\nuv 0.2.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBe("0.1.0");
+  });
+
+  it("should return undefined when no uv entry found", () => {
+    const fileContent = "python 3.11.0\nnodejs 18.0.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBeUndefined();
+  });
+
+  it("should return undefined for empty file", () => {
+    mockedFs.readFileSync.mockReturnValue("");
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBeUndefined();
+  });
+
+  it("should warn and return undefined for ref syntax", () => {
+    const fileContent = "uv ref:main";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBeUndefined();
+    expect(mockedCore.warning).toHaveBeenCalledWith(
+      "The ref syntax of .tool-versions is not supported. Please use a released version instead.",
+    );
+  });
+
+  it("should handle file path with .tool-versions extension", () => {
+    const fileContent = "uv 0.1.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions("path/to/.tool-versions");
+
+    expect(result).toBe("0.1.0");
+    expect(mockedFs.readFileSync).toHaveBeenCalledWith(
+      "path/to/.tool-versions",
+      "utf8",
+    );
+  });
+});

action.yml

@@ -4,25 +4,49 @@ description:
 author: "astral-sh"
 inputs:
   version:
-    description: "The version of uv to install"
-    default: "latest"
+    description: "The version of uv to install e.g., `0.5.0` Defaults to the version in pyproject.toml or 'latest'."
+    default: ""
+  version-file:
+    description: "Path to a file containing the version of uv to install. Defaults to searching for uv.toml and if not found pyproject.toml."
+    default: ""
+  python-version:
+    description: "The version of Python to set UV_PYTHON to"
+    required: false
+  activate-environment:
+    description: "Use uv venv to activate a venv ready to be used by later steps. "
+    default: "false"
+  working-directory:
+    description: "The directory to execute all commands in and look for files such as pyproject.toml"
+    default: ${{ github.workspace }}
   checksum:
     description: "The checksum of the uv version to install"
     required: false
   github-token:
     description:
-      "Used to increase the rate limit when retrieving versions and downloading
-      uv."
+      "Used to increase the rate limit when retrieving versions and downloading uv."
     required: false
     default: ${{ github.token }}
   enable-cache:
-    description: "Enable caching of the uv cache"
-    default: "false"
+    description: "Enable uploading of the uv cache"
+    default: "auto"
   cache-dependency-glob:
     description:
       "Glob pattern to match files relative to the repository root to control
       the cache."
-    default: "**/uv.lock"
+    default: |
+      **/*requirements*.txt
+      **/*requirements*.in
+      **/*constraints*.txt
+      **/*constraints*.in
+      **/pyproject.toml
+      **/uv.lock
+      **/*.py.lock
+  restore-cache:
+    description: "Whether to restore the cache if found."
+    default: "true"
+  save-cache:
+    description: "Whether to save the cache after the run."
+    default: "true"
   cache-suffix:
     description: "Suffix for the cache key"
     required: false
@@ -32,22 +56,40 @@ inputs:
   prune-cache:
     description: "Prune cache before saving."
     default: "true"
+  cache-python:
+    description: "Upload managed Python installations to the Github Actions cache."
+    default: "false"
   ignore-nothing-to-cache:
     description: "Ignore when nothing is found to cache."
     default: "false"
+  ignore-empty-workdir:
+    description: "Ignore when the working directory is empty."
+    default: "false"
   tool-dir:
     description: "Custom path to set UV_TOOL_DIR to."
     required: false
   tool-bin-dir:
     description: "Custom path to set UV_TOOL_BIN_DIR to."
     required: false
+  manifest-file:
+    description: "URL to the manifest file containing available versions and download URLs."
+    required: false
+  add-problem-matchers:
+    description: "Add problem matchers."
+    default: "true"
 outputs:
   uv-version:
     description: "The installed uv version. Useful when using latest."
+  uv-path:
+    description: "The path to the installed uv binary."
+  uvx-path:
+    description: "The path to the installed uvx binary."
   cache-hit:
     description: "A boolean value to indicate a cache entry was found"
+  venv:
+    description: "Path to the activated venv if activate-environment is true"
 runs:
-  using: "node20"
+  using: "node24"
   main: "dist/setup/index.js"
   post: "dist/save-cache/index.js"
   post-if: success()

biome.json

@@ -1,20 +1,34 @@
 {
-  "$schema": "https://biomejs.dev/schemas/1.9.2/schema.json",
-  "vcs": {
-    "enabled": true,
-    "clientKind": "git",
-    "useIgnoreFile": false
+  "$schema": "https://biomejs.dev/schemas/2.2.4/schema.json",
+  "assist": {
+    "actions": {
+      "source": {
+        "organizeImports": "on",
+        "useSortedAttributes": "on",
+        "useSortedKeys": "on"
+      }
+    }
   },
   "files": {
     "ignoreUnknown": false,
-    "ignore": ["dist", "lib", "node_modules"]
+    "includes": [
+      "**",
+      "!**/dist",
+      "!**/lib",
+      "!**/node_modules",
+      "!**/package*.json",
+      "!**/known-checksums.*"
+    ]
   },
   "formatter": {
     "enabled": true,
     "indentStyle": "space"
   },
-  "organizeImports": {
-    "enabled": true
+  "javascript": {
+    "formatter": {
+      "quoteStyle": "double",
+      "trailingCommas": "all"
+    }
   },
   "linter": {
     "enabled": true,
@@ -22,10 +36,9 @@
       "recommended": true
     }
   },
-  "javascript": {
-    "formatter": {
-      "quoteStyle": "double",
-      "trailingCommas": "all"
-    }
+  "vcs": {
+    "clientKind": "git",
+    "enabled": true,
+    "useIgnoreFile": false
   }
 }

package.json

@@ -6,14 +6,12 @@
   "main": "dist/index.js",
   "scripts": {
     "build": "tsc",
-    "format": "biome format --fix",
-    "format-check": "biome format",
-    "lint": "biome lint --fix",
-    "package": "ncc build -o dist/setup src/setup-uv.ts && ncc build -o dist/save-cache src/save-cache.ts && ncc build -o dist/update-known-checksums src/update-known-checksums.ts",
+    "check": "biome check --write",
+    "package": "ncc build -o dist/setup src/setup-uv.ts && ncc build -o dist/save-cache src/save-cache.ts && ncc build -o dist/update-known-versions src/update-known-versions.ts",
     "test": "jest",
     "act": "act pull_request -W .github/workflows/test.yml --container-architecture linux/amd64 -s GITHUB_TOKEN=\"$(gh auth token)\"",
-    "update-known-checksums": "node dist/update-known-checksums/index.js src/download/checksum/known-checksums.ts \"$(gh auth token)\"",
-    "all": "npm run build && npm run format && npm run lint && npm run package && npm test"
+    "update-known-versions": "RUNNER_TEMP=known_versions node dist/update-known-versions/index.js src/download/checksum/known-versions.ts \"$(gh auth token)\"",
+    "all": "npm run build && npm run check && npm run package && npm test"
   },
   "repository": {
     "type": "git",
@@ -23,23 +21,28 @@
   "author": "@eifinger",
   "license": "MIT",
   "dependencies": {
-    "@actions/cache": "^3.3.0",
+    "@actions/cache": "^4.0.5",
     "@actions/core": "^1.11.1",
     "@actions/exec": "^1.1.1",
-    "@actions/github": "^6.0.0",
     "@actions/glob": "^0.5.0",
     "@actions/io": "^1.1.3",
-    "@actions/tool-cache": "^2.0.1",
-    "@octokit/rest": "^21.0.2"
+    "@actions/tool-cache": "^2.0.2",
+    "@octokit/core": "^7.0.5",
+    "@octokit/plugin-paginate-rest": "^13.1.1",
+    "@octokit/plugin-rest-endpoint-methods": "^16.1.0",
+    "@renovatebot/pep440": "^4.2.1",
+    "smol-toml": "^1.4.2",
+    "undici": "^7.16.0"
   },
   "devDependencies": {
-    "@biomejs/biome": "1.9.4",
-    "@types/node": "^22.9.1",
-    "@types/semver": "^7.5.8",
-    "@vercel/ncc": "^0.38.3",
-    "jest": "^29.7.0",
+    "@biomejs/biome": "2.2.4",
+    "@types/js-yaml": "^4.0.9",
+    "@types/node": "^24.7.0",
+    "@types/semver": "^7.7.1",
+    "@vercel/ncc": "^0.38.4",
+    "jest": "^30.1.3",
     "js-yaml": "^4.1.0",
-    "ts-jest": "^29.2.5",
-    "typescript": "^5.6.3"
+    "ts-jest": "^29.4.4",
+    "typescript": "^5.9.2"
   }
 }

src/cache/restore-cache.ts

@@ -1,26 +1,43 @@
 import * as cache from "@actions/cache";
 import * as core from "@actions/core";
+import * as exec from "@actions/exec";
+import { hashFiles } from "../hash/hash-files";
 import {
   cacheDependencyGlob,
   cacheLocalPath,
+  cachePython,
   cacheSuffix,
+  pruneCache,
+  pythonDir,
+  pythonVersion as pythonVersionInput,
+  restoreCache as shouldRestoreCache,
+  workingDirectory,
 } from "../utils/inputs";
 import { getArch, getPlatform } from "../utils/platforms";
-import { hashFiles } from "../hash/hash-files";
 
 export const STATE_CACHE_KEY = "cache-key";
 export const STATE_CACHE_MATCHED_KEY = "cache-matched-key";
 const CACHE_VERSION = "1";
 
