Add comprehensive Copilot instructions for setup-uv repository

Co-authored-by: eifinger <1481961+eifinger@users.noreply.github.com>
Initial plan
2025-10-11 17:04:06 +00:00 · 2025-10-11 16:54:48 +00:00 · 2025-10-11 18:42:06 +02:00 · 2025-10-11 15:17:25 +02:00 · 2025-10-10 17:11:01 -04:00 · 2025-10-10 17:24:01 +02:00
109 changed files with 213417 additions and 123706 deletions
@@ -0,0 +1,20 @@
+# Check http://editorconfig.org for more information
+# This is the main config file for this project:
+root = true
+
+[*]
+charset = utf-8
+trim_trailing_whitespace = true
+end_of_line = lf
+indent_style = space
+insert_final_newline = true
+indent_size = 2
+
+[*.{rs,py,pyi}]
+indent_size = 4
+
+[*.snap]
+trim_trailing_whitespace = false
+
+[*.md]
+max_line_length = 100
@@ -1,4 +0,0 @@
-dist/
-lib/
-node_modules/
-jest.config.js
@@ -1,57 +0,0 @@
-{
-    "plugins": ["jest", "@typescript-eslint"],
-    "extends": ["plugin:github/recommended"],
-    "parser": "@typescript-eslint/parser",
-    "parserOptions": {
-      "ecmaVersion": 9,
-      "sourceType": "module",
-      "project": "./tsconfig.json"
-    },
-    "rules": {
-      "no-shadow": "off",
-      "@typescript-eslint/no-shadow": ["error"],
-      "i18n-text/no-en": "off",
-      "eslint-comments/no-use": "off",
-      "import/no-namespace": "off",
-      "no-unused-vars": "off",
-      "@typescript-eslint/no-unused-vars": "error",
-      "@typescript-eslint/explicit-member-accessibility": ["error", {"accessibility": "no-public"}],
-      "@typescript-eslint/no-require-imports": "error",
-      "@typescript-eslint/array-type": "error",
-      "@typescript-eslint/await-thenable": "error",
-      "@typescript-eslint/ban-ts-comment": "error",
-      "camelcase": "off",
-      "@typescript-eslint/consistent-type-assertions": "error",
-      "@typescript-eslint/explicit-function-return-type": ["error", {"allowExpressions": true}],
-      "@typescript-eslint/func-call-spacing": ["error", "never"],
-      "@typescript-eslint/no-array-constructor": "error",
-      "@typescript-eslint/no-empty-interface": "error",
-      "@typescript-eslint/no-explicit-any": "error",
-      "@typescript-eslint/no-extraneous-class": "error",
-      "@typescript-eslint/no-for-in-array": "error",
-      "@typescript-eslint/no-inferrable-types": "error",
-      "@typescript-eslint/no-misused-new": "error",
-      "@typescript-eslint/no-namespace": "error",
-      "@typescript-eslint/no-non-null-assertion": "warn",
-      "@typescript-eslint/no-unnecessary-qualifier": "error",
-      "@typescript-eslint/no-unnecessary-type-assertion": "error",
-      "@typescript-eslint/no-useless-constructor": "error",
-      "@typescript-eslint/no-var-requires": "error",
-      "@typescript-eslint/prefer-for-of": "warn",
-      "@typescript-eslint/prefer-function-type": "warn",
-      "@typescript-eslint/prefer-includes": "error",
-      "@typescript-eslint/prefer-string-starts-ends-with": "error",
-      "@typescript-eslint/promise-function-async": "error",
-      "@typescript-eslint/require-array-sort-compare": "error",
-      "@typescript-eslint/restrict-plus-operands": "error",
-      "semi": "off",
-      "@typescript-eslint/semi": ["error", "never"],
-      "@typescript-eslint/type-annotation-spacing": "error",
-      "@typescript-eslint/unbound-method": "error"
-    },
-    "env": {
-      "node": true,
-      "es6": true,
-      "jest/globals": true
-    }
-  }
@@ -1,2 +1,2 @@
 * text=auto eol=lf
-dist/** -diff linguist-generated=true 
+dist/** -diff linguist-generated=true
@@ -0,0 +1,13 @@
+self-hosted-runner:
+  # Custom labels of self-hosted or large GitHub hosted runners
+  # so that actionlint knows that they are not a typo
+  labels:
+    - selfhosted-ubuntu-arm64
+# Configuration variables in array of strings defined in your repository or
+# organization. `null` means disabling configuration variables check.
+# Empty array means no configuration variable is allowed.
+config-variables: null
+paths:
+  .github/workflows/test.yml:
+    ignore:
+      - 'invalid runner name.+'
@@ -0,0 +1,225 @@
+# Copilot Instructions for setup-uv
+
+This document provides essential information for GitHub Copilot coding agents working on the `astral-sh/setup-uv` repository.
+
+## Repository Overview
+
+**setup-uv** is a GitHub Action that sets up the [uv](https://docs.astral.sh/uv/) Python package installer in GitHub Actions workflows. It's a TypeScript-based action that downloads uv binaries, manages caching, handles version resolution, and configures the environment for subsequent workflow steps.
+
+### Key Features
+- Downloads and installs specific uv versions from GitHub releases
+- Supports version resolution from config files (pyproject.toml, uv.toml, .tool-versions)
+- Implements intelligent caching for both uv cache and Python installations
+- Provides cross-platform support (Linux, macOS, Windows, including ARM architectures)
+- Includes problem matchers for Python error reporting
+- Supports environment activation and custom tool directories
+
+## Repository Structure
+
+**Size**: Small-medium repository (~50 source files, ~400 total files including dependencies)
+**Languages**: TypeScript (primary), JavaScript (compiled output), JSON (configuration)
+**Runtime**: Node.js 24 (GitHub Actions runtime)
+**Key Dependencies**: @actions/core, @actions/cache, @actions/tool-cache, @octokit/core
+
+### Core Architecture
+```
+src/
+├── setup-uv.ts          # Main entry point and orchestration
+├── save-cache.ts        # Post-action cache saving logic
+├── update-known-versions.ts  # Maintenance script for version updates
+├── cache/               # Cache management functionality
+├── download/            # Version resolution and binary downloading
+├── utils/               # Input parsing, platform detection, configuration
+└── version/             # Version resolution from various file formats
+```
+
+### Key Files and Locations
+- **Action Definition**: `action.yml` - Defines all inputs/outputs and entry points
+- **Main Source**: `src/setup-uv.ts` - Primary action logic
+- **Configuration**: `biome.json` (linting), `tsconfig.json` (TypeScript), `jest.config.js` (testing)
+- **Compiled Output**: `dist/` - Contains compiled Node.js bundles (auto-generated, committed)
+- **Test Fixtures**: `__tests__/fixtures/` - Sample projects for different configuration scenarios
+- **Workflows**: `.github/workflows/test.yml` - Comprehensive CI/CD pipeline
+
+## Build and Development Process
+
+### Prerequisites
+- Node.js 24+ (matches GitHub Actions runtime)
+- npm (included with Node.js)
+
+### Essential Commands (ALWAYS run in this order)
+
+#### 1. Install Dependencies
+```bash
+npm install
+```
+**Timing**: ~20-30 seconds  
+**Note**: Always run this first after cloning or when package.json changes
+
+#### 2. Build TypeScript
+```bash
+npm run build
+```
+**Timing**: ~5-10 seconds  
+**Purpose**: Compiles TypeScript source to JavaScript in `lib/` directory
+
+#### 3. Lint and Format Code
+```bash
+npm run check
+```
+**Timing**: ~2-5 seconds  
+**Tool**: Biome (replaces ESLint/Prettier)  
+**Auto-fixes**: Formatting, import organization, basic linting issues
+
+#### 4. Package for Distribution
+```bash
+npm run package
+```
+**Timing**: ~20-30 seconds  
+**Purpose**: Creates bundled distributions in `dist/` using @vercel/ncc  
+**Critical**: This step MUST be run before committing - the `dist/` files are used by GitHub Actions
+
+#### 5. Run Tests
+```bash
+npm test
+```
+**Timing**: ~10-15 seconds  
+**Framework**: Jest with TypeScript support  
+**Coverage**: Unit tests for version resolution, input parsing, checksum validation
+
+#### 6. Complete Validation (Recommended)
+```bash
+npm run all
+```
+**Timing**: ~60-90 seconds  
+**Purpose**: Runs build → check → package → test in sequence  
+**Use**: Before making pull requests or when unsure about build state
+
+### Important Build Notes
+
+**CRITICAL**: Always run `npm run package` after making code changes. The `dist/` directory contains the compiled bundles that GitHub Actions actually executes. Forgetting this step will cause your changes to have no effect.
+
+**TypeScript Warnings**: You may see ts-jest warnings about "isolatedModules" - these are harmless and don't affect functionality.
+
+**Biome**: This project uses Biome instead of ESLint/Prettier. Run `npm run check` to fix formatting and linting issues automatically.
+
+## Testing Strategy
+
+### Unit Tests
+- **Location**: `__tests__/` directory
+- **Framework**: Jest with ts-jest transformer
+- **Coverage**: Version resolution, input parsing, checksum validation, utility functions
+
+### Integration Tests
+- **Location**: `.github/workflows/test.yml` 
+- **Scope**: Full end-to-end testing across multiple platforms and scenarios
+- **Key Test Categories**:
+  - Version installation (specific, latest, semver ranges)
+  - Cache behavior (setup, restore, invalidation)
+  - Cross-platform compatibility (Ubuntu, macOS, Windows, ARM)
+  - Configuration file parsing (pyproject.toml, uv.toml, requirements.txt)
+  - Error handling and edge cases
+
+### Test Fixtures
+Located in `__tests__/fixtures/`, these provide sample projects with different configurations:
+- `pyproject-toml-project/` - Standard Python project with uv version specification
+- `uv-toml-project/` - Project using uv.toml configuration
+- `requirements-txt-project/` - Legacy requirements.txt format
+- `cache-dir-defined-project/` - Custom cache directory configuration
+
+## Continuous Integration
+
+### GitHub Workflows
+
+#### Primary Test Suite (`.github/workflows/test.yml`)
+- **Triggers**: PRs, pushes to main, manual dispatch
+- **Matrix**: Multiple OS (Ubuntu, macOS, Windows), architecture (x64, ARM), and configuration combinations
+- **Duration**: ~20-30 minutes for full matrix
+- **Key Validations**:
+  - Cross-platform installation and functionality
+  - Cache behavior and performance
+  - Version resolution from various sources
+  - Tool directory configurations
+  - Problem matcher functionality
+
+#### Maintenance Workflows
+- **CodeQL Analysis**: Security scanning on pushes/PRs
+- **Update Known Versions**: Daily job to sync with latest uv releases
+- **Dependabot**: Automated dependency updates
+
+### Pre-commit Validation
+The CI runs these checks that you should run locally:
+1. `npm run all` - Complete build and test suite
+2. ActionLint - GitHub Actions workflow validation
+3. Change detection - Ensures no uncommitted build artifacts
+
+## Key Configuration Files
+
+### Action Configuration (`action.yml`)
+Defines 20+ inputs including version specifications, cache settings, tool directories, and environment options. This file is the authoritative source for understanding available action parameters.
+
+### TypeScript Configuration (`tsconfig.json`)
+- Target: ES2024
+- Module: nodenext (Node.js modules)
+- Strict mode enabled
+- Output directory: `lib/`
+
+### Linting Configuration (`biome.json`)
+- Formatter and linter combined
+- Enforces consistent code style
+- Automatically organizes imports and sorts object keys
+
+## Common Development Patterns
+
+### Making Code Changes
+1. Edit TypeScript source files in `src/`
+2. Run `npm run build` to compile
+3. Run `npm run check` to format and lint
+4. Run `npm run package` to update distribution bundles
+5. Run `npm test` to verify functionality
+6. Commit all changes including `dist/` files
+
+### Adding New Features
+- Follow existing patterns in `src/utils/inputs.ts` for new action inputs
+- Update `action.yml` to declare new inputs/outputs
+- Add corresponding tests in `__tests__/`
+- Update README.md with usage examples
+
+### Cache-Related Changes
+- Cache logic is complex and affects performance significantly
+- Test with multiple cache scenarios (hit, miss, invalidation)
+- Consider impact on both GitHub-hosted and self-hosted runners
+- Validate cache key generation and dependency detection
+
+### Version Resolution Changes
+- Version resolution supports multiple file formats and precedence rules
+- Test with fixtures in `__tests__/fixtures/`
+- Consider backward compatibility with existing projects
+- Validate semver and PEP 440 specification handling
+
+## Troubleshooting
+
+### Build Failures
+- **"Module not found"**: Run `npm install` to ensure dependencies are installed
+- **TypeScript errors**: Check `tsconfig.json` and ensure all imports are valid
+- **Test failures**: Check if test fixtures have been modified or if logic changes broke assumptions
+
+### Action Failures in Workflows
+- **Changes not taking effect**: Ensure `npm run package` was run and `dist/` files committed
+- **Version resolution issues**: Check version specification format and file existence
+- **Cache problems**: Verify cache key generation and dependency glob patterns
+
+### Common Gotchas
+- **Forgetting to package**: Code changes won't work without running `npm run package`
+- **Platform differences**: Windows paths use backslashes, test cross-platform behavior
+- **Cache invalidation**: Cache keys are sensitive to dependency file changes
+- **Tool directory permissions**: Some platforms require specific directory setups
+
+## Trust These Instructions
+
+These instructions are comprehensive and current. Only search for additional information if:
+- You encounter specific error messages not covered here
+- You need to understand implementation details of specific functions
+- The instructions appear outdated (check repository commit history)
+
+For most development tasks, following the build process and development patterns outlined above will be sufficient.
@@ -1,18 +1,18 @@
 {
-    "problemMatcher": [
+  "problemMatcher": [
+    {
+      "owner": "python",
+      "pattern": [
        {
-            "owner": "python",
-            "pattern": [
-                {
-                    "regexp": "^\\s*File\\s\\\"(.*)\\\",\\sline\\s(\\d+),\\sin\\s(.*)$",
-                    "file": 1,
-                    "line": 2
-                },
-                {
-                    "regexp": "^\\s*raise\\s(.*)\\(\\'(.*)\\'\\)$",
-                    "message": 2
-                }
-            ]
+          "file": 1,
+          "line": 2,
+          "regexp": "^\\s*File\\s\\\"(.*)\\\",\\sline\\s(\\d+),\\sin\\s(.*)$"
+        },
+        {
+          "message": 2,
+          "regexp": "^\\s*raise\\s(.*)\\(\\'(.*)\\'\\)$"
        }
-    ]
-}
+      ]
+    }
+  ]
+}
@@ -1,5 +1,5 @@
-name-template: 'v$RESOLVED_VERSION 🌈'
-tag-template: 'v$RESOLVED_VERSION'
+name-template: "v$RESOLVED_VERSION 🌈"
+tag-template: "v$RESOLVED_VERSION"
 categories:
  - title: "🚨 Breaking changes"
    labels:
@@ -19,30 +19,32 @@ categories:
    labels:
      - "maintenance"
      - "ci"
+      - "update-known-versions"
  - title: "📚 Documentation"
    labels:
      - "documentation"
  - title: "⬆️ Dependency updates"
    labels:
      - "dependencies"
-change-template: '- $TITLE @$AUTHOR (#$NUMBER)'
+change-template: "- $TITLE @$AUTHOR (#$NUMBER)"
 change-title-escapes: '\<*_&' # You can add # and @ to disable mentions, and add ` to disable code blocks.
 version-resolver:
  major:
    labels:
-      - 'major'
-      - 'breaking-change'
+      - "major"
+      - "breaking-change"
  minor:
    labels:
-      - 'minor'
-      - 'new-feature'
-      - 'enhancement'
+      - "minor"
+      - "new-feature"
+      - "enhancement"
  patch:
    labels:
-      - 'patch'
-      - 'bugfix'
+      - "patch"
+      - "bugfix"
+      - "default-version-update"
  default: patch
 template: |
  ## Changes