-export async function restoreCache(version: string): Promise<void> {
-  const cacheKey = await computeKeys(version);
+export async function restoreCache(): Promise<void> {
+  const cacheKey = await computeKeys();
+  core.saveState(STATE_CACHE_KEY, cacheKey);
+
+  if (!shouldRestoreCache) {
+    core.info("restore-cache is false. Skipping restore cache step.");
+    return;
+  }
 
   let matchedKey: string | undefined;
   core.info(
     `Trying to restore uv cache from GitHub Actions cache with key: ${cacheKey}`,
   );
+  const cachePaths = [cacheLocalPath];
+  if (cachePython) {
+    cachePaths.push(pythonDir);
+  }
   try {
-    matchedKey = await cache.restoreCache([cacheLocalPath], cacheKey);
+    matchedKey = await cache.restoreCache(cachePaths, cacheKey);
   } catch (err) {
     const message = (err as Error).message;
     core.warning(message);
@@ -28,12 +45,10 @@ export async function restoreCache(version: string): Promise<void> {
     return;
   }
 
-  core.saveState(STATE_CACHE_KEY, cacheKey);
-
   handleMatchResult(matchedKey, cacheKey);
 }
 
-async function computeKeys(version: string): Promise<string> {
+async function computeKeys(): Promise<string> {
   let cacheDependencyPathHash = "-";
   if (cacheDependencyGlob !== "") {
     core.info(
@@ -41,15 +56,51 @@ async function computeKeys(version: string): Promise<string> {
     );
     cacheDependencyPathHash += await hashFiles(cacheDependencyGlob, true);
     if (cacheDependencyPathHash === "-") {
-      throw new Error(
-        `No file matched to [${cacheDependencyGlob.split("\n").join(",")}], make sure you have checked out the target repository`,
+      core.warning(
+        `No file matched to [${cacheDependencyGlob.split("\n").join(",")}]. The cache will never get invalidated. Make sure you have checked out the target repository and configured the cache-dependency-glob input correctly.`,
       );
     }
-  } else {
-    cacheDependencyPathHash += "no-dependency-glob";
+  }
+  if (cacheDependencyPathHash === "-") {
+    cacheDependencyPathHash = "-no-dependency-glob";
   }
   const suffix = cacheSuffix ? `-${cacheSuffix}` : "";
-  return `setup-uv-${CACHE_VERSION}-${getArch()}-${getPlatform()}-${version}${cacheDependencyPathHash}${suffix}`;
+  const pythonVersion = await getPythonVersion();
+  const platform = await getPlatform();
+  const pruned = pruneCache ? "-pruned" : "";
+  const python = cachePython ? "-py" : "";
+  return `setup-uv-${CACHE_VERSION}-${getArch()}-${platform}-${pythonVersion}${pruned}${python}${cacheDependencyPathHash}${suffix}`;
+}
+
+async function getPythonVersion(): Promise<string> {
+  if (pythonVersionInput !== "") {
+    return pythonVersionInput;
+  }
+
+  let output = "";
+  const options: exec.ExecOptions = {
+    listeners: {
+      stdout: (data: Buffer) => {
+        output += data.toString();
+      },
+    },
+    silent: !core.isDebug(),
+  };
+
+  try {
+    const execArgs = ["python", "find", "--directory", workingDirectory];
+    await exec.exec("uv", execArgs, options);
+    const pythonPath = output.trim();
+
+    output = "";
+    await exec.exec(pythonPath, ["--version"], options);
+    // output is like "Python 3.8.10"
+    return output.split(" ")[1].trim();
+  } catch (error) {
+    const err = error as Error;
+    core.debug(`Failed to get python version from uv. Error: ${err.message}`);
+    return "unknown";
+  }
 }
 
 function handleMatchResult(

src/download/checksum/checksum.ts

@@ -1,9 +1,9 @@
-import * as fs from "node:fs";
 import * as crypto from "node:crypto";
+import * as fs from "node:fs";
 
 import * as core from "@actions/core";
-import { KNOWN_CHECKSUMS } from "./known-checksums";
 import type { Architecture, Platform } from "../../utils/platforms";
+import { KNOWN_CHECKSUMS } from "./known-checksums";
 
 export async function validateChecksum(
   checkSum: string | undefined,
@@ -12,7 +12,7 @@ export async function validateChecksum(
   platform: Platform,
   version: string,
 ): Promise<void> {
-  let isValid: boolean | undefined = undefined;
+  let isValid: boolean | undefined;
   if (checkSum !== undefined && checkSum !== "") {
     isValid = await validateFileCheckSum(downloadPath, checkSum);
   } else {

src/download/checksum/update-known-checksums.ts

@@ -1,5 +1,6 @@
 import { promises as fs } from "node:fs";
 import * as tc from "@actions/tool-cache";
+import { KNOWN_CHECKSUMS } from "./known-checksums";
 export async function updateChecksums(
   filePath: string,
   downloadUrls: string[],
@@ -7,31 +8,50 @@ export async function updateChecksums(
   await fs.rm(filePath);
   await fs.appendFile(
     filePath,
-    "// AUTOGENERATED_DO_NOT_EDIT\nexport const KNOWN_CHECKSUMS: {[key: string]: string} = {\n",
+    "// AUTOGENERATED_DO_NOT_EDIT\nexport const KNOWN_CHECKSUMS: { [key: string]: string } = {\n",
   );
   let firstLine = true;
   for (const downloadUrl of downloadUrls) {
-    const content = await downloadAssetContent(downloadUrl);
-    const checksum = content.split(" ")[0].trim();
     const key = getKey(downloadUrl);
+    if (key === undefined) {
+      continue;
+    }
+    const checksum = await getOrDownloadChecksum(key, downloadUrl);
     if (!firstLine) {
       await fs.appendFile(filePath, ",\n");
     }
-    await fs.appendFile(filePath, `  '${key}':\n    '${checksum}'`);
+    await fs.appendFile(filePath, `  "${key}":\n    "${checksum}"`);
     firstLine = false;
   }
-  await fs.appendFile(filePath, "}\n");
+  await fs.appendFile(filePath, ",\n};\n");
 }
 
-function getKey(downloadUrl: string): string {
+function getKey(downloadUrl: string): string | undefined {
   // https://github.com/astral-sh/uv/releases/download/0.3.2/uv-aarch64-apple-darwin.tar.gz.sha256
   const parts = downloadUrl.split("/");
   const fileName = parts[parts.length - 1];
+  if (fileName.startsWith("source")) {
+    return undefined;
+  }
   const name = fileName.split(".")[0].split("uv-")[1];
   const version = parts[parts.length - 2];
   return `${name}-${version}`;
 }
 
+async function getOrDownloadChecksum(
+  key: string,
+  downloadUrl: string,
+): Promise<string> {
+  let checksum = "";
+  if (key in KNOWN_CHECKSUMS) {
+    checksum = KNOWN_CHECKSUMS[key];
+  } else {
+    const content = await downloadAssetContent(downloadUrl);
+    checksum = content.split(" ")[0].trim();
+  }
+  return checksum;
+}
+
 async function downloadAssetContent(downloadUrl: string): Promise<string> {
   const downloadPath = await tc.downloadTool(downloadUrl);
   const content = await fs.readFile(downloadPath, "utf8");