-  $CHANGES
+  $CHANGES
@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+var fs = require("node:fs");
+var yaml = require("js-yaml");
+var workflow = yaml.load(fs.readFileSync("../workflows/test.yml", "utf8"));
+var jobs = Object.keys(workflow.jobs);
+var allTestsPassed = workflow.jobs["all-tests-passed"];
+var needs = allTestsPassed.needs || [];
+var expectedNeeds = jobs.filter(function (j) { return j !== "all-tests-passed"; });
+var missing = expectedNeeds.filter(function (j) { return !needs.includes(j); });
+if (missing.length > 0) {
+    console.error("Missing jobs in all-tests-passed needs: ".concat(missing.join(", ")));
+    console.info("Please add the missing jobs to the needs section of all-tests-passed in test.yml.");
+    process.exit(1);
+}
+console.log("All jobs in test.yml are in the needs section of all-tests-passed.");
@@ -0,0 +1,35 @@
+import * as fs from "node:fs";
+import * as yaml from "js-yaml";
+
+interface WorkflowJob {
+  needs?: string[];
+  [key: string]: unknown;
+}
+
+interface Workflow {
+  jobs: Record<string, WorkflowJob>;
+  [key: string]: unknown;
+}
+
+const workflow = yaml.load(
+  fs.readFileSync("../workflows/test.yml", "utf8"),
+) as Workflow;
+const jobs = Object.keys(workflow.jobs);
+const allTestsPassed = workflow.jobs["all-tests-passed"];
+const needs: string[] = allTestsPassed.needs || [];
+
+const expectedNeeds = jobs.filter((j) => j !== "all-tests-passed");
+const missing = expectedNeeds.filter((j) => !needs.includes(j));
+
+if (missing.length > 0) {
+  console.error(
+    `Missing jobs in all-tests-passed needs: ${missing.join(", ")}`,
+  );
+  console.info(
+    "Please add the missing jobs to the needs section of all-tests-passed in test.yml.",
+  );
+  process.exit(1);
+}
+console.log(
+  "All jobs in test.yml are in the needs section of all-tests-passed.",
+);
@@ -1,53 +0,0 @@
-# `dist/index.js` is a special file in Actions.
-# When you reference an action with `uses:` in a workflow,
-# `index.js` is the code that will run.
-# For our project, we generate this file through a build process from other source files.
-# We need to make sure the checked-in `index.js` actually matches what we expect it to be.
-name: Check dist/
-
-on:
-  push:
-    branches:
-      - main
-    paths-ignore:
-      - '**.md'
-  pull_request:
-    paths-ignore:
-      - '**.md'
-  workflow_dispatch:
-
-jobs:
-  check-dist:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Set up Node.js 20
-        uses: actions/setup-node@v4
-        with:
-          node-version: 20
-
-      - name: Install dependencies
-        run: npm ci
-
-      - name: Rebuild the dist/ directory
-        run: |
-          npm run build
-          npm run package
-
-      - name: Compare the expected and actual dist/ directories
-        run: |
-          if [ "$(git diff --ignore-space-at-eol dist/ | wc -l)" -gt "0" ]; then
-            echo "Detected uncommitted changes after build.  See status below:"
-            git diff --text -v
-            exit 1
-          fi
-        id: diff
-
-      # If index.js was different than expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@v4
-        if: ${{ failure() && steps.diff.conclusion == 'failure' }}
-        with:
-          name: dist
-          path: dist/
@@ -12,13 +12,16 @@
 name: "CodeQL"

 on:
+  workflow_dispatch:
  push:
-    branches: [ main ]
+    branches:
+      - main
  pull_request:
    # The branches below must be a subset of the branches above
-    branches: [ main ]
-  schedule:
-    - cron: '31 7 * * 3'
+    branches:
+      - main
+
+permissions: {}

 jobs:
  analyze:
@@ -32,40 +35,42 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        language: [ 'TypeScript' ]
+        language: ["TypeScript"]
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Learn more about CodeQL language support at https://git.io/codeql-language-support

    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
+      - name: Checkout repository
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: false

-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: ${{ matrix.language }}
-        source-root: src
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
+        with:
+          languages: ${{ matrix.language }}
+          source-root: src
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main

-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7

-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl

-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language

-    #- run: |
-    #   make bootstrap
-    #   make release
+      #- run: |
+      #   make bootstrap
+      #   make release

-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
@@ -3,17 +3,22 @@ name: Release Drafter

 # yamllint disable-line rule:truthy
 on:
+  workflow_dispatch:
  push:
    branches:
      - main
-  workflow_dispatch:
+
+permissions: {}