src/download/download-latest.ts

@@ -1,73 +0,0 @@
-import * as core from "@actions/core";
-import * as tc from "@actions/tool-cache";
-import * as exec from "@actions/exec";
-import * as path from "node:path";
-import { promises as fs } from "node:fs";
-import type { Architecture, Platform } from "../utils/platforms";
-import { validateChecksum } from "./checksum/checksum";
-import { OWNER, REPO, TOOL_CACHE_NAME } from "../utils/constants";
-
-export async function downloadLatest(
-  platform: Platform,
-  arch: Architecture,
-  checkSum: string | undefined,
-  githubToken: string | undefined,
-): Promise<{ cachedToolDir: string; version: string }> {
-  const artifact = `uv-${arch}-${platform}`;
-  let extension = ".tar.gz";
-  if (platform === "pc-windows-msvc") {
-    extension = ".zip";
-  }
-  const downloadUrl = `https://github.com/${OWNER}/${REPO}/releases/latest/download/${artifact}${extension}`;
-  core.info(`Downloading uv from "${downloadUrl}" ...`);
-
-  const downloadPath = await tc.downloadTool(
-    downloadUrl,
-    undefined,
-    githubToken,
-  );
-  let uvExecutablePath: string;
-  let uvDir: string;
-  if (platform === "pc-windows-msvc") {
-    const fullPathWithExtension = `${downloadPath}${extension}`;
-    await fs.copyFile(downloadPath, fullPathWithExtension);
-    uvDir = await tc.extractZip(fullPathWithExtension);
-    // On windows extracting the zip does not create an intermediate directory
-    uvExecutablePath = path.join(uvDir, "uv.exe");
-  } else {
-    const extractedDir = await tc.extractTar(downloadPath);
-    uvDir = path.join(extractedDir, artifact);
-    uvExecutablePath = path.join(uvDir, "uv");
-  }
-  const version = await getVersion(uvExecutablePath);
-  await validateChecksum(checkSum, downloadPath, arch, platform, version);
-  const cachedToolDir = await tc.cacheDir(
-    uvDir,
-    TOOL_CACHE_NAME,
-    version,
-    arch,
-  );
-
-  return { cachedToolDir, version };
-}
-
-async function getVersion(uvExecutablePath: string): Promise<string> {
-  // Parse the output of `uv --version` to get the version
-  // The output looks like
-  // uv 0.3.1 (be17d132a 2024-08-21)
-
-  const options: exec.ExecOptions = {
-    silent: !core.isDebug(),
-  };
-  const execArgs = ["--version"];
-
-  let output = "";
-  options.listeners = {
-    stdout: (data: Buffer) => {
-      output += data.toString();
-    },
-  };
-  await exec.exec(uvExecutablePath, execArgs, options);
-  const parts = output.split(" ");
-  return parts[1].trim();
-}

src/download/download-version.ts

@@ -1,11 +1,20 @@
+import { promises as fs } from "node:fs";
+import * as path from "node:path";
 import * as core from "@actions/core";
 import * as tc from "@actions/tool-cache";
-import * as path from "node:path";
-import { promises as fs } from "node:fs";
+import type { Endpoints } from "@octokit/types";
+import * as pep440 from "@renovatebot/pep440";
 import { OWNER, REPO, TOOL_CACHE_NAME } from "../utils/constants";
+import { Octokit } from "../utils/octokit";
 import type { Architecture, Platform } from "../utils/platforms";
 import { validateChecksum } from "./checksum/checksum";
-import * as github from "@actions/github";
+import {
+  getDownloadUrl,
+  getLatestKnownVersion as getLatestVersionInManifest,
+} from "./version-manifest";
+
+type Release =
+  Endpoints["GET /repos/{owner}/{repo}/releases"]["response"]["data"][number];
 
 export function tryGetFromToolCache(
   arch: Architecture,
@@ -19,39 +28,86 @@ export function tryGetFromToolCache(
     resolvedVersion = version;
   }
   const installedPath = tc.find(TOOL_CACHE_NAME, resolvedVersion, arch);
-  return { version: resolvedVersion, installedPath };
+  return { installedPath, version: resolvedVersion };
 }
 
-export async function downloadVersion(
+export async function downloadVersionFromGithub(
   platform: Platform,
   arch: Architecture,
   version: string,
   checkSum: string | undefined,
   githubToken: string,
 ): Promise<{ version: string; cachedToolDir: string }> {
-  const resolvedVersion = await resolveVersion(version, githubToken);
   const artifact = `uv-${arch}-${platform}`;
-  let extension = ".tar.gz";
-  if (platform === "pc-windows-msvc") {
-    extension = ".zip";
-  }
-  const downloadUrl = `https://github.com/${OWNER}/${REPO}/releases/download/${resolvedVersion}/${artifact}${extension}`;
-  core.info(`Downloading uv from "${downloadUrl}" ...`);
+  const extension = getExtension(platform);
+  const downloadUrl = `https://github.com/${OWNER}/${REPO}/releases/download/${version}/${artifact}${extension}`;
+  return await downloadVersion(
+    downloadUrl,
+    artifact,
+    platform,
+    arch,
+    version,
+    checkSum,
+    githubToken,
+  );
+}
 
+export async function downloadVersionFromManifest(
+  manifestUrl: string | undefined,
+  platform: Platform,
+  arch: Architecture,
+  version: string,
+  checkSum: string | undefined,
+  githubToken: string,
+): Promise<{ version: string; cachedToolDir: string }> {
+  const downloadUrl = await getDownloadUrl(
+    manifestUrl,
+    version,
+    arch,
+    platform,
+  );
+  if (!downloadUrl) {
+    core.info(
+      `manifest-file does not contain version ${version}, arch ${arch}, platform ${platform}. Falling back to GitHub releases.`,
+    );
+    return await downloadVersionFromGithub(
+      platform,
+      arch,
+      version,
+      checkSum,
+      githubToken,
+    );
+  }
+  return await downloadVersion(
+    downloadUrl,
+    `uv-${arch}-${platform}`,
+    platform,
+    arch,
+    version,
+    checkSum,
+    githubToken,
+  );
+}
+
+async function downloadVersion(
+  downloadUrl: string,
+  artifactName: string,
+  platform: Platform,
+  arch: Architecture,
+  version: string,
+  checkSum: string | undefined,
+  githubToken: string,
+): Promise<{ version: string; cachedToolDir: string }> {
+  core.info(`Downloading uv from "${downloadUrl}" ...`);
   const downloadPath = await tc.downloadTool(
     downloadUrl,
     undefined,
     githubToken,
   );
-  await validateChecksum(
-    checkSum,
-    downloadPath,
-    arch,
-    platform,
-    resolvedVersion,
-  );
+  await validateChecksum(checkSum, downloadPath, arch, platform, version);
 
   let uvDir: string;
+  const extension = getExtension(platform);
   if (platform === "pc-windows-msvc") {
     const fullPathWithExtension = `${downloadPath}${extension}`;
     await fs.copyFile(downloadPath, fullPathWithExtension);
@@ -59,39 +115,152 @@ export async function downloadVersion(
     // On windows extracting the zip does not create an intermediate directory
   } else {
     const extractedDir = await tc.extractTar(downloadPath);
-    uvDir = path.join(extractedDir, artifact);
+    uvDir = path.join(extractedDir, artifactName);
   }
   const cachedToolDir = await tc.cacheDir(
     uvDir,
     TOOL_CACHE_NAME,
-    resolvedVersion,
+    version,
     arch,
   );
-  return { version: resolvedVersion, cachedToolDir };
+  return { cachedToolDir, version: version };
 }
 
-async function resolveVersion(
-  version: string,
+function getExtension(platform: Platform): string {
+  return platform === "pc-windows-msvc" ? ".zip" : ".tar.gz";
+}
+
+export async function resolveVersion(
+  versionInput: string,
+  manifestFile: string | undefined,
   githubToken: string,
 ): Promise<string> {
+  core.debug(`Resolving version: ${versionInput}`);
+  let version: string;
+  const isSimpleMinimumVersionSpecifier =
+    versionInput.includes(">") && !versionInput.includes(",");
+  if (isSimpleMinimumVersionSpecifier) {
+    core.info("Found minimum version specifier, using latest version");
+  }
+  if (manifestFile) {
+    version =
+      versionInput === "latest" || isSimpleMinimumVersionSpecifier
+        ? await getLatestVersionInManifest(manifestFile)
+        : versionInput;
+  } else {
+    version =
+      versionInput === "latest" || isSimpleMinimumVersionSpecifier
+        ? await getLatestVersion(githubToken)
+        : versionInput;
+  }
   if (tc.isExplicitVersion(version)) {
     core.debug(`Version ${version} is an explicit version.`);
+    if (isSimpleMinimumVersionSpecifier) {
+      if (!pep440.satisfies(version, versionInput)) {
+        throw new Error(`No version found for ${versionInput}`);
+      }
+    }
     return version;
   }
   const availableVersions = await getAvailableVersions(githubToken);
-  const resolvedVersion = tc.evaluateVersions(availableVersions, version);
-  if (resolvedVersion === "") {
+  core.debug(`Available versions: ${availableVersions}`);
+  const resolvedVersion = maxSatisfying(availableVersions, version);
+  if (resolvedVersion === undefined) {
     throw new Error(`No version found for ${version}`);
   }
   return resolvedVersion;
 }
 
 async function getAvailableVersions(githubToken: string): Promise<string[]> {
-  const octokit = github.getOctokit(githubToken);
+  core.info("Getting available versions from GitHub API...");
+  try {
+    const octokit = new Octokit({
+      auth: githubToken,
+    });
+    return await getReleaseTagNames(octokit);
+  } catch (err) {
+    if ((err as Error).message.includes("Bad credentials")) {
+      core.info(
+        "No (valid) GitHub token provided. Falling back to anonymous. Requests might be rate limited.",
+      );
+      const octokit = new Octokit();
+      return await getReleaseTagNames(octokit);
+    }
+    throw err;
+  }
+}
 