 jobs:
  update_release_draft:
    name: ✏️ Draft release
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04-arm
+    permissions:
+      contents: write
+      pull-requests: read
    steps:
      - name: 🚀 Run Release Drafter
-        uses: release-drafter/release-drafter@v6.0.0
+        uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6.1.0
        env:
-            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -1,49 +0,0 @@
-name: 'test-cache-windows'
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  test-setup-cache:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: [windows-latest]
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}
-      - run: uv sync
-        working-directory: __tests__\fixtures\uv-project
-  test-restore-cache:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: [windows-latest]
-    needs: test-setup-cache
-    steps:
-      - uses: actions/checkout@v4
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-            enable-cache: true
-            cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}
-      - name: Cache was hit
-        run: |
-          if ($env:CACHE_HIT -ne "true") {
-            exit 1
-          }
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - run: uv sync
-        working-directory: __tests__\fixtures\uv-project
@@ -1,83 +0,0 @@
-name: 'test-cache'
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  test-setup-cache:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: [ubuntu-latest, macos-latest, macos-14]
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-  test-restore-cache:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: [ubuntu-latest, macos-latest, macos-14]
-    needs: test-setup-cache
-    steps:
-      - uses: actions/checkout@v4
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-            enable-cache: true
-            cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}
-      - name: Cache was hit
-        run: |
-          if [ "$CACHE_HIT" != "true" ]; then
-            exit 1
-          fi
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-
-  test-setup-cache-local:
-    runs-on: oracle-aarch64
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup with cache
-        uses: ./
-        with:
-          enable-cache: true
-          cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}
-          cache-local-path: /tmp/uv-cache
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
-  test-restore-cache-local:
-    runs-on: oracle-aarch64
-    needs: test-setup-cache-local
-    steps:
-      - uses: actions/checkout@v4
-      - name: Restore with cache
-        id: restore
-        uses: ./
-        with:
-            enable-cache: true
-            cache-suffix: ${{ github.run_id }}-${{ github.run_attempt }}
-            cache-local-path: /tmp/uv-cache
-      - name: Cache was hit
-        run: |
-          if [ "$CACHE_HIT" != "true" ]; then
-            exit 1
-          fi
-        env:
-          CACHE_HIT: ${{ steps.restore.outputs.cache-hit }}
-      - run: uv sync
-        working-directory: __tests__/fixtures/uv-project
@@ -1,29 +0,0 @@
-name: 'test-windows'
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  test-default-version:
-    runs-on: windows-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Should not be on path
-        run: |
-          if (!(Get-Command -Name "uv" -ErrorAction SilentlyContinue)) {
-            exit 0
-          } else {
-            exit 1
-          }
-      - name: Setup uv
-        uses: ./
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-      - run: uv sync
-        working-directory: __tests__\fixtures\uv-project
@@ -1,26 +0,0 @@
-name: 'Update default version and checksums'
-on:
-  workflow_dispatch:
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-      - name: Update default version and checksums
-        id: update-default-version
-        run: node dist/update-default-version/index.js src/download/checksum/known-checksums.ts action.yml ${{ secrets.GITHUB_TOKEN }}
-      - run: npm install && npm run all
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c  # v6.1.0
-        with:
-            commit-message: "chore: update checksums"
-            title: "chore: update default version to ${{ steps.update-default-version.outputs.latest-version }}"
-            body: "chore: update default version to ${{ steps.update-default-version.outputs.latest-version }}"
-            base: main
-            labels: "automated-pr,bugfix"
-            branch: update-default-version-pr
-            delete-branch: true
@@ -0,0 +1,70 @@
+name: "Update known versions"
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 4 * * *" # Run every day at 4am UTC
+  repository_dispatch:
+    types: [ pypi_release ]
+
+permissions: {}
+
+jobs:
+  build:
+    runs-on: ubuntu-24.04-arm
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: true
+      - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
+        with:
+          node-version: "20"
+      - name: Update known versions
+        id: update-known-versions
+        run:
+          node dist/update-known-versions/index.js
+          src/download/checksum/known-checksums.ts
+          version-manifest.json
+          ${{ secrets.GITHUB_TOKEN }}
+      - name: Check for changes
+        id: changes-exist
+        run: |
+          git status --porcelain
+          if [ -n "$(git status --porcelain)" ]; then
+              echo "changes-exist=true" >> "$GITHUB_OUTPUT"
+          else
+              echo "changes-exist=false" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Compile changes
+        if: ${{ steps.changes-exist.outputs.changes-exist == 'true' }}
+        run: npm ci && npm run all
+      - name: Commit and push changes
+        if: ${{ steps.changes-exist.outputs.changes-exist == 'true' }}
+        id: commit-and-push
+        continue-on-error: true
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+          git add .
+          git commit -m "chore: update known versions for $LATEST_VERSION"
+          git push origin HEAD:refs/heads/main
+        env:
+          LATEST_VERSION: ${{ steps.update-known-versions.outputs.latest-version }}
+
+      - name: Create Pull Request
+        if: ${{ steps.changes-exist.outputs.changes-exist == 'true' && steps.commit-and-push.outcome != 'success' }}
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
+        with:
+          commit-message: "chore: update known checksums"
+          title:
+            "chore: update known checksums for ${{
+            steps.update-known-versions.outputs.latest-version }}"
+          body:
+            "chore: update known checksums for ${{
+            steps.update-known-versions.outputs.latest-version }}"
+          base: main
+          labels: "automated-pr,update-known-versions"
+          branch: update-known-versions-pr
+          delete-branch: true
@@ -1,19 +1,51 @@
 ---
 name: Update Major Minor Tags

-# yamllint disable-line rule:truthy
 on:
  push:
    branches-ignore:
-      - '**'
+      - "**"
    tags:
-      - 'v*.*.*'
+      - "v*.*.*"
+
+permissions: {}

 jobs:
  update_major_minor_tags:
    name: Make sure major and minor tags are up to date on a patch release
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04-arm
+    permissions:
+      contents: write
    steps:
-      - uses: actions/checkout@v4
-      - name: Run Update semver
-        uses: haya14busa/action-update-semver@v1.2.1
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: true # needed for git push below
+      - name: Update Major Minor Tags
+        run: |
+          set -x
+
+          cd "${GITHUB_WORKSPACE}" || exit
+
+          # Set up variables.
+          TAG="${GITHUB_REF#refs/tags/}" # v1.2.3
+          MINOR="${TAG%.*}"              # v1.2
+          MAJOR="${MINOR%.*}"            # v1
+
+          if [ "${GITHUB_REF}" = "${TAG}" ]; then
+            echo "This workflow is not triggered by tag push: GITHUB_REF=${GITHUB_REF}"
+            exit 1
+          fi
+
+          MESSAGE="Release ${TAG}"
+
+          # Set up Git.
+          git config user.name "${GITHUB_ACTOR}"
+          git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
+
+          # Update MAJOR/MINOR tag
+          git tag -fa "${MAJOR}" -m "${MESSAGE}"
+          git tag -fa "${MINOR}" -m "${MESSAGE}"
+
+          # Push
+          git push --force origin "${MINOR}"
+          git push --force origin "${MAJOR}"
@@ -96,4 +96,7 @@ Thumbs.db

 # Ignore built ts files
 __tests__/runner/*
-lib/**/*
+lib/**/*
+
+# Idea IDEs (PyCharm, WebStorm, IntelliJ, etc)
+.idea/
@@ -1,3 +0,0 @@
-dist/
-lib/
-node_modules/
@@ -1,10 +0,0 @@
-{
-  "printWidth": 80,
-  "tabWidth": 2,
-  "useTabs": false,
-  "semi": false,
-  "singleQuote": true,
-  "trailingComma": "none",
-  "bracketSpacing": false,
-  "arrowParens": "avoid"
-}
@@ -0,0 +1,3 @@
+{
+  "recommendations": ["biomejs.biome"]
+}
@@ -0,0 +1,16 @@
+{
+  "editor.codeActionsOnSave": {
+    "source.action.useSortedAttributes.biome": "explicit",
+    "source.action.useSortedKeys.biome": "explicit",
+    "source.fixAll.biome": "explicit"
+  },
+  "editor.defaultFormatter": "biomejs.biome",
+  "editor.formatOnSave": true,
+  "explorer.excludeGitIgnore": false,
+  "search.defaultViewMode": "list",
+  "search.exclude": {
+    "**/node_modules": true
+  },
+  "typescript.enablePromptUseWorkspaceTsdk": true,
+  "typescript.tsdk": "node_modules/typescript/lib"
+}
@@ -2,92 +2,229 @@

 Set up your GitHub Actions workflow with a specific version of [uv](https://docs.astral.sh/uv/).

-* Install a version of uv and add it to the path
-* Cache the installed version of uv to speed up consecutive runs on self-hosted runners
-* Register problem matchers for error output
-* Optional: Cache the uv cache
-* Optional: Verify the checksum of the downloaded uv executable
+- Install a version of uv and add it to PATH
+- Cache the installed version of uv to speed up consecutive runs on self-hosted runners
+- Register problem matchers for error output
+- (Optional) Persist the uv's cache in the GitHub Actions Cache
+- (Optional) Verify the checksum of the downloaded uv executable

 ## Contents

-* [Usage](#usage)
-  * [Install specific version](#install-specific-version)
-  * [Install latest version](#install-latest-version)
-  * [Validate checksum](#validate-checksum)
-  * [Enable Caching](#enable-caching)
-    * [Local cache path](#local-cache-path)
-    * [Cache dependency glob](#cache-dependency-glob)
-  * [API rate limit](#api-rate-limit)
-* [How it works](#how-it-works)
-* [FAQ](#faq)
+- [Usage](#usage)
+  - [Install a required-version or latest (default)](#install-a-required-version-or-latest-default)
+  - [Install the latest version](#install-the-latest-version)
+  - [Install a specific version](#install-a-specific-version)
+  - [Install a version by supplying a semver range or pep440 specifier](#install-a-version-by-supplying-a-semver-range-or-pep440-specifier)
+  - [Install a version defined in a requirements or config file](#install-a-version-defined-in-a-requirements-or-config-file)
+  - [Python version](#python-version)
+  - [Activate environment](#activate-environment)
+  - [Working directory](#working-directory)
+  - [Validate checksum](#validate-checksum)
+  - [Enable Caching](#enable-caching)
+    - [Cache dependency glob](#cache-dependency-glob)
+    - [Restore cache](#restore-cache)
+    - [Save cache](#save-cache)
+  - [Local cache path](#local-cache-path)
+  - [Disable cache pruning](#disable-cache-pruning)
+  - [Cache Python installs](#cache-python-installs)
+  - [Ignore nothing to cache](#ignore-nothing-to-cache)
+  - [GitHub authentication token](#github-authentication-token)
+  - [UV_TOOL_DIR](#uv_tool_dir)
+  - [UV_TOOL_BIN_DIR](#uv_tool_bin_dir)
+  - [Tilde Expansion](#tilde-expansion)
+  - [Manifest file](#manifest-file)
+  - [Add problem matchers](#add-problem-matchers)
+- [How it works](#how-it-works)
+- [FAQ](#faq)

 ## Usage

-Example workflow in a real world project can be found [here](https://github.com/eifinger/hass-weenect/blob/main/.github/workflows/ci.yml)
-
-### Install specific version
-
-You can also specify a specific version of uv
+### Install a required-version or latest (default)

 ```yaml
- name: Install a specific version
-  uses: eifinger/setup-uv@v1
-  with:
-    version: '0.3.0'
+- name: Install the latest version of uv
+  uses: astral-sh/setup-uv@v6
 ```

-### Install latest version
+If you do not specify a version, this action will look for a [required-version](https://docs.astral.sh/uv/reference/settings/#required-version)
+in a `uv.toml` or `pyproject.toml` file in the repository root. If none is found, the latest version will be installed.

-By default this action installs the version defined as `default` in `action.yml`.
-This gets automatically updated in a new release of this action when a new version of uv is released.
-If you don't want to wait for a new release of this action you can use use `version: latest`.
+For an example workflow, see
+[here](https://github.com/charliermarsh/autobot/blob/e42c66659bf97b90ca9ff305a19cc99952d0d43f/.github/workflows/ci.yaml).

-> [!WARNING]  
-> Using the `latest` version means that the uv executable gets downloaded every single time instead of loaded from the tools cache.
-> This can take up to 20s depending on the download speed.
-> This does not affect the uv cache.
+### Install the latest version

 ```yaml
- name: Install a specific version
-  uses: eifinger/setup-uv@v1
+- name: Install the latest version of uv
+  uses: astral-sh/setup-uv@v6
  with:
-    version: 'latest'
+    version: "latest"
+```
+
+### Install a specific version
+
+```yaml
+- name: Install a specific version of uv
+  uses: astral-sh/setup-uv@v6
+  with:
+    version: "0.4.4"
+```
+
+### Install a version by supplying a semver range or pep440 specifier
+
+You can specify a [semver range](https://github.com/npm/node-semver?tab=readme-ov-file#ranges)
+or [pep440 specifier](https://peps.python.org/pep-0440/#version-specifiers)
+to install the latest version that satisfies the range.
+
+```yaml
+- name: Install a semver range of uv
+  uses: astral-sh/setup-uv@v6
+  with:
+    version: ">=0.4.0"
+```
+
+```yaml
+- name: Pinning a minor version of uv
+  uses: astral-sh/setup-uv@v6
+  with:
+    version: "0.4.x"
+```
+
+```yaml
+- name: Install a pep440-specifier-satisfying version of uv
+  uses: astral-sh/setup-uv@v6
+  with:
+    version: ">=0.4.25,<0.5"
+```
+
+### Install a version defined in a requirements or config file
+
+You can use the `version-file` input to specify a file that contains the version of uv to install.
+This can either be a `pyproject.toml` or `uv.toml` file which defines a `required-version` or
+uv defined as a dependency in `pyproject.toml` or `requirements.txt`.
+
+[asdf](https://asdf-vm.com/) `.tool-versions` is also supported, but without the `ref` syntax.
+
+```yaml
+- name: Install uv based on the version defined in pyproject.toml
+  uses: astral-sh/setup-uv@v6
+  with:
+    version-file: "pyproject.toml"
+```
+
+### Python version
+
+You can use the input `python-version` to set the environment variable `UV_PYTHON` for the rest of your workflow
+
+This will override any python version specifications in `pyproject.toml` and `.python-version`
+
+```yaml
+- name: Install the latest version of uv and set the python version to 3.13t
+  uses: astral-sh/setup-uv@v6
+  with:
+    python-version: 3.13t
+- run: uv pip install --python=3.13t pip
+```
+
+You can combine this with a matrix to test multiple Python versions:
+
+```yaml
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.10", "3.11", "3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v5
+      - name: Install the latest version of uv and set the python version
+        uses: astral-sh/setup-uv@v6
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Test with python ${{ matrix.python-version }}
+        run: uv run --frozen pytest
+```
+
+### Activate environment
+
+You can set `activate-environment` to `true` to automatically activate a venv.
+This allows directly using it in later steps:
+
+```yaml
+- name: Install the latest version of uv and activate the environment
+  uses: astral-sh/setup-uv@v6
+  with:
+    activate-environment: true
+- run: uv pip install pip
+```
+
+> [!WARNING]
+>
+> Activating the environment adds your dependencies to the `PATH`, which could break some workflows.
+> For example, if you have a dependency which requires uv, e.g., `hatch`, activating the
+> environment will shadow the `uv` binary installed by this action and may result in a different uv
+> version being used.
+>
+> We do not recommend using this setting for most use-cases. Instead, use `uv run` to execute
+> commands in the environment.
+
+### Working directory
+
+You can set the working directory with the `working-directory` input.
+This controls where we look for `pyproject.toml`, `uv.toml` and `.python-version` files
+which are used to determine the version of uv and python to install.
+
+It also controls where [the venv gets created](#activate-environment).
+
+```yaml
+- name: Install uv based on the config files in the working-directory
+  uses: astral-sh/setup-uv@v6
+  with:
+    working-directory: my/subproject/dir
 ```

 ### Validate checksum

-You can also specify a checksum to validate the downloaded file.
-Checksums up to the default version are automatically verified by this action.
-The sha265 hashes can be found on the [releases page](https://github.com/astral-sh/uv/releases)
-of the uv repo.
+You can specify a checksum to validate the downloaded executable. Checksums up to the default version
+are automatically verified by this action. The sha256 hashes can be found on the
+[releases page](https://github.com/astral-sh/uv/releases) of the uv repo.

 ```yaml
 - name: Install a specific version and validate the checksum
-  uses: eifinger/setup-uv@v1
+  uses: astral-sh/setup-uv@v6
  with:
-    version: '0.3.1'
-    checksum: 'e11b01402ab645392c7ad6044db63d37e4fd1e745e015306993b07695ea5f9f8'
+    version: "0.3.1"
+    checksum: "e11b01402ab645392c7ad6044db63d37e4fd1e745e015306993b07695ea5f9f8"
 ```

 ### Enable caching

-If you enable caching the [uv cache](https://docs.astral.sh/uv/concepts/cache/) will
-be cached to the GitHub Actions Cache. This can speed up runs which can reuse the cache
-by several minutes. The cache will always be reused on self-hosted runners.
+> [!NOTE]
+> The cache is pruned before it is uploaded to the GitHub Actions cache. This can lead to
+> a small or empty cache. See [Disable cache pruning](#disable-cache-pruning) for more details.
+
+If you enable caching, the [uv cache](https://docs.astral.sh/uv/concepts/cache/) will be uploaded to
+the GitHub Actions cache. This can speed up runs that reuse the cache by several minutes.
+Caching is enabled by default on GitHub-hosted runners.
+
+> [!TIP]
+>
+> On self-hosted runners this is usually not needed since the cache generated by uv on the runner's
+> filesystem is not removed after a run. For more details see [Local cache path](#local-cache-path).

 You can optionally define a custom cache key suffix.

 ```yaml
 - name: Enable caching and define a custom cache key suffix
  id: setup-uv
-  uses: eifinger/setup-uv@v1
+  uses: astral-sh/setup-uv@v6
  with:
    enable-cache: true
-    cache-suffix: 'optional-suffix'
+    cache-suffix: "optional-suffix"
 ```

-When the cache was successfully restored the output `cache-hit` will be set to `true` and you can use it in subsequent steps.
-For the example above you can use it like this:
+When the cache was successfully restored, the output `cache-hit` will be set to `true` and you can
+use it in subsequent steps. For example, to use the cache in the above case:

 ```yaml
 - name: Do something if the cache was restored
@@ -95,95 +232,435 @@ For the example above you can use it like this:
  run: echo "Cache was restored"
 ```

-#### Local cache path
+#### Cache dependency glob

-If you want to save the cache to a local path other than the default path (`/tmp/setup-uv-cache`)
-you can specify the path with the `cache-local-path` input.
+If you want to control when the GitHub Actions cache is invalidated, specify a glob pattern with the
+`cache-dependency-glob` input. The GitHub Actions cache will be invalidated if any file matching the glob pattern
+changes. If you use relative paths, they are relative to the repository root.
+
+> [!NOTE]
+>
+> You can look up supported patterns [here](https://github.com/actions/toolkit/tree/main/packages/glob#patterns)
+>
+> The default is
+> ```yaml
+> cache-dependency-glob: |
+>   **/*requirements*.txt
+>   **/*requirements*.in
+>   **/*constraints*.txt
+>   **/*constraints*.in
+>   **/pyproject.toml
+>   **/uv.lock
+>   **/*.py.lock
+> ```
+
+```yaml
+- name: Define a cache dependency glob
+  uses: astral-sh/setup-uv@v6
+  with:
+    enable-cache: true
+    cache-dependency-glob: "**/pyproject.toml"
+```
+
+```yaml
+- name: Define a list of cache dependency globs
+  uses: astral-sh/setup-uv@v6
+  with:
+    enable-cache: true
+    cache-dependency-glob: |
+      **/requirements*.txt
+      **/pyproject.toml
+```
+
+```yaml
+- name: Define an absolute cache dependency glob
+  uses: astral-sh/setup-uv@v6
+  with:
+    enable-cache: true
+    cache-dependency-glob: "/tmp/my-folder/requirements*.txt"
+```
+
+```yaml
+- name: Never invalidate the cache
+  uses: astral-sh/setup-uv@v6
+  with:
+    enable-cache: true
+    cache-dependency-glob: ""
+```
+
+#### Restore cache
+
+Restoring an existing cache can be enabled or disabled with the `restore-cache` input.
+By default, the cache will be restored.
+
+```yaml
+- name: Don't restore an existing cache
+  uses: astral-sh/setup-uv@v6
+  with:
+    enable-cache: true
+    restore-cache: false
+```
+
+#### Save cache
+
+You can also disable saving the cache after the run with the `save-cache` input.
+This can be useful to save cache storage when you know you will not use the cache of the run again.
+By default, the cache will be saved.
+
+```yaml
+- name: Don't save the cache after the run
+  uses: astral-sh/setup-uv@v6
+  with:
+    enable-cache: true
+    save-cache: false
+```
+
+### Local cache path
+
+If caching is enabled, this action controls where uv stores its cache on the runner's filesystem
+by setting `UV_CACHE_DIR`.
+
+It defaults to `setup-uv-cache` in the `TMP` dir, `D:\a\_temp\uv-tool-dir` on Windows and
+`/tmp/setup-uv-cache` on Linux/macOS. You can change the default by specifying the path with the
+`cache-local-path` input.
+
+> [!NOTE]
+> If the environment variable `UV_CACHE_DIR` is already set this action will not override it.
+> If you configured [cache-dir](https://docs.astral.sh/uv/reference/settings/#cache-dir) in your
+> config file then it is also respected and this action will not set `UV_CACHE_DIR`.

 ```yaml
 - name: Define a custom uv cache path
-  uses: eifinger/setup-uv@v1
+  uses: astral-sh/setup-uv@v6
  with:
-    enable-cache: true
-    cache-local-path: '/path/to/cache'
+    cache-local-path: "/path/to/cache"
 ```

-#### Cache dependency glob
+### Disable cache pruning

-If you want to control when the cache is invalidated you can specify a glob pattern with the `cache-dependency-glob` input.
-The cache will be invalidated if any file matching the glob pattern changes.
-The glob matches files relative to the repository root.
+By default, the uv cache is pruned after every run, removing pre-built wheels, but retaining any
+wheels that were built from source. On GitHub-hosted runners, it's typically faster to omit those
+pre-built wheels from the cache (and instead re-download them from the registry on each run).
+However, on self-hosted or local runners, preserving the cache may be more efficient. See
+the [documentation](https://docs.astral.sh/uv/concepts/cache/#caching-in-continuous-integration) for
+more information.
+
+If you want to persist the entire cache across runs, disable cache pruning with the `prune-cache`
+input.

 ```yaml
- name: Define a cache dependency glob
-  uses: eifinger/setup-uv@v1
+- name: Don't prune the cache before saving it
+  uses: astral-sh/setup-uv@v6
  with:
    enable-cache: true
-    cache-dependency-glob: 'uv.lock'
+    prune-cache: false
 ```

+### Cache Python installs
+
+By default, the Python install dir (`uv python dir` / `UV_PYTHON_INSTALL_DIR`) is not cached,
+for the same reason that the dependency cache is pruned.
+If you want to cache Python installs along with your dependencies, set the `cache-python` input to `true`.
+
 ```yaml
- name: Define a cache dependency glob
-  uses: eifinger/setup-uv@v1
+- name: Cache Python installs
+  uses: astral-sh/setup-uv@v6
  with:
    enable-cache: true
-    cache-dependency-glob: '**requirements*.txt'
+    cache-python: true
 ```