-  const response = await octokit.paginate(octokit.rest.repos.listReleases, {
+async function getReleaseTagNames(octokit: Octokit): Promise<string[]> {
+  const response: Release[] = await octokit.paginate(
+    octokit.rest.repos.listReleases,
+    {
+      owner: OWNER,
+      repo: REPO,
+    },
+  );
+  const releaseTagNames = response.map((release) => release.tag_name);
+  if (releaseTagNames.length === 0) {
+    throw Error(
+      "Github API request failed while getting releases. Check the GitHub status page for outages. Try again later.",
+    );
+  }
+  return releaseTagNames;
+}
+
+async function getLatestVersion(githubToken: string) {
+  core.info("Getting latest version from GitHub API...");
+  const octokit = new Octokit({
+    auth: githubToken,
+  });
+
+  let latestRelease: { tag_name: string } | undefined;
+  try {
+    latestRelease = await getLatestRelease(octokit);
+  } catch (err) {
+    if ((err as Error).message.includes("Bad credentials")) {
+      core.info(
+        "No (valid) GitHub token provided. Falling back to anonymous. Requests might be rate limited.",
+      );
+      const octokit = new Octokit();
+      latestRelease = await getLatestRelease(octokit);
+    } else {
+      core.error(
+        "Github API request failed while getting latest release. Check the GitHub status page for outages. Try again later.",
+      );
+      throw err;
+    }
+  }
+
+  if (!latestRelease) {
+    throw new Error("Could not determine latest release.");
+  }
+  core.debug(`Latest version: ${latestRelease.tag_name}`);
+  return latestRelease.tag_name;
+}
+
+async function getLatestRelease(octokit: Octokit) {
+  const { data: latestRelease } = await octokit.rest.repos.getLatestRelease({
     owner: OWNER,
     repo: REPO,
   });
-  return response.map((release) => release.tag_name);
+  return latestRelease;
+}
+
+function maxSatisfying(
+  versions: string[],
+  version: string,
+): string | undefined {
+  const maxSemver = tc.evaluateVersions(versions, version);
+  if (maxSemver !== "") {
+    core.debug(`Found a version that satisfies the semver range: ${maxSemver}`);
+    return maxSemver;
+  }
+  const maxPep440 = pep440.maxSatisfying(versions, version);
+  if (maxPep440 !== null) {
+    core.debug(
+      `Found a version that satisfies the pep440 specifier: ${maxPep440}`,
+    );
+    return maxPep440;
+  }
+  return undefined;
 }

src/download/version-manifest.ts

@@ -0,0 +1,91 @@
+import { promises as fs } from "node:fs";
+import { join } from "node:path";
+import * as core from "@actions/core";
+import * as semver from "semver";
+import { fetch } from "../utils/fetch";
+
+const localManifestFile = join(__dirname, "..", "..", "version-manifest.json");
+
+interface ManifestEntry {
+  version: string;
+  artifactName: string;
+  arch: string;
+  platform: string;
+  downloadUrl: string;
+}
+
+export async function getLatestKnownVersion(
+  manifestUrl: string | undefined,
+): Promise<string> {
+  const manifestEntries = await getManifestEntries(manifestUrl);
+  return manifestEntries.reduce((a, b) =>
+    semver.gt(a.version, b.version) ? a : b,
+  ).version;
+}
+
+export async function getDownloadUrl(
+  manifestUrl: string | undefined,
+  version: string,
+  arch: string,
+  platform: string,
+): Promise<string | undefined> {
+  const manifestEntries = await getManifestEntries(manifestUrl);
+  const entry = manifestEntries.find(
+    (entry) =>
+      entry.version === version &&
+      entry.arch === arch &&
+      entry.platform === platform,
+  );
+  return entry ? entry.downloadUrl : undefined;
+}
+
+async function getManifestEntries(
+  manifestUrl: string | undefined,
+): Promise<ManifestEntry[]> {
+  let data: string;
+  if (manifestUrl !== undefined) {
+    core.info(`Fetching manifest-file from: ${manifestUrl}`);
+    const response = await fetch(manifestUrl, {});
+    if (!response.ok) {
+      throw new Error(
+        `Failed to fetch manifest-file: ${response.status} ${response.statusText}`,
+      );
+    }
+    data = await response.text();
+  } else {
+    core.info("manifest-file not provided, reading from local file.");
+    const fileContent = await fs.readFile(localManifestFile);
+    data = fileContent.toString();
+  }
+
+  return JSON.parse(data);
+}
+
+export async function updateVersionManifest(
+  manifestUrl: string,
+  downloadUrls: string[],
+): Promise<void> {
+  const manifest: ManifestEntry[] = [];
+
+  for (const downloadUrl of downloadUrls) {
+    const urlParts = downloadUrl.split("/");
+    const version = urlParts[urlParts.length - 2];
+    const artifactName = urlParts[urlParts.length - 1];
+    if (!artifactName.startsWith("uv-")) {
+      continue;
+    }
+    if (artifactName.startsWith("uv-installer")) {
+      continue;
+    }
+    const artifactParts = artifactName.split(".")[0].split("-");
+    manifest.push({
+      arch: artifactParts[1],
+      artifactName: artifactName,
+      downloadUrl: downloadUrl,
+      platform: artifactName.split(`uv-${artifactParts[1]}-`)[1].split(".")[0],
+      version: version,
+    });
+  }
+  core.debug(`Updating manifest-file: ${JSON.stringify(manifest)}`);
+  await fs.writeFile(manifestUrl, JSON.stringify(manifest));
+}

src/hash/hash-files.ts

@@ -1,8 +1,8 @@
 import * as crypto from "node:crypto";
-import * as core from "@actions/core";
 import * as fs from "node:fs";
 import * as stream from "node:stream";
 import * as util from "node:util";
+import * as core from "@actions/core";
 import { create } from "@actions/glob";
 
 /**

src/save-cache.ts

@@ -1,22 +1,31 @@
+import * as fs from "node:fs";
 import * as cache from "@actions/cache";
 import * as core from "@actions/core";
 import * as exec from "@actions/exec";
-import * as fs from "node:fs";
+import * as pep440 from "@renovatebot/pep440";
 import {
-  STATE_CACHE_MATCHED_KEY,
   STATE_CACHE_KEY,
+  STATE_CACHE_MATCHED_KEY,
 } from "./cache/restore-cache";
+import { STATE_UV_PATH, STATE_UV_VERSION } from "./utils/constants";
 import {
   cacheLocalPath,
+  cachePython,
   enableCache,
   ignoreNothingToCache,
+  pythonDir,
   pruneCache as shouldPruneCache,
+  saveCache as shouldSaveCache,
 } from "./utils/inputs";
 
 export async function run(): Promise<void> {
   try {
     if (enableCache) {
-      await saveCache();
+      if (shouldSaveCache) {
+        await saveCache();
+      } else {
+        core.info("save-cache is false. Skipping save cache step.");
+      }
       // node will stay alive if any promises are not resolved,
       // which is a possibility if HTTP requests are dangling
       // due to retries or timeouts. We know that if we got here
@@ -47,14 +56,35 @@ async function saveCache(): Promise<void> {
     await pruneCache();
   }
 
-  core.info(`Saving cache path: ${cacheLocalPath}`);
-  if (!fs.existsSync(cacheLocalPath) && !ignoreNothingToCache) {
+  let actualCachePath = cacheLocalPath;
+  if (process.env.UV_CACHE_DIR && process.env.UV_CACHE_DIR !== cacheLocalPath) {
+    core.warning(
+      `The environment variable UV_CACHE_DIR has been changed to "${process.env.UV_CACHE_DIR}", by an action or step running after astral-sh/setup-uv. This can lead to unexpected behavior. If you expected this to happen set the cache-local-path input to "${process.env.UV_CACHE_DIR}" instead of "${cacheLocalPath}".`,
+    );
+    actualCachePath = process.env.UV_CACHE_DIR;
+  }
+
+  core.info(`Saving cache path: ${actualCachePath}`);
+  if (!fs.existsSync(actualCachePath) && !ignoreNothingToCache) {
     throw new Error(
-      `Cache path ${cacheLocalPath} does not exist on disk. This likely indicates that there are no dependencies to cache. Consider disabling the cache input if it is not needed.`,
+      `Cache path ${actualCachePath} does not exist on disk. This likely indicates that there are no dependencies to cache. Consider disabling the cache input if it is not needed.`,
     );
   }
+
+  const cachePaths = [actualCachePath];
+  if (cachePython) {
+    core.info(`Including Python cache path: ${pythonDir}`);
+    if (!fs.existsSync(pythonDir) && !ignoreNothingToCache) {
+      throw new Error(
+        `Python cache path ${pythonDir} does not exist on disk. This likely indicates that there are no dependencies to cache. Consider disabling the cache input if it is not needed.`,
+      );
+    }
+    cachePaths.push(pythonDir);
+  }
+
+  core.info(`Final cache paths: ${cachePaths.join(", ")}`);
   try {
-    await cache.saveCache([cacheLocalPath], cacheKey);
+    await cache.saveCache(cachePaths, cacheKey);
     core.info(`cache saved with the key: ${cacheKey}`);
   } catch (e) {
     if (
@@ -72,13 +102,19 @@ async function saveCache(): Promise<void> {
 }
 
 async function pruneCache(): Promise<void> {
+  const forceSupported = pep440.gte(core.getState(STATE_UV_VERSION), "0.8.24");
+
   const options: exec.ExecOptions = {
-    silent: !core.isDebug(),
+    silent: false,
   };
   const execArgs = ["cache", "prune", "--ci"];
+  if (forceSupported) {
+    execArgs.push("--force");
+  }
 
   core.info("Pruning cache...");
-  await exec.exec("uv", execArgs, options);
+  const uvPath = core.getState(STATE_UV_PATH);
+  await exec.exec(uvPath, execArgs, options);
 }
 
 run();

src/setup-uv.ts

@@ -1,30 +1,43 @@
-import * as core from "@actions/core";
+import fs from "node:fs";
 import * as path from "node:path";
+import * as core from "@actions/core";
+import * as exec from "@actions/exec";
+import { restoreCache } from "./cache/restore-cache";
 import {
-  downloadVersion,
+  downloadVersionFromManifest,
+  resolveVersion,
   tryGetFromToolCache,
 } from "./download/download-version";
-import { restoreCache } from "./cache/restore-cache";
-
-import { downloadLatest } from "./download/download-latest";
+import { getConfigValueFromTomlFile } from "./utils/config-file";
+import { STATE_UV_PATH, STATE_UV_VERSION } from "./utils/constants";
+import {
+  activateEnvironment as activateEnvironmentInput,
+  addProblemMatchers,
+  cacheLocalPath,
+  checkSum,
+  enableCache,
+  githubToken,
+  ignoreEmptyWorkdir,
+  manifestFile,
+  pythonDir,
+  pythonVersion,
+  toolBinDir,
+  toolDir,
+  versionFile as versionFileInput,
+  version as versionInput,
+  workingDirectory,
+} from "./utils/inputs";
 import {
   type Architecture,
   getArch,
   getPlatform,
   type Platform,
 } from "./utils/platforms";
-import {
-  cacheLocalPath,
-  checkSum,
-  enableCache,
-  githubToken,
-  toolBinDir,
-  toolDir,
-  version,
-} from "./utils/inputs";
+import { getUvVersionFromFile } from "./version/resolve";
 
 async function run(): Promise<void> {
-  const platform = getPlatform();
+  detectEmptyWorkdir();
+  const platform = await getPlatform();
   const arch = getArch();
 
   try {
@@ -34,25 +47,23 @@ async function run(): Promise<void> {
     if (arch === undefined) {
       throw new Error(`Unsupported architecture: ${process.arch}`);
     }
-    const setupResult = await setupUv(
-      platform,
-      arch,
-      version,
-      checkSum,
-      githubToken,
-    );
+    const setupResult = await setupUv(platform, arch, checkSum, githubToken);
 
-    addUvToPath(setupResult.uvDir);
     addToolBinToPath();
+    addUvToPathAndOutput(setupResult.uvDir);
     setToolDir();
+    addPythonDirToPath();
+    setupPython();
+    await activateEnvironment();
+    addMatchers();
+    setCacheDir();
+
     core.setOutput("uv-version", setupResult.version);
+    core.saveState(STATE_UV_VERSION, setupResult.version);
     core.info(`Successfully installed uv version ${setupResult.version}`);
 
-    addMatchers();
-    setCacheDir(cacheLocalPath);
-
     if (enableCache) {
-      await restoreCache(setupResult.version);
+      await restoreCache();
     }
     process.exit(0);
   } catch (err) {
@@ -60,59 +71,111 @@ async function run(): Promise<void> {
   }
 }
 
+function detectEmptyWorkdir(): void {
+  if (fs.readdirSync(".").length === 0) {
+    if (ignoreEmptyWorkdir) {
+      core.info(
+        "Empty workdir detected. Ignoring because ignore-empty-workdir is enabled",
+      );
+    } else {
+      core.warning(
+        "Empty workdir detected. This may cause unexpected behavior. You can enable ignore-empty-workdir to mute this warning.",
+      );
+    }
+  }
+}
+
 async function setupUv(
   platform: Platform,
   arch: Architecture,
-  versionInput: string,
   checkSum: string | undefined,
   githubToken: string,
 ): Promise<{ uvDir: string; version: string }> {
-  let installedPath: string | undefined;
-  let cachedToolDir: string;
-  let version: string;
-  if (versionInput === "latest") {
-    const latestResult = await downloadLatest(
-      platform,
-      arch,
-      checkSum,
-      githubToken,
-    );
-    version = latestResult.version;
-    cachedToolDir = latestResult.cachedToolDir;
-  } else {
-    const toolCacheResult = tryGetFromToolCache(arch, versionInput);
-    version = toolCacheResult.version;
-    installedPath = toolCacheResult.installedPath;
-    if (installedPath) {
-      core.info(`Found uv in tool-cache for ${versionInput}`);
-      return { uvDir: installedPath, version };
-    }
-    const versionResult = await downloadVersion(
-      platform,
-      arch,
-      versionInput,
-      checkSum,
-      githubToken,
-    );
-    cachedToolDir = versionResult.cachedToolDir;
-    version = versionResult.version;
+  const resolvedVersion = await determineVersion(manifestFile);
+  const toolCacheResult = tryGetFromToolCache(arch, resolvedVersion);
+  if (toolCacheResult.installedPath) {
+    core.info(`Found uv in tool-cache for ${toolCacheResult.version}`);
+    return {
+      uvDir: toolCacheResult.installedPath,
+      version: toolCacheResult.version,
+    };
   }
 
-  return { uvDir: cachedToolDir, version };
+  const downloadVersionResult = await downloadVersionFromManifest(
+    manifestFile,
+    platform,
+    arch,
+    resolvedVersion,
+    checkSum,
+    githubToken,
+  );
+
+  return {
+    uvDir: downloadVersionResult.cachedToolDir,
+    version: downloadVersionResult.version,
+  };
 }
 
-function addUvToPath(cachedPath: string): void {
-  core.addPath(cachedPath);
-  core.info(`Added ${cachedPath} to the path`);
+async function determineVersion(
+  manifestFile: string | undefined,
+): Promise<string> {
+  if (versionInput !== "") {
+    return await resolveVersion(versionInput, manifestFile, githubToken);
+  }
+  if (versionFileInput !== "") {
+    const versionFromFile = getUvVersionFromFile(versionFileInput);
+    if (versionFromFile === undefined) {
+      throw new Error(
+        `Could not determine uv version from file: ${versionFileInput}`,
+      );
+    }
+    return await resolveVersion(versionFromFile, manifestFile, githubToken);
+  }
+  const versionFromUvToml = getUvVersionFromFile(
+    `${workingDirectory}${path.sep}uv.toml`,
+  );
+  const versionFromPyproject = getUvVersionFromFile(
+    `${workingDirectory}${path.sep}pyproject.toml`,
+  );
+  if (versionFromUvToml === undefined && versionFromPyproject === undefined) {
+    core.info(
+      "Could not determine uv version from uv.toml or pyproject.toml. Falling back to latest.",
+    );
+  }
+  return await resolveVersion(
+    versionFromUvToml || versionFromPyproject || "latest",
+    manifestFile,
+    githubToken,
+  );
+}
+
+function addUvToPathAndOutput(cachedPath: string): void {
+  core.setOutput("uv-path", `${cachedPath}${path.sep}uv`);
+  core.saveState(STATE_UV_PATH, `${cachedPath}${path.sep}uv`);
+  core.setOutput("uvx-path", `${cachedPath}${path.sep}uvx`);
+  if (process.env.UV_NO_MODIFY_PATH !== undefined) {
+    core.info("UV_NO_MODIFY_PATH is set, not modifying PATH");
+  } else {
+    core.addPath(cachedPath);
+    core.info(`Added ${cachedPath} to the path`);
+  }
 }
 
 function addToolBinToPath(): void {
   if (toolBinDir !== undefined) {
     core.exportVariable("UV_TOOL_BIN_DIR", toolBinDir);
     core.info(`Set UV_TOOL_BIN_DIR to ${toolBinDir}`);
-    core.addPath(toolBinDir);
-    core.info(`Added ${toolBinDir} to the path`);
+    if (process.env.UV_NO_MODIFY_PATH !== undefined) {
+      core.info(`UV_NO_MODIFY_PATH is set, not adding ${toolBinDir} to path`);
+    } else {
+      core.addPath(toolBinDir);
+      core.info(`Added ${toolBinDir} to the path`);
+    }
   } else {
+    if (process.env.UV_NO_MODIFY_PATH !== undefined) {
+      core.info("UV_NO_MODIFY_PATH is set, not adding user local bin to path");
+      return;
+    }
     if (process.env.XDG_BIN_HOME !== undefined) {
       core.addPath(process.env.XDG_BIN_HOME);
       core.info(`Added ${process.env.XDG_BIN_HOME} to the path`);
@@ -133,14 +196,66 @@ function setToolDir(): void {
   }
 }
 