-### API rate limit
+### Ignore nothing to cache

-To avoid hitting the error `API rate limit exceeded` you can supply a GitHub token with the `github-token` input.
+By default, the action will fail if caching is enabled but there is nothing to upload (the uv cache directory does not exist).
+If you want to ignore this, set the `ignore-nothing-to-cache` input to `true`.

 ```yaml
- name: Install uv and supply a GitHub token
-  uses: eifinger/setup-uv@v1
+- name: Ignore nothing to cache
+  uses: astral-sh/setup-uv@v6
  with:
-    github-token: ${{ secrets.GITHUB_TOKEN }}
+    enable-cache: true
+    ignore-nothing-to-cache: true
+```
+
+### Ignore empty workdir
+
+By default, the action will warn if the workdir is empty, because this is usually the case when
+`actions/checkout` is configured to run after `setup-uv`, which is not supported.
+
+If you want to ignore this, set the `ignore-empty-workdir` input to `true`.
+
+```yaml
+- name: Ignore empty workdir
+  uses: astral-sh/setup-uv@v6
+  with:
+    ignore-empty-workdir: true
+```
+
+### GitHub authentication token
+
+This action uses the GitHub API to fetch the uv release artifacts. To avoid hitting the GitHub API
+rate limit too quickly, an authentication token can be provided via the `github-token` input. By
+default, the `GITHUB_TOKEN` secret is used, which is automatically provided by GitHub Actions.
+
+If the default
+[permissions for the GitHub token](https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)
+are not sufficient, you can provide a custom GitHub token with the necessary permissions.
+
+```yaml
+- name: Install the latest version of uv with a custom GitHub token
+  uses: astral-sh/setup-uv@v6
+  with:
+    github-token: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
+```
+
+### UV_TOOL_DIR
+
+On Windows `UV_TOOL_DIR` is set to `uv-tool-dir` in the `TMP` dir (e.g. `D:\a\_temp\uv-tool-dir`).
+On GitHub hosted runners this is on the much faster `D:` drive.
+
+On all other platforms the tool environments are placed in the
+[default location](https://docs.astral.sh/uv/concepts/tools/#tools-directory).
+
+If you want to change this behaviour (especially on self-hosted runners) you can use the `tool-dir`
+input:
+
+```yaml
+- name: Install the latest version of uv with a custom tool dir
+  uses: astral-sh/setup-uv@v6
+  with:
+    tool-dir: "/path/to/tool/dir"
+```
+
+### UV_TOOL_BIN_DIR
+
+On Windows `UV_TOOL_BIN_DIR` is set to `uv-tool-bin-dir` in the `TMP` dir (e.g.
+`D:\a\_temp\uv-tool-bin-dir`). On GitHub hosted runners this is on the much faster `D:` drive. This
+path is also automatically added to the PATH.
+
+On all other platforms the tool binaries get installed to the
+[default location](https://docs.astral.sh/uv/concepts/tools/#the-bin-directory).
+
+If you want to change this behaviour (especially on self-hosted runners) you can use the
+`tool-bin-dir` input:
+
+```yaml
+- name: Install the latest version of uv with a custom tool bin dir
+  uses: astral-sh/setup-uv@v6
+  with:
+    tool-bin-dir: "/path/to/tool-bin/dir"
+```
+
+### Tilde Expansion
+
+This action supports expanding the `~` character to the user's home directory for the following inputs:
+
+- `version-file`
+- `cache-local-path`
+- `tool-dir`
+- `tool-bin-dir`
+- `cache-dependency-glob`
+
+```yaml
+- name: Expand the tilde character
+  uses: astral-sh/setup-uv@v6
+  with:
+    cache-local-path: "~/path/to/cache"
+    tool-dir: "~/path/to/tool/dir"
+    tool-bin-dir: "~/path/to/tool-bin/dir"
+    cache-dependency-glob: "~/my-cache-buster"
+```
+
+### Manifest file
+
+The `manifest-file` input allows you to specify a JSON manifest that lists available uv versions,
+architectures, and their download URLs. By default, this action uses the manifest file contained
+in this repository, which is automatically updated with each release of uv.
+
+The manifest file contains an array of objects, each describing a version,
+architecture, platform, and the corresponding download URL. For example:
+
+```json
+[
+  {
+    "version": "0.7.13",
+    "artifactName": "uv-aarch64-apple-darwin.tar.gz",
+    "arch": "aarch64",
+    "platform": "apple-darwin",
+    "downloadUrl": "https://github.com/astral-sh/uv/releases/download/0.7.13/uv-aarch64-apple-darwin.tar.gz"
+  },
+  ...
+]
+```
+
+You can supply a custom manifest file URL to define additional versions,
+architectures, or different download URLs.
+This is useful if you maintain your own uv builds or want to override the default sources.
+
+```yaml
+- name: Use a custom manifest file
+  uses: astral-sh/setup-uv@v6
+  with:
+    manifest-file: "https://example.com/my-custom-manifest.json"
+```
+
+> [!NOTE]
+> When you use a custom manifest file and do not set the `version` input, its default value is `latest`.
+> This means the action will install the latest version available in the custom manifest file.
+> This is different from the default behavior of installing the latest version from the official uv releases.
+
+### Add problem matchers
+
+This action automatically adds
+[problem matchers](https://github.com/actions/toolkit/blob/main/docs/problem-matchers.md)
+for python errors.
+
+You can disable this by setting the `add-problem-matchers` input to `false`.
+
+```yaml
+- name: Install the latest version of uv without problem matchers
+  uses: astral-sh/setup-uv@v6
+  with:
+    add-problem-matchers: false
 ```

 ## How it works

-This action downloads uv from the releases of the [uv repo](https://github.com/astral-sh/uv) and uses the [GitHub Actions Toolkit](https://github.com/actions/toolkit) to cache it as a tool to speed up consecutive runs on self-hosted runners.
+This action downloads uv from the uv repo's official
+[GitHub Releases](https://github.com/astral-sh/uv) and uses the
+[GitHub Actions Toolkit](https://github.com/actions/toolkit) to cache it as a tool to speed up
+consecutive runs on self-hosted runners.

-The installed version of uv is then added to the runner path so other steps can just use it by calling `uv`.
+The installed version of uv is then added to the runner PATH, enabling later steps to invoke it
+by name (`uv`).

 ## FAQ

-### Do I still need actions/setup-python when using this action?
+### Do I still need `actions/setup-python` alongside `setup-uv`?

-No! This action was modelled as a drop-in replacement for `actions/setup-python` when using uv.
+With `setup-uv`, you can install a specific version of Python using `uv python install` rather than
+relying on `actions/setup-python`.

-A simple example workflow could look like this:
+Using `actions/setup-python` can be faster, because GitHub caches the Python versions alongside the runner.
+
+For example:

 ```yaml
 - name: Checkout the repository
  uses: actions/checkout@main
 - name: Install the latest version of uv
-  uses: eifinger/setup-uv@v1
+  uses: astral-sh/setup-uv@v6
  with:
    enable-cache: true
 - name: Test
-  run: uv run --frozen pytest
+  run: uv run --frozen pytest  # Uses the Python version automatically installed by uv
+```
+
+To install a specific version of Python, use
+[`uv python install`](https://docs.astral.sh/uv/guides/install-python/):
+
+```yaml
+- name: Install the latest version of uv
+  uses: astral-sh/setup-uv@v6
+  with:
+    enable-cache: true
+- name: Install Python 3.12
+  run: uv python install 3.12
 ```

 ### What is the default version?

-By default this action installs the version defined as `default` in `action.yml`.
-When a new release of uv is published this triggers an automatic release of this action with the new version as `default`.
+By default, this action installs the latest version of uv.

-If you have to know the version installed for other steps of your workflow you can use the `uv-version` output:
+If you require the installed version in subsequent steps of your workflow, use the `uv-version`
+output:

 ```yaml
 - name: Checkout the repository
  uses: actions/checkout@main
 - name: Install the default version of uv
  id: setup-uv
-  uses: eifinger/setup-uv@v1
+  uses: astral-sh/setup-uv@v6
 - name: Print the installed version
  run: echo "Installed uv version is ${{ steps.setup-uv.outputs.uv-version }}"
 ```

---
+### Should I include the resolution strategy in the cache key?