-function setCacheDir(cacheLocalPath: string): void {
-  core.exportVariable("UV_CACHE_DIR", cacheLocalPath);
-  core.info(`Set UV_CACHE_DIR to ${cacheLocalPath}`);
+function addPythonDirToPath(): void {
+  core.exportVariable("UV_PYTHON_INSTALL_DIR", pythonDir);
+  core.info(`Set UV_PYTHON_INSTALL_DIR to ${pythonDir}`);
+  if (process.env.UV_NO_MODIFY_PATH !== undefined) {
+    core.info("UV_NO_MODIFY_PATH is set, not adding python dir to path");
+  } else {
+    core.addPath(pythonDir);
+    core.info(`Added ${pythonDir} to the path`);
+  }
+}
+
+function setupPython(): void {
+  if (pythonVersion !== "") {
+    core.exportVariable("UV_PYTHON", pythonVersion);
+    core.info(`Set UV_PYTHON to ${pythonVersion}`);
+  }
+}
+
+async function activateEnvironment(): Promise<void> {
+  if (activateEnvironmentInput) {
+    if (process.env.UV_NO_MODIFY_PATH !== undefined) {
+      throw new Error(
+        "UV_NO_MODIFY_PATH and activate-environment cannot be used together.",
+      );
+    }
+    const execArgs = ["venv", ".venv", "--directory", workingDirectory];
+
+    core.info("Activating python venv...");
+    await exec.exec("uv", execArgs);
+
+    const venvPath = path.resolve(`${workingDirectory}${path.sep}.venv`);
+    let venvBinPath = `${venvPath}${path.sep}bin`;
+    if (process.platform === "win32") {
+      venvBinPath = `${venvPath}${path.sep}Scripts`;
+    }
+    core.addPath(path.resolve(venvBinPath));
+    core.exportVariable("VIRTUAL_ENV", venvPath);
+    core.setOutput("venv", venvPath);
+  }
+}
+
+function setCacheDir(): void {
+  if (enableCache) {
+    const cacheDirFromConfig = getConfigValueFromTomlFile("", "cache-dir");
+    if (cacheDirFromConfig !== undefined) {
+      core.info(
+        "Using cache-dir from uv config file, not modifying UV_CACHE_DIR",
+      );
+      return;
+    }
+    core.exportVariable("UV_CACHE_DIR", cacheLocalPath);
+    core.info(`Set UV_CACHE_DIR to ${cacheLocalPath}`);
+  }
 }
 
 function addMatchers(): void {
-  const matchersPath = path.join(__dirname, `..${path.sep}..`, ".github");
-  core.info(`##[add-matcher]${path.join(matchersPath, "python.json")}`);
+  if (addProblemMatchers) {
+    const matchersPath = path.join(__dirname, `..${path.sep}..`, ".github");
+    core.info(`##[add-matcher]${path.join(matchersPath, "python.json")}`);
+  }
 }
 
 run();

src/update-known-checksums.ts

@@ -1,32 +0,0 @@
-import * as github from "@actions/github";
-import * as core from "@actions/core";
-
-import { OWNER, REPO } from "./utils/constants";
-import * as semver from "semver";
-
-import { updateChecksums } from "./download/checksum/update-known-checksums";
-
-async function run(): Promise<void> {
-  const checksumFilePath = process.argv.slice(2)[0];
-  const github_token = process.argv.slice(2)[1];
-
-  const octokit = github.getOctokit(github_token);
-
-  const response = await octokit.paginate(octokit.rest.repos.listReleases, {
-    owner: OWNER,
-    repo: REPO,
-  });
-  const downloadUrls: string[] = response.flatMap((release) =>
-    release.assets
-      .filter((asset) => asset.name.endsWith(".sha256"))
-      .map((asset) => asset.browser_download_url),
-  );
-  await updateChecksums(checksumFilePath, downloadUrls);
-
-  const latestVersion = response
-    .map((release) => release.tag_name)
-    .sort(semver.rcompare)[0];
-  core.setOutput("latest-version", latestVersion);
-}
-
-run();

src/update-known-versions.ts

@@ -0,0 +1,63 @@
+import * as core from "@actions/core";
+import type { Endpoints } from "@octokit/types";
+import * as semver from "semver";
+import { updateChecksums } from "./download/checksum/update-known-checksums";
+import {
+  getLatestKnownVersion,
+  updateVersionManifest,
+} from "./download/version-manifest";
+import { OWNER, REPO } from "./utils/constants";
+import { Octokit } from "./utils/octokit";
+
+type Release =
+  Endpoints["GET /repos/{owner}/{repo}/releases"]["response"]["data"][number];
+
+async function run(): Promise<void> {
+  const checksumFilePath = process.argv.slice(2)[0];
+  const versionsManifestFile = process.argv.slice(2)[1];
+  const githubToken = process.argv.slice(2)[2];
+
+  const octokit = new Octokit({
+    auth: githubToken,
+  });
+
+  const { data: latestRelease } = await octokit.rest.repos.getLatestRelease({
+    owner: OWNER,
+    repo: REPO,
+  });
+
+  const latestKnownVersion = await getLatestKnownVersion(undefined);
+
+  if (semver.lte(latestRelease.tag_name, latestKnownVersion)) {
+    core.info(
+      `Latest release (${latestRelease.tag_name}) is not newer than the latest known version (${latestKnownVersion}). Skipping update.`,
+    );
+    return;
+  }
+
+  const releases: Release[] = await octokit.paginate(
+    octokit.rest.repos.listReleases,
+    {
+      owner: OWNER,
+      repo: REPO,
+    },
+  );
+  const checksumDownloadUrls: string[] = releases.flatMap((release) =>
+    release.assets
+      .filter((asset) => asset.name.endsWith(".sha256"))
+      .map((asset) => asset.browser_download_url),
+  );
+  await updateChecksums(checksumFilePath, checksumDownloadUrls);
+
+  const artifactDownloadUrls: string[] = releases.flatMap((release) =>
+    release.assets
+      .filter((asset) => !asset.name.endsWith(".sha256"))
+      .map((asset) => asset.browser_download_url),
+  );
+
+  await updateVersionManifest(versionsManifestFile, artifactDownloadUrls);
+
+  core.setOutput("latest-version", latestRelease.tag_name);
+}
+
+run();

src/utils/config-file.ts

@@ -0,0 +1,24 @@
+import fs from "node:fs";
+import * as toml from "smol-toml";
+
+export function getConfigValueFromTomlFile(
+  filePath: string,
+  key: string,
+): string | undefined {
+  if (!fs.existsSync(filePath) || !filePath.endsWith(".toml")) {
+    return undefined;
+  }
+  const fileContent = fs.readFileSync(filePath, "utf-8");
+
+  if (filePath.endsWith("pyproject.toml")) {
+    const tomlContent = toml.parse(fileContent) as {
+      tool?: { uv?: Record<string, string | undefined> };
+    };
+    return tomlContent?.tool?.uv?.[key];
+  }
+  const tomlContent = toml.parse(fileContent) as Record<
+    string,
+    string | undefined
+  >;
+  return tomlContent[key];
+}

src/utils/constants.ts

@@ -1,3 +1,5 @@
 export const REPO = "uv";
 export const OWNER = "astral-sh";
 export const TOOL_CACHE_NAME = "uv";
+export const STATE_UV_PATH = "uv-path";
+export const STATE_UV_VERSION = "uv-version";

src/utils/fetch.ts

@@ -0,0 +1,21 @@
+import { ProxyAgent, type RequestInit, fetch as undiciFetch } from "undici";
+
+export function getProxyAgent() {
+  const httpProxy = process.env.HTTP_PROXY || process.env.http_proxy;
+  if (httpProxy) {
+    return new ProxyAgent(httpProxy);
+  }
+
+  const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
+  if (httpsProxy) {
+    return new ProxyAgent(httpsProxy);
+  }
+
+  return undefined;
+}
+
+export const fetch = async (url: string, opts: RequestInit) =>
+  await undiciFetch(url, {
+    dispatcher: getProxyAgent(),
+    ...opts,
+  });

src/utils/inputs.ts

@@ -1,23 +1,55 @@
-import * as core from "@actions/core";
 import path from "node:path";
+import * as core from "@actions/core";
+import { getConfigValueFromTomlFile } from "./config-file";
 