-[<img src="https://raw.githubusercontent.com/eifinger/setup-uv/main/docs/images/bmc-button.svg" width=150 height=40 style="margin: 5px"/>](https://www.buymeacoffee.com/eifinger)
-[<img src="https://raw.githubusercontent.com/eifinger/setup-uv/main/docs/images/paypal-button.svg" width=150 height=40 style="margin: 5px"/>](https://paypal.me/kevinstillhammer)
+**Yes!**
+
+The cache key gets computed by using the [cache-dependency-glob](#cache-dependency-glob).
+
+If you
+have jobs which use the same dependency definitions from `requirements.txt` or
+`pyproject.toml` but different
+[resolution strategies](https://docs.astral.sh/uv/concepts/resolution/#resolution-strategy),
+each job will have different dependencies or dependency versions.
+But if you do not add the resolution strategy as a [cache-suffix](#enable-caching),
+they will have the same cache key.
+
+This means the first job which starts uploading its cache will win and all other job will fail
+uploading the cache,
+because they try to upload with the same cache key.
+
+You might see errors like
+`Failed to save: Failed to CreateCacheEntry: Received non-retryable error: Failed request: (409) Conflict: cache entry with the same key, version, and scope already exists`
+
+### Why do I see warnings like `No GitHub Actions cache found for key`
+
+When a workflow runs for the first time on a branch and has a new cache key, because the
+[cache-dependency-glob](#cache-dependency-glob) found changed files (changed dependencies),
+the cache will not be found and the warning `No GitHub Actions cache found for key` will be printed.
+
+While this might be irritating at first, it is expected behaviour and the cache will be created
+and reused in later workflows.
+
+The reason for the warning is, that we have to way to know if this is the first run of a new
+cache key or the user accidentally misconfigured the [cache-dependency-glob](#cache-dependency-glob)
+or [cache-suffix](#enable-caching) and the cache never gets used.
+
+### Do I have to run `actions/checkout` before or after `setup-uv`?
+
+Some workflows need uv but do not need to access the repository content.
+
+But **if** you need to access the repository content, you have run `actions/checkout` before running `setup-uv`.
+Running `actions/checkout` after `setup-uv` **is not supported**.
+
+### Does `setup-uv` also install my project or its dependencies automatically?
+
+No, `setup-uv` alone wont install any libraries from your `pyproject.toml` or `requirements.txt`, it only sets up `uv`.
+You should run `uv sync` or `uv pip install .` separately, or use `uv run ...` to ensure necessary dependencies are installed.
+
+### Why is a changed cache not detected and not the full cache uploaded?
+
+When `setup-uv` starts it has to know whether it is better to download an existing cache
+or start fresh and download every dependency again.
+It does this by using a combination of hashes calculated on the contents of e.g. `uv.lock`.
+
+By calculating these hashes and combining them in a key `setup-uv` can check
+if an uploaded cache exists for this key.
+If yes (e.g. contents of `uv.lock` did not change since last run) the dependencies in the cache
+are up to date and the cache will be downloaded and used.
+
+Details on determining which files will lead to different caches can be read under
+[cache-dependency-glob](#cache-dependency-glob)
+
+Some dependencies will never be uploaded to the cache and will be downloaded again on each run
+as described in [disable-cache-pruning](#disable-cache-pruning)
+
+## Acknowledgements
+
+`setup-uv` was initially written and published by [Kevin Stillhammer](https://github.com/eifinger)
+before moving under the official [Astral](https://github.com/astral-sh) GitHub organization. You can
+support Kevin's work in open source on [Buy me a coffee](https://www.buymeacoffee.com/eifinger) or
+[PayPal](https://paypal.me/kevinstillhammer).
+
+## License
+
+MIT
+
+<div align="center">
+  <a target="_blank" href="https://astral.sh" style="background:none">
+    <img src="https://raw.githubusercontent.com/astral-sh/uv/main/assets/svg/Astral.svg" alt="Made by Astral">
+  </a>
+</div>
@@ -1,37 +0,0 @@
-import {expect, test, it} from '@jest/globals'
-import {
-  isknownVersion,
-  validateChecksum
-} from '../../../src/download/checksum/checksum'
-
-test('checksum should match', async () => {
-  const validChecksum =
-    'f3da96ec7e995debee7f5d52ecd034dfb7074309a1da42f76429ecb814d813a3'
-  const filePath = '__tests__/fixtures/checksumfile'
-  // string params don't matter only test the checksum mechanism, not known checksums
-  await validateChecksum(
-    validChecksum,
-    filePath,
-    'aarch64',
-    'pc-windows-msvc',
-    '1.2.3'
-  )
-})
-
-type KnownVersionFixture = {version: string; known: boolean}
-
-it.each<KnownVersionFixture>([
-  {
-    version: '0.3.0',
-    known: true
-  },
-  {
-    version: '0.0.15',
-    known: false
-  }
-])(
-  'isknownVersion should return $known for version $version',
-  ({version, known}) => {
-    expect(isknownVersion(version)).toBe(known)
-  }
-)
@@ -0,0 +1,37 @@
+import { expect, it, test } from "@jest/globals";
+import {
+  isknownVersion,
+  validateChecksum,
+} from "../../../src/download/checksum/checksum";
+
+test("checksum should match", async () => {
+  const validChecksum =
+    "f3da96ec7e995debee7f5d52ecd034dfb7074309a1da42f76429ecb814d813a3";
+  const filePath = "__tests__/fixtures/checksumfile";
+  // string params don't matter only test the checksum mechanism, not known checksums
+  await validateChecksum(
+    validChecksum,
+    filePath,
+    "aarch64",
+    "pc-windows-msvc",
+    "1.2.3",
+  );
+});
+
+type KnownVersionFixture = { version: string; known: boolean };
+
+it.each<KnownVersionFixture>([
+  {
+    known: true,
+    version: "0.3.0",
+  },
+  {
+    known: false,
+    version: "0.0.15",
+  },
+])(
+  "isknownVersion should return $known for version $version",
+  ({ version, known }) => {
+    expect(isknownVersion(version)).toBe(known);
+  },
+);
@@ -0,0 +1,9 @@
+[
+  {
+    "arch": "x86_64",
+    "artifactName": "uv-x86_64-unknown-linux-gnu.tar.gz",
+    "downloadUrl": "https://release.pyx.dev/0.7.12-alpha.1/uv-x86_64-unknown-linux-gnu.tar.gz",
+    "platform": "unknown-linux-gnu",
+    "version": "0.7.12-alpha.1"
+  }
+]
@@ -0,0 +1 @@
+uv 0.5.15
@@ -0,0 +1,16 @@
+[project]
+name = "uv-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "ruff>=0.6.2",
+]
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[tool.uv]
+cache-dir = "/tmp/pyproject-toml-defined-cache-path"
@@ -0,0 +1,2 @@
+def hello() -> str:
+    return "Hello from uv-project!"
@@ -0,0 +1,38 @@
+version = 1
+requires-python = ">=3.12"
+
+[[package]]
+name = "ruff"
+version = "0.6.2"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/23/f4/279d044f66b79261fd37df76bf72b64471afab5d3b7906a01499c4451910/ruff-0.6.2.tar.gz", hash = "sha256:239ee6beb9e91feb8e0ec384204a763f36cb53fb895a1a364618c6abb076b3be", size = 2460281 }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/72/4b/47dd7a69287afb4069fa42c198e899463605460a58120196711bfcf0446b/ruff-0.6.2-py3-none-linux_armv6l.whl", hash = "sha256:5c8cbc6252deb3ea840ad6a20b0f8583caab0c5ef4f9cca21adc5a92b8f79f3c", size = 9695871 },
+    { url = "https://files.pythonhosted.org/packages/ae/c3/8aac62ac4638c14a740ee76a755a925f2d0d04580ab790a9887accb729f6/ruff-0.6.2-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:17002fe241e76544448a8e1e6118abecbe8cd10cf68fde635dad480dba594570", size = 9459354 },
+    { url = "https://files.pythonhosted.org/packages/2f/cf/77fbd8d4617b9b9c503f9bffb8552c4e3ea1a58dc36975e7a9104ffb0f85/ruff-0.6.2-py3-none-macosx_11_0_arm64.whl", hash = "sha256:3dbeac76ed13456f8158b8f4fe087bf87882e645c8e8b606dd17b0b66c2c1158", size = 9163871 },
+    { url = "https://files.pythonhosted.org/packages/05/1c/765192bab32b79efbb498b06f0b9dcb3629112b53b8777ae1d19b8209e09/ruff-0.6.2-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:094600ee88cda325988d3f54e3588c46de5c18dae09d683ace278b11f9d4d534", size = 10096250 },
+    { url = "https://files.pythonhosted.org/packages/08/d0/86f3cb0f6934c99f759c232984a5204d67a26745cad2d9edff6248adf7d2/ruff-0.6.2-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:316d418fe258c036ba05fbf7dfc1f7d3d4096db63431546163b472285668132b", size = 9475376 },
+    { url = "https://files.pythonhosted.org/packages/cd/cc/4c8d0e225b559a3fae6092ec310d7150d3b02b4669e9223f783ef64d82c0/ruff-0.6.2-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d72b8b3abf8a2d51b7b9944a41307d2f442558ccb3859bbd87e6ae9be1694a5d", size = 10295634 },
+    { url = "https://files.pythonhosted.org/packages/db/96/d2699cfb1bb5a01c68122af43454c76c31331e1c8a9bd97d653d7c82524b/ruff-0.6.2-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:2aed7e243be68487aa8982e91c6e260982d00da3f38955873aecd5a9204b1d66", size = 11024941 },
+    { url = "https://files.pythonhosted.org/packages/8b/a9/6ecd66af8929e0f2a1ed308a4137f3521789f28f0eb97d32c2ca3aa7000c/ruff-0.6.2-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:d371f7fc9cec83497fe7cf5eaf5b76e22a8efce463de5f775a1826197feb9df8", size = 10606894 },
+    { url = "https://files.pythonhosted.org/packages/e4/73/2ee4cd19f44992fedac1cc6db9e3d825966072f6dcbd4032f21cbd063170/ruff-0.6.2-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a8f310d63af08f583363dfb844ba8f9417b558199c58a5999215082036d795a1", size = 11552886 },
+    { url = "https://files.pythonhosted.org/packages/60/4c/c0f1cd35ce4a93c54a6bb1ee6934a3a205fa02198dd076678193853ceea1/ruff-0.6.2-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7db6880c53c56addb8638fe444818183385ec85eeada1d48fc5abe045301b2f1", size = 10264945 },
+    { url = "https://files.pythonhosted.org/packages/c4/89/e45c9359b9cdd4245512ea2b9f2bb128a997feaa5f726fc9e8c7a66afadf/ruff-0.6.2-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:1175d39faadd9a50718f478d23bfc1d4da5743f1ab56af81a2b6caf0a2394f23", size = 10100007 },
+    { url = "https://files.pythonhosted.org/packages/06/74/0bd4e0a7ed5f6908df87892f9bf60a2356c0fd74102d8097298bd9b4f346/ruff-0.6.2-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:5b939f9c86d51635fe486585389f54582f0d65b8238e08c327c1534844b3bb9a", size = 9559267 },
+    { url = "https://files.pythonhosted.org/packages/54/03/3dc6dc9419f276f05805bf888c279e3e0b631284abd548d9e87cebb93aec/ruff-0.6.2-py3-none-musllinux_1_2_i686.whl", hash = "sha256:d0d62ca91219f906caf9b187dea50d17353f15ec9bb15aae4a606cd697b49b4c", size = 9905304 },
+    { url = "https://files.pythonhosted.org/packages/5c/5b/d6a72a6a6bbf097c09de468326ef5fa1c9e7aa5e6e45979bc0d984b0dbe7/ruff-0.6.2-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:7438a7288f9d67ed3c8ce4d059e67f7ed65e9fe3aa2ab6f5b4b3610e57e3cb56", size = 10341480 },
+    { url = "https://files.pythonhosted.org/packages/79/a9/0f2f21fe15ba537c46598f96aa9ae4a3d4b9ec64926664617ca6a8c772f4/ruff-0.6.2-py3-none-win32.whl", hash = "sha256:279d5f7d86696df5f9549b56b9b6a7f6c72961b619022b5b7999b15db392a4da", size = 7961901 },
+    { url = "https://files.pythonhosted.org/packages/b0/80/fff12ffe11853d9f4ea3e5221e6dd2e93640a161c05c9579833e09ad40a7/ruff-0.6.2-py3-none-win_amd64.whl", hash = "sha256:d9f3469c7dd43cd22eb1c3fc16926fb8258d50cb1b216658a07be95dd117b0f2", size = 8783320 },