+export const workingDirectory = core.getInput("working-directory");
 export const version = core.getInput("version");
+export const versionFile = getVersionFile();
+export const pythonVersion = core.getInput("python-version");
+export const activateEnvironment = core.getBooleanInput("activate-environment");
 export const checkSum = core.getInput("checksum");
-export const enableCache = core.getInput("enable-cache") === "true";
+export const enableCache = getEnableCache();
+export const restoreCache = core.getInput("restore-cache") === "true";
+export const saveCache = core.getInput("save-cache") === "true";
 export const cacheSuffix = core.getInput("cache-suffix") || "";
 export const cacheLocalPath = getCacheLocalPath();
-export const cacheDependencyGlob = core.getInput("cache-dependency-glob");
+export const cacheDependencyGlob = getCacheDependencyGlob();
 export const pruneCache = core.getInput("prune-cache") === "true";
+export const cachePython = core.getInput("cache-python") === "true";
 export const ignoreNothingToCache =
   core.getInput("ignore-nothing-to-cache") === "true";
+export const ignoreEmptyWorkdir =
+  core.getInput("ignore-empty-workdir") === "true";
 export const toolBinDir = getToolBinDir();
 export const toolDir = getToolDir();
+export const pythonDir = getUvPythonDir();
 export const githubToken = core.getInput("github-token");
+export const manifestFile = getManifestFile();
+export const addProblemMatchers =
+  core.getInput("add-problem-matchers") === "true";
+
+function getVersionFile(): string {
+  const versionFileInput = core.getInput("version-file");
+  if (versionFileInput !== "") {
+    const tildeExpanded = expandTilde(versionFileInput);
+    return resolveRelativePath(tildeExpanded);
+  }
+  return versionFileInput;
+}
+
+function getEnableCache(): boolean {
+  const enableCacheInput = core.getInput("enable-cache");
+  if (enableCacheInput === "auto") {
+    return process.env.RUNNER_ENVIRONMENT === "github-hosted";
+  }
+  return enableCacheInput === "true";
+}
 
 function getToolBinDir(): string | undefined {
   const toolBinDirInput = core.getInput("tool-bin-dir");
   if (toolBinDirInput !== "") {
-    return expandTilde(toolBinDirInput);
+    const tildeExpanded = expandTilde(toolBinDirInput);
+    return resolveRelativePath(tildeExpanded);
   }
   if (process.platform === "win32") {
     if (process.env.RUNNER_TEMP !== undefined) {
@@ -33,7 +65,8 @@ function getToolBinDir(): string | undefined {
 function getToolDir(): string | undefined {
   const toolDirInput = core.getInput("tool-dir");
   if (toolDirInput !== "") {
-    return expandTilde(toolDirInput);
+    const tildeExpanded = expandTilde(toolDirInput);
+    return resolveRelativePath(tildeExpanded);
   }
   if (process.platform === "win32") {
     if (process.env.RUNNER_TEMP !== undefined) {
@@ -49,19 +82,107 @@ function getToolDir(): string | undefined {
 function getCacheLocalPath(): string {
   const cacheLocalPathInput = core.getInput("cache-local-path");
   if (cacheLocalPathInput !== "") {
-    return expandTilde(cacheLocalPathInput);
+    const tildeExpanded = expandTilde(cacheLocalPathInput);
+    return resolveRelativePath(tildeExpanded);
+  }
+  const cacheDirFromConfig = getCacheDirFromConfig();
+  if (cacheDirFromConfig !== undefined) {
+    return cacheDirFromConfig;
+  }
+  if (process.env.UV_CACHE_DIR !== undefined) {
+    core.info(`UV_CACHE_DIR is already set to ${process.env.UV_CACHE_DIR}`);
+    return process.env.UV_CACHE_DIR;
+  }
+  if (process.env.RUNNER_ENVIRONMENT === "github-hosted") {
+    if (process.env.RUNNER_TEMP !== undefined) {
+      return `${process.env.RUNNER_TEMP}${path.sep}setup-uv-cache`;
+    }
+    throw Error(
+      "Could not determine UV_CACHE_DIR. Please make sure RUNNER_TEMP is set or provide the cache-local-path input",
+    );
+  }
+  if (process.platform === "win32") {
+    return `${process.env.APPDATA}${path.sep}uv${path.sep}cache`;
+  }
+  return `${process.env.HOME}${path.sep}.cache${path.sep}uv`;
+}
+
+function getCacheDirFromConfig(): string | undefined {
+  for (const filePath of [versionFile, "uv.toml", "pyproject.toml"]) {
+    const resolvedPath = resolveRelativePath(filePath);
+    try {
+      const cacheDir = getConfigValueFromTomlFile(resolvedPath, "cache-dir");
+      if (cacheDir !== undefined) {
+        core.info(`Found cache-dir in ${resolvedPath}: ${cacheDir}`);
+        return cacheDir;
+      }
+    } catch (err) {
+      const message = (err as Error).message;
+      core.warning(`Error while parsing ${filePath}: ${message}`);
+      return undefined;
+    }
+  }
+  return undefined;
+}
+
+export function getUvPythonDir(): string {
+  if (process.env.UV_PYTHON_INSTALL_DIR !== undefined) {
+    core.info(
+      `UV_PYTHON_INSTALL_DIR is already set to  ${process.env.UV_PYTHON_INSTALL_DIR}`,
+    );
+    return process.env.UV_PYTHON_INSTALL_DIR;
+  }
+  if (process.env.RUNNER_ENVIRONMENT !== "github-hosted") {
+    if (process.platform === "win32") {
+      return `${process.env.APPDATA}${path.sep}uv${path.sep}python`;
+    } else {
+      return `${process.env.HOME}${path.sep}.local${path.sep}share${path.sep}uv${path.sep}python`;
+    }
   }
   if (process.env.RUNNER_TEMP !== undefined) {
-    return `${process.env.RUNNER_TEMP}${path.sep}setup-uv-cache`;
+    return `${process.env.RUNNER_TEMP}${path.sep}uv-python-dir`;
   }
   throw Error(
-    "Could not determine UV_CACHE_DIR. Please make sure RUNNER_TEMP is set or provide the cache-local-path input",
+    "Could not determine UV_PYTHON_INSTALL_DIR. Please make sure RUNNER_TEMP is set or provide the UV_PYTHON_INSTALL_DIR environment variable",
   );
 }
 
+function getCacheDependencyGlob(): string {
+  const cacheDependencyGlobInput = core.getInput("cache-dependency-glob");
+  if (cacheDependencyGlobInput !== "") {
+    return cacheDependencyGlobInput
+      .split("\n")
+      .map((part) => part.trim())
+      .map((part) => expandTilde(part))
+      .map((part) => resolveRelativePath(part))
+      .join("\n");
+  }
+  return cacheDependencyGlobInput;
+}
+
 function expandTilde(input: string): string {
   if (input.startsWith("~")) {
     return `${process.env.HOME}${input.substring(1)}`;
   }
   return input;
 }
+
+function resolveRelativePath(inputPath: string): string {
+  const hasNegation = inputPath.startsWith("!");
+  const pathWithoutNegation = hasNegation ? inputPath.substring(1) : inputPath;
+
+  const resolvedPath = path.resolve(workingDirectory, pathWithoutNegation);
+
+  core.debug(
+    `Resolving relative path ${inputPath} to ${hasNegation ? "!" : ""}${resolvedPath}`,
+  );
+  return hasNegation ? `!${resolvedPath}` : resolvedPath;
+}
+
+function getManifestFile(): string | undefined {
+  const manifestFileInput = core.getInput("manifest-file");
+  if (manifestFileInput !== "") {
+    return manifestFileInput;
+  }
+  return undefined;
+}