+    { url = "https://files.pythonhosted.org/packages/56/91/577cdd64cce5e74d3f8b5ecb93f29566def569c741eb008aed4f331ef821/ruff-0.6.2-py3-none-win_arm64.whl", hash = "sha256:f28fcd2cd0e02bdf739297516d5643a945cc7caf09bd9bcb4d932540a5ea4fa9", size = 8225886 },
+]
+
+[[package]]
+name = "uv-project"
+version = "0.1.0"
+source = { editable = "." }
+dependencies = [
+    { name = "ruff" },
+]
+
+[package.metadata]
+requires-dist = [{ name = "ruff" }]
@@ -0,0 +1 @@
+3.11
@@ -0,0 +1,6 @@
+def main():
+    print("Hello from malformed-pyproject-toml-project!")
+
+
+if __name__ == "__main__":
+    main()
@@ -0,0 +1,9 @@
+[project]
+name = "malformed-pyproject-toml-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.11"
+dependencies = []
+
+[malformed-toml
@@ -0,0 +1,13 @@
+[project]
+name = "old-python-constraint-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.8,<=3.9"
+dependencies = [
+    "ruff>=0.6.2",
+]
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
@@ -0,0 +1,2 @@
+def hello() -> str:
+    return "Hello from uv-project!"
@@ -0,0 +1,38 @@
+version = 1
+requires-python = ">=3.12"
+
+[[package]]
+name = "ruff"
+version = "0.6.2"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/23/f4/279d044f66b79261fd37df76bf72b64471afab5d3b7906a01499c4451910/ruff-0.6.2.tar.gz", hash = "sha256:239ee6beb9e91feb8e0ec384204a763f36cb53fb895a1a364618c6abb076b3be", size = 2460281 }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/72/4b/47dd7a69287afb4069fa42c198e899463605460a58120196711bfcf0446b/ruff-0.6.2-py3-none-linux_armv6l.whl", hash = "sha256:5c8cbc6252deb3ea840ad6a20b0f8583caab0c5ef4f9cca21adc5a92b8f79f3c", size = 9695871 },
+    { url = "https://files.pythonhosted.org/packages/ae/c3/8aac62ac4638c14a740ee76a755a925f2d0d04580ab790a9887accb729f6/ruff-0.6.2-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:17002fe241e76544448a8e1e6118abecbe8cd10cf68fde635dad480dba594570", size = 9459354 },
+    { url = "https://files.pythonhosted.org/packages/2f/cf/77fbd8d4617b9b9c503f9bffb8552c4e3ea1a58dc36975e7a9104ffb0f85/ruff-0.6.2-py3-none-macosx_11_0_arm64.whl", hash = "sha256:3dbeac76ed13456f8158b8f4fe087bf87882e645c8e8b606dd17b0b66c2c1158", size = 9163871 },
+    { url = "https://files.pythonhosted.org/packages/05/1c/765192bab32b79efbb498b06f0b9dcb3629112b53b8777ae1d19b8209e09/ruff-0.6.2-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:094600ee88cda325988d3f54e3588c46de5c18dae09d683ace278b11f9d4d534", size = 10096250 },
+    { url = "https://files.pythonhosted.org/packages/08/d0/86f3cb0f6934c99f759c232984a5204d67a26745cad2d9edff6248adf7d2/ruff-0.6.2-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:316d418fe258c036ba05fbf7dfc1f7d3d4096db63431546163b472285668132b", size = 9475376 },
+    { url = "https://files.pythonhosted.org/packages/cd/cc/4c8d0e225b559a3fae6092ec310d7150d3b02b4669e9223f783ef64d82c0/ruff-0.6.2-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d72b8b3abf8a2d51b7b9944a41307d2f442558ccb3859bbd87e6ae9be1694a5d", size = 10295634 },
+    { url = "https://files.pythonhosted.org/packages/db/96/d2699cfb1bb5a01c68122af43454c76c31331e1c8a9bd97d653d7c82524b/ruff-0.6.2-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:2aed7e243be68487aa8982e91c6e260982d00da3f38955873aecd5a9204b1d66", size = 11024941 },
+    { url = "https://files.pythonhosted.org/packages/8b/a9/6ecd66af8929e0f2a1ed308a4137f3521789f28f0eb97d32c2ca3aa7000c/ruff-0.6.2-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:d371f7fc9cec83497fe7cf5eaf5b76e22a8efce463de5f775a1826197feb9df8", size = 10606894 },
+    { url = "https://files.pythonhosted.org/packages/e4/73/2ee4cd19f44992fedac1cc6db9e3d825966072f6dcbd4032f21cbd063170/ruff-0.6.2-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a8f310d63af08f583363dfb844ba8f9417b558199c58a5999215082036d795a1", size = 11552886 },
+    { url = "https://files.pythonhosted.org/packages/60/4c/c0f1cd35ce4a93c54a6bb1ee6934a3a205fa02198dd076678193853ceea1/ruff-0.6.2-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7db6880c53c56addb8638fe444818183385ec85eeada1d48fc5abe045301b2f1", size = 10264945 },
+    { url = "https://files.pythonhosted.org/packages/c4/89/e45c9359b9cdd4245512ea2b9f2bb128a997feaa5f726fc9e8c7a66afadf/ruff-0.6.2-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:1175d39faadd9a50718f478d23bfc1d4da5743f1ab56af81a2b6caf0a2394f23", size = 10100007 },
+    { url = "https://files.pythonhosted.org/packages/06/74/0bd4e0a7ed5f6908df87892f9bf60a2356c0fd74102d8097298bd9b4f346/ruff-0.6.2-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:5b939f9c86d51635fe486585389f54582f0d65b8238e08c327c1534844b3bb9a", size = 9559267 },
+    { url = "https://files.pythonhosted.org/packages/54/03/3dc6dc9419f276f05805bf888c279e3e0b631284abd548d9e87cebb93aec/ruff-0.6.2-py3-none-musllinux_1_2_i686.whl", hash = "sha256:d0d62ca91219f906caf9b187dea50d17353f15ec9bb15aae4a606cd697b49b4c", size = 9905304 },
+    { url = "https://files.pythonhosted.org/packages/5c/5b/d6a72a6a6bbf097c09de468326ef5fa1c9e7aa5e6e45979bc0d984b0dbe7/ruff-0.6.2-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:7438a7288f9d67ed3c8ce4d059e67f7ed65e9fe3aa2ab6f5b4b3610e57e3cb56", size = 10341480 },
+    { url = "https://files.pythonhosted.org/packages/79/a9/0f2f21fe15ba537c46598f96aa9ae4a3d4b9ec64926664617ca6a8c772f4/ruff-0.6.2-py3-none-win32.whl", hash = "sha256:279d5f7d86696df5f9549b56b9b6a7f6c72961b619022b5b7999b15db392a4da", size = 7961901 },
+    { url = "https://files.pythonhosted.org/packages/b0/80/fff12ffe11853d9f4ea3e5221e6dd2e93640a161c05c9579833e09ad40a7/ruff-0.6.2-py3-none-win_amd64.whl", hash = "sha256:d9f3469c7dd43cd22eb1c3fc16926fb8258d50cb1b216658a07be95dd117b0f2", size = 8783320 },
+    { url = "https://files.pythonhosted.org/packages/56/91/577cdd64cce5e74d3f8b5ecb93f29566def569c741eb008aed4f331ef821/ruff-0.6.2-py3-none-win_arm64.whl", hash = "sha256:f28fcd2cd0e02bdf739297516d5643a945cc7caf09bd9bcb4d932540a5ea4fa9", size = 8225886 },
+]
+
+[[package]]
+name = "uv-project"
+version = "0.1.0"
+source = { editable = "." }
+dependencies = [
+    { name = "ruff" },
+]
+
+[package.metadata]
+requires-dist = [{ name = "ruff" }]
@@ -0,0 +1 @@
+3.11
@@ -0,0 +1,6 @@
+def main():
+    print("Hello from pyproject-toml-project!")
+
+
+if __name__ == "__main__":
+    main()
@@ -0,0 +1,19 @@
+[project]
+name = "pyproject-toml-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.11"
+dependencies = []
+
+[dependency-groups]
+dev = [
+  "reuse==5.0.2",
+  {include-group = "lint"},
+]
+lint = [
+  "flake8==4.0.1",
+]
+
+[tool.uv]
+required-version = "==0.5.14"
@@ -0,0 +1 @@
+print("Hello world")
@@ -0,0 +1 @@
+ruff>=0.6.2
@@ -0,0 +1 @@
+print("Hello world")
@@ -0,0 +1,33 @@
+# This file was autogenerated by uv via the following command:
+#    uv pip compile --generate-hashes - -o ex-requirements.txt
+click==8.2.1 \
+    --hash=sha256:27c491cc05d968d271d5a1db13e3b5a184636d9d930f148c50b038f0d0646202 \
+    --hash=sha256:61a3265b914e850b85317d0b3109c7f8cd35a670f963866005d6ef1d5175a12b
+    # via uvicorn
+h11==0.16.0 \
+    --hash=sha256:4e35b956cf45792e4caa5885e69fba00bdbc6ffafbfa020300e549b208ee5ff1 \
+    --hash=sha256:63cf8bbe7522de3bf65932fda1d9c2772064ffb3dae62d55932da54b31cb6c86
+    # via uvicorn
+uv==0.8.3 \
+    --hash=sha256:1121ad1c9389b865d029385031d3fd7d90d343c92a2149a4d4aa20bf469cb27f \
+    --hash=sha256:17bcdb0615e37cc5f985f7d7546f755ac6343c1dc8bbe876c892437f14f8f904 \
+    --hash=sha256:2ccaae4c749126c99f6404d67a0ae1eae29cbafb05603d09094a775061fdf4e5 \
+    --hash=sha256:2e311c029bff2ca07c6ddf877ccc5935cabb78e09b94b53a849542665b6a6fa1 \
+    --hash=sha256:391c97577048a40fd8c85b370055df6420f26e81df7fa906f0e0ce1aa2af3527 \
+    --hash=sha256:3f904f574dc2d7aa1d96ddf2483480ecd121dc9d060108cadd8bff100b754b64 \
+    --hash=sha256:526f2c3bd6f311ce31f6f7b6b7d818b191f41e76bed3aaab671b716220c02d8f \
+    --hash=sha256:5313ee776ad65731ffa8ac585246f987d3a2bf72e6153c12add1fff22ad6e500 \
+    --hash=sha256:5843cc43bafad05cc710d8e31bd347ee37202462a63d32c30746e9df48cfbda2 \
+    --hash=sha256:76de331a07e5ae9b6490e70a9439a072b91b3167a5684510af10c2752c4ece9a \
+    --hash=sha256:8486f7576d15cc73509f93f47b3190f44701ea36839906369301b58c8604d5db \
+    --hash=sha256:8b16f1bddfdf8f7470924ab34a7b55e4c372d5340c7c1e47e7fc84a743dc541f \
+    --hash=sha256:966ec7d7f57521fef0fee685d71e183c9cafb358ddcfe27519dfeaf40550f247 \
+    --hash=sha256:989898caeb6e972979543b57547d1c28ab8af81ff8fc15921fd354c17d432749 \
+    --hash=sha256:9ce7981f4fbeecf93dc5cf0a5a7915e84956fd99ad3ac977c048fe0cfdb1a17e \
+    --hash=sha256:ad13453ab0a1dfa64a221aac8f52199efdcaa52c97134fffd7bcebed794a6f4b \
+    --hash=sha256:ae7efe91dcfc24126fa91e0fb69a1daf6c0e494a781ba192bb0cc62d7ab623ee \
+    --hash=sha256:daa6e0d657a94f20e962d4a03d833ef7af5c8e51b7c8a2d92ba6cf64a4c07ac1 \
+    --hash=sha256:f1eb7c896fc0d80ed534748aaf46697b6ebc8ce401f1c51666ce0b9923c3db9a
+uvicorn==0.35.0 \
+    --hash=sha256:197535216b25ff9b785e29a0b79199f55222193d47f820816e7da751e9bc8d4a \
+    --hash=sha256:bc662f087f7cf2ce11a1d7fd70b90c9f98ef2e2831556dd078d131b96cc94a01
@@ -0,0 +1 @@
+print("Hello world")
@@ -0,0 +1,2 @@
+uvicorn==0.35.0
+uv==0.6.17
@@ -0,0 +1 @@
+3.11
@@ -0,0 +1,6 @@
+def main():
+    print("Hello from uv-toml-project!")
+
+
+if __name__ == "__main__":
+    main()
@@ -0,0 +1,10 @@
+[project]
+name = "uv-toml-project"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.11"
+dependencies = []
+
+[tool.uv]
+required-version = "==0.5.14"
@@ -0,0 +1 @@
+required-version = "==0.5.15"
@@ -0,0 +1,86 @@
+jest.mock("@actions/core", () => {
+  return {
+    debug: jest.fn(),
+    getBooleanInput: jest.fn(
+      (name: string) => (mockInputs[name] ?? "") === "true",
+    ),
+    getInput: jest.fn((name: string) => mockInputs[name] ?? ""),
+  };
+});
+
+import {
+  afterEach,
+  beforeEach,
+  describe,
+  expect,
+  it,
+  jest,
+} from "@jest/globals";
+
+// Will be mutated per test before (re-)importing the module under test
+let mockInputs: Record<string, string> = {};
+const ORIGINAL_HOME = process.env.HOME;
+
+describe("cacheDependencyGlob", () => {
+  beforeEach(() => {
+    jest.resetModules();
+    mockInputs = {};
+    process.env.HOME = "/home/testuser";
+  });
+
+  afterEach(() => {
+    process.env.HOME = ORIGINAL_HOME;
+  });
+
+  it("returns empty string when input not provided", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe("");
+  });
+
+  it("resolves a single relative path", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    mockInputs["cache-dependency-glob"] = "requirements.txt";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe("/workspace/requirements.txt");
+  });
+
+  it("strips leading ./ from relative path", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    mockInputs["cache-dependency-glob"] = "./uv.lock";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe("/workspace/uv.lock");
+  });
+
+  it("handles multiple lines, trimming whitespace, tilde expansion and absolute paths", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    mockInputs["cache-dependency-glob"] =
+      "  ~/.cache/file1\n ./rel/file2  \nfile3.txt";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe(
+      [
+        "/home/testuser/.cache/file1", // expanded tilde, absolute path unchanged
+        "/workspace/rel/file2", // ./ stripped and resolved
+        "/workspace/file3.txt", // relative path resolved
+      ].join("\n"),
+    );
+  });
+