src/utils/octokit.ts

@@ -0,0 +1,34 @@
+import type { OctokitOptions } from "@octokit/core";
+import { Octokit as Core } from "@octokit/core";
+import {
+  type PaginateInterface,
+  paginateRest,
+} from "@octokit/plugin-paginate-rest";
+import { legacyRestEndpointMethods } from "@octokit/plugin-rest-endpoint-methods";
+import { fetch as customFetch } from "./fetch";
+
+export type { RestEndpointMethodTypes } from "@octokit/plugin-rest-endpoint-methods";
+
+const DEFAULTS = {
+  baseUrl: "https://api.github.com",
+  userAgent: "setup-uv",
+};
+
+const OctokitWithPlugins = Core.plugin(paginateRest, legacyRestEndpointMethods);
+
+export const Octokit = OctokitWithPlugins.defaults(function buildDefaults(
+  options: OctokitOptions,
+): OctokitOptions {
+  return {
+    ...DEFAULTS,
+    ...options,
+    request: {
+      fetch: customFetch,
+      ...options.request,
+    },
+  };
+});
+
+export type Octokit = InstanceType<typeof OctokitWithPlugins> & {
+  paginate: PaginateInterface;
+};

src/utils/platforms.ts

@@ -1,17 +1,26 @@
+import * as core from "@actions/core";
+import * as exec from "@actions/exec";
 export type Platform =
   | "unknown-linux-gnu"
   | "unknown-linux-musl"
   | "unknown-linux-musleabihf"
   | "apple-darwin"
   | "pc-windows-msvc";
-export type Architecture = "i686" | "x86_64" | "aarch64";
+export type Architecture =
+  | "i686"
+  | "x86_64"
+  | "aarch64"
+  | "s390x"
+  | "powerpc64le";
 
 export function getArch(): Architecture | undefined {
   const arch = process.arch;
   const archMapping: { [key: string]: Architecture } = {
-    ia32: "i686",
-    x64: "x86_64",
     arm64: "aarch64",
+    ia32: "i686",
+    ppc64: "powerpc64le",
+    s390x: "s390x",
+    x64: "x86_64",
   };
 
   if (arch in archMapping) {
@@ -19,15 +28,49 @@ export function getArch(): Architecture | undefined {
   }
 }
 
-export function getPlatform(): Platform | undefined {
-  const platform = process.platform;
+export async function getPlatform(): Promise<Platform | undefined> {
+  const processPlatform = process.platform;
   const platformMapping: { [key: string]: Platform } = {
-    linux: "unknown-linux-gnu",
     darwin: "apple-darwin",
+    linux: "unknown-linux-gnu",
     win32: "pc-windows-msvc",
   };
 
-  if (platform in platformMapping) {
-    return platformMapping[platform];
+  if (processPlatform in platformMapping) {
+    const platform = platformMapping[processPlatform];
+    if (platform === "unknown-linux-gnu") {
+      const isMusl = await isMuslOs();
+      return isMusl ? "unknown-linux-musl" : platform;
+    }
+    return platform;
+  }
+}
+
+async function isMuslOs(): Promise<boolean> {
+  let stdOutput = "";
+  let errOutput = "";
+  const options: exec.ExecOptions = {
+    ignoreReturnCode: true,
+    listeners: {
+      stderr: (data: Buffer) => {
+        errOutput += data.toString();
+      },
+      stdout: (data: Buffer) => {
+        stdOutput += data.toString();
+      },
+    },
+    silent: !core.isDebug(),
+  };
+
+  try {
+    const execArgs = ["--version"];
+    await exec.exec("ldd", execArgs, options);
+    return stdOutput.includes("musl") || errOutput.includes("musl");
+  } catch (error) {
+    const err = error as Error;
+    core.warning(
+      `Failed to determine glibc or musl. Falling back to glibc. Error: ${err.message}`,
+    );
+    return false;
   }
 }

src/version/requirements-file.ts

@@ -0,0 +1,43 @@
+import fs from "node:fs";
+import * as toml from "smol-toml";
+
+export function getUvVersionFromRequirementsFile(
+  filePath: string,
+): string | undefined {
+  const fileContent = fs.readFileSync(filePath, "utf-8");
+  if (filePath.endsWith(".txt")) {
+    return getUvVersionFromAllDependencies(fileContent.split("\n"));
+  }
+  const dependencies = parsePyprojectDependencies(fileContent);
+  return getUvVersionFromAllDependencies(dependencies);
+}
+function getUvVersionFromAllDependencies(
+  allDependencies: string[],
+): string | undefined {
+  return allDependencies
+    .find((dep: string) => dep.match(/^uv[=<>~!]/))
+    ?.match(/^uv([=<>~!]+\S*)/)?.[1]
+    .trim();
+}
+
+interface Pyproject {
+  project?: {
+    dependencies?: string[];
+    "optional-dependencies"?: Record<string, string[]>;
+  };
+  "dependency-groups"?: Record<string, Array<string | object>>;
+}
+
+function parsePyprojectDependencies(pyprojectContent: string): string[] {
+  const pyproject: Pyproject = toml.parse(pyprojectContent);
+  const dependencies: string[] = pyproject?.project?.dependencies || [];
+  const optionalDependencies: string[] = Object.values(
+    pyproject?.project?.["optional-dependencies"] || {},
+  ).flat();
+  const devDependencies: string[] = Object.values(
+    pyproject?.["dependency-groups"] || {},
+  )
+    .flat()
+    .filter((item: string | object) => typeof item === "string");
+  return dependencies.concat(optionalDependencies, devDependencies);
+}

src/version/resolve.ts

@@ -0,0 +1,34 @@
+import fs from "node:fs";
+import * as core from "@actions/core";
+import { getConfigValueFromTomlFile } from "../utils/config-file";
+import { getUvVersionFromRequirementsFile } from "./requirements-file";
+import { getUvVersionFromToolVersions } from "./tool-versions-file";
+
+export function getUvVersionFromFile(filePath: string): string | undefined {
+  core.info(`Trying to find version for uv in: ${filePath}`);
+  if (!fs.existsSync(filePath)) {
+    core.info(`Could not find file: ${filePath}`);
+    return undefined;
+  }
+  let uvVersion: string | undefined;
+  try {
+    uvVersion = getUvVersionFromToolVersions(filePath);
+    if (uvVersion === undefined) {
+      uvVersion = getConfigValueFromTomlFile(filePath, "required-version");
+    }
+    if (uvVersion === undefined) {
+      uvVersion = getUvVersionFromRequirementsFile(filePath);
+    }
+  } catch (err) {
+    const message = (err as Error).message;
+    core.warning(`Error while parsing ${filePath}: ${message}`);
+    return undefined;
+  }
+  if (uvVersion?.startsWith("==")) {
+    uvVersion = uvVersion.slice(2);
+  }
+  if (uvVersion !== undefined) {
+    core.info(`Found version for uv in ${filePath}: ${uvVersion}`);
+  }
+  return uvVersion;
+}

src/version/tool-versions-file.ts

@@ -0,0 +1,31 @@
+import fs from "node:fs";
+import * as core from "@actions/core";
+
+export function getUvVersionFromToolVersions(
+  filePath: string,
+): string | undefined {
+  if (!filePath.endsWith(".tool-versions")) {
+    return undefined;
+  }
+  const fileContents = fs.readFileSync(filePath, "utf8");
+  const lines = fileContents.split("\n");
+
+  for (const line of lines) {
+    // Skip commented lines
+    if (line.trim().startsWith("#")) {
+      continue;
+    }
+    const match = line.match(/^\s*uv\s*v?\s*(?<version>[^\s]+)\s*$/);
+    if (match) {
+      const matchedVersion = match.groups?.version.trim();
+      if (matchedVersion?.startsWith("ref")) {
+        core.warning(
+          "The ref syntax of .tool-versions is not supported. Please use a released version instead.",
+        );
+        return undefined;
+      }
+      return matchedVersion;
+    }
+  }
+  return undefined;
+}

tsconfig.json

@@ -1,12 +1,12 @@
 {
   "compilerOptions": {
-    "target": "es6" /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019' or 'ESNEXT'. */,
-    "module": "commonjs" /* Specify module code generation: 'none', 'commonjs', 'amd', 'system', 'umd', 'es2015', or 'ESNext'. */,
+    "esModuleInterop": true /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */,
+    "module": "nodenext" /* Specify module code generation: 'none', 'commonjs', 'amd', 'system', 'umd', 'es2015', or 'ESNext'. */,
+    "noImplicitAny": true /* Raise error on expressions and declarations with an implied 'any' type. */,
     "outDir": "./lib" /* Redirect output structure to the directory. */,
     "rootDir": "./src" /* Specify the root directory of input files. Use to control the output directory structure with --outDir. */,
     "strict": true /* Enable all strict type-checking options. */,
-    "noImplicitAny": true /* Raise error on expressions and declarations with an implied 'any' type. */,
-    "esModuleInterop": true /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */
+    "target": "ES2024" /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019' or 'ESNEXT'. */
   },
   "exclude": ["node_modules", "**/*.test.ts"]
 }