+  it("keeps absolute path unchanged in multiline input", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    mockInputs["cache-dependency-glob"] = "/abs/path.lock\nrelative.lock";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe(
+      ["/abs/path.lock", "/workspace/relative.lock"].join("\n"),
+    );
+  });
+
+  it("handles exclusions in relative paths correct", async () => {
+    mockInputs["working-directory"] = "/workspace";
+    mockInputs["cache-dependency-glob"] = "!/abs/path.lock\n!relative.lock";
+    const { cacheDependencyGlob } = await import("../../src/utils/inputs");
+    expect(cacheDependencyGlob).toBe(
+      ["!/abs/path.lock", "!/workspace/relative.lock"].join("\n"),
+    );
+  });
+});
@@ -0,0 +1,9 @@
+import { expect, test } from "@jest/globals";
+import { getUvVersionFromFile } from "../../src/version/resolve";
+
+test("ignores dependencies starting with uv", async () => {
+  const parsedVersion = getUvVersionFromFile(
+    "__tests__/fixtures/uv-in-requirements-txt-project/requirements.txt",
+  );
+  expect(parsedVersion).toBe("0.6.17");
+});
@@ -0,0 +1,9 @@
+import { expect, test } from "@jest/globals";
+import { getUvVersionFromFile } from "../../src/version/resolve";
+
+test("ignores dependencies starting with uv", async () => {
+  const parsedVersion = getUvVersionFromFile(
+    "__tests__/fixtures/uv-in-requirements-hash-txt-project/requirements.txt",
+  );
+  expect(parsedVersion).toBe("0.8.3");
+});
@@ -0,0 +1,115 @@
+jest.mock("node:fs");
+jest.mock("@actions/core", () => ({
+  warning: jest.fn(),
+}));
+
+import fs from "node:fs";
+import * as core from "@actions/core";
+import { beforeEach, describe, expect, it, jest } from "@jest/globals";
+import { getUvVersionFromToolVersions } from "../../src/version/tool-versions-file";
+
+const mockedFs = fs as jest.Mocked<typeof fs>;
+const mockedCore = core as jest.Mocked<typeof core>;
+
+describe("getUvVersionFromToolVersions", () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+  });
+
+  it("should return undefined for non-.tool-versions files", () => {
+    const result = getUvVersionFromToolVersions("package.json");
+    expect(result).toBeUndefined();
+    expect(mockedFs.readFileSync).not.toHaveBeenCalled();
+  });
+
+  it("should return version for valid uv entry", () => {
+    const fileContent = "python 3.11.0\nuv 0.1.0\nnodejs 18.0.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBe("0.1.0");
+    expect(mockedFs.readFileSync).toHaveBeenCalledWith(
+      ".tool-versions",
+      "utf8",
+    );
+  });
+
+  it("should return version for uv entry with v prefix", () => {
+    const fileContent = "uv v0.2.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBe("0.2.0");
+  });
+
+  it("should handle whitespace around uv entry", () => {
+    const fileContent = "  uv   0.3.0  ";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBe("0.3.0");
+  });
+
+  it("should skip commented lines", () => {
+    const fileContent = "# uv 0.1.0\npython 3.11.0\nuv 0.2.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBe("0.2.0");
+  });
+
+  it("should return first matching uv version", () => {
+    const fileContent = "uv 0.1.0\npython 3.11.0\nuv 0.2.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBe("0.1.0");
+  });
+
+  it("should return undefined when no uv entry found", () => {
+    const fileContent = "python 3.11.0\nnodejs 18.0.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBeUndefined();
+  });
+
+  it("should return undefined for empty file", () => {
+    mockedFs.readFileSync.mockReturnValue("");
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBeUndefined();
+  });
+
+  it("should warn and return undefined for ref syntax", () => {
+    const fileContent = "uv ref:main";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions(".tool-versions");
+
+    expect(result).toBeUndefined();
+    expect(mockedCore.warning).toHaveBeenCalledWith(
+      "The ref syntax of .tool-versions is not supported. Please use a released version instead.",
+    );
+  });
+
+  it("should handle file path with .tool-versions extension", () => {
+    const fileContent = "uv 0.1.0";
+    mockedFs.readFileSync.mockReturnValue(fileContent);
+
+    const result = getUvVersionFromToolVersions("path/to/.tool-versions");
+
+    expect(result).toBe("0.1.0");
+    expect(mockedFs.readFileSync).toHaveBeenCalledWith(
+      "path/to/.tool-versions",
+      "utf8",
+    );
+  });
+});
@@ -1,38 +1,98 @@
-name: 'Python setup uv'
-description: 'Set up your GitHub Actions workflow with a specific version of uv'
-author: 'eifinger'
+name: "astral-sh/setup-uv"
+description:
+  "Set up your GitHub Actions workflow with a specific version of uv."
+author: "astral-sh"
 inputs:
-  version: 
-    description: 'The version of uv to install'
-    default: '0.3.5'
+  version:
+    description: "The version of uv to install e.g., `0.5.0` Defaults to the version in pyproject.toml or 'latest'."
+    default: ""
+  version-file:
+    description: "Path to a file containing the version of uv to install. Defaults to searching for uv.toml and if not found pyproject.toml."
+    default: ""
+  python-version:
+    description: "The version of Python to set UV_PYTHON to"
+    required: false
+  activate-environment:
+    description: "Use uv venv to activate a venv ready to be used by later steps. "
+    default: "false"
+  working-directory:
+    description: "The directory to execute all commands in and look for files such as pyproject.toml"
+    default: ${{ github.workspace }}
  checksum:
-    description: 'The checksum of the uv version to install'
+    description: "The checksum of the uv version to install"
    required: false
  github-token:
-    description: 'Used to increase the rate limit when retrieving versions and downloading uv.'
+    description:
+      "Used to increase the rate limit when retrieving versions and downloading uv."
    required: false
+    default: ${{ github.token }}
  enable-cache:
-    description: 'Enable caching of the uv cache'
-    default: 'false'
+    description: "Enable uploading of the uv cache"
+    default: "auto"
  cache-dependency-glob:
-    description: 'Glob pattern to match files relative to the repository root to control the cache. e.g. "uv.lock"'
-    required: false
+    description:
+      "Glob pattern to match files relative to the repository root to control
+      the cache."
+    default: |
+      **/*requirements*.txt
+      **/*requirements*.in
+      **/*constraints*.txt
+      **/*constraints*.in
+      **/pyproject.toml
+      **/uv.lock
+      **/*.py.lock
+  restore-cache:
+    description: "Whether to restore the cache if found."
+    default: "true"
+  save-cache:
+    description: "Whether to save the cache after the run."
+    default: "true"
  cache-suffix:
-    description: 'Suffix for the cache key'
+    description: "Suffix for the cache key"
    required: false
  cache-local-path:
-    description: 'Local path to store the cache.'
-    default: '/tmp/setup-uv-cache'
+    description: "Local path to store the cache."
+    default: ""
+  prune-cache:
+    description: "Prune cache before saving."
+    default: "true"
+  cache-python:
+    description: "Upload managed Python installations to the Github Actions cache."
+    default: "false"
+  ignore-nothing-to-cache:
+    description: "Ignore when nothing is found to cache."
+    default: "false"
+  ignore-empty-workdir:
+    description: "Ignore when the working directory is empty."
+    default: "false"
+  tool-dir:
+    description: "Custom path to set UV_TOOL_DIR to."
+    required: false
+  tool-bin-dir:
+    description: "Custom path to set UV_TOOL_BIN_DIR to."
+    required: false
+  manifest-file:
+    description: "URL to the manifest file containing available versions and download URLs."
+    required: false
+  add-problem-matchers:
+    description: "Add problem matchers."
+    default: "true"
 outputs:
  uv-version:
    description: "The installed uv version. Useful when using latest."
+  uv-path:
+    description: "The path to the installed uv binary."
+  uvx-path:
+    description: "The path to the installed uvx binary."
  cache-hit:
    description: "A boolean value to indicate a cache entry was found"
+  venv:
+    description: "Path to the activated venv if activate-environment is true"
 runs:
-  using: 'node20'
-  main: 'dist/setup/index.js'
-  post: 'dist/save-cache/index.js'
+  using: "node24"
+  main: "dist/setup/index.js"
+  post: "dist/save-cache/index.js"
  post-if: success()
 branding:
-  icon: 'package'
-  color: 'blue'
+  icon: "package"
+  color: "black"
@@ -0,0 +1,44 @@
+{
+  "$schema": "https://biomejs.dev/schemas/2.2.4/schema.json",
+  "assist": {
+    "actions": {
+      "source": {
+        "organizeImports": "on",
+        "useSortedAttributes": "on",
+        "useSortedKeys": "on"
+      }
+    }
+  },
+  "files": {
+    "ignoreUnknown": false,
+    "includes": [
+      "**",
+      "!**/dist",
+      "!**/lib",
+      "!**/node_modules",
+      "!**/package*.json",
+      "!**/known-checksums.*"
+    ]
+  },
+  "formatter": {
+    "enabled": true,
+    "indentStyle": "space"
+  },
+  "javascript": {
+    "formatter": {
+      "quoteStyle": "double",
+      "trailingCommas": "all"
+    }
+  },
+  "linter": {
+    "enabled": true,
+    "rules": {
+      "recommended": true
+    }
+  },
+  "vcs": {
+    "clientKind": "git",
+    "enabled": true,
+    "useIgnoreFile": false
+  }
+}
@@ -1,453 +0,0 @@
-"use strict";
-exports.id = 37;
-exports.ids = [37];
-exports.modules = {
-
-/***/ 4037:
-/***/ ((__unused_webpack___webpack_module__, __webpack_exports__, __webpack_require__) => {
-
-__webpack_require__.r(__webpack_exports__);
-/* harmony export */ __webpack_require__.d(__webpack_exports__, {
-/* harmony export */   "toFormData": () => (/* binding */ toFormData)
-/* harmony export */ });
-/* harmony import */ var fetch_blob_from_js__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(2777);
-/* harmony import */ var formdata_polyfill_esm_min_js__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(8010);
-
-
-
-let s = 0;
-const S = {
-	START_BOUNDARY: s++,
-	HEADER_FIELD_START: s++,
-	HEADER_FIELD: s++,
-	HEADER_VALUE_START: s++,
-	HEADER_VALUE: s++,
-	HEADER_VALUE_ALMOST_DONE: s++,
-	HEADERS_ALMOST_DONE: s++,
-	PART_DATA_START: s++,
-	PART_DATA: s++,
-	END: s++
-};
-
-let f = 1;
-const F = {
-	PART_BOUNDARY: f,
-	LAST_BOUNDARY: f *= 2
-};
-
-const LF = 10;
-const CR = 13;
-const SPACE = 32;
-const HYPHEN = 45;
-const COLON = 58;
-const A = 97;
-const Z = 122;
-
-const lower = c => c | 0x20;
-
-const noop = () => {};
-
-class MultipartParser {
-	/**
-	 * @param {string} boundary
-	 */
-	constructor(boundary) {
-		this.index = 0;
-		this.flags = 0;
-
-		this.onHeaderEnd = noop;
-		this.onHeaderField = noop;
-		this.onHeadersEnd = noop;
-		this.onHeaderValue = noop;
-		this.onPartBegin = noop;
-		this.onPartData = noop;
-		this.onPartEnd = noop;
-
-		this.boundaryChars = {};
-
-		boundary = '\r\n--' + boundary;
-		const ui8a = new Uint8Array(boundary.length);
-		for (let i = 0; i < boundary.length; i++) {
-			ui8a[i] = boundary.charCodeAt(i);
-			this.boundaryChars[ui8a[i]] = true;
-		}
-
-		this.boundary = ui8a;
-		this.lookbehind = new Uint8Array(this.boundary.length + 8);
-		this.state = S.START_BOUNDARY;
-	}
-
-	/**
-	 * @param {Uint8Array} data
-	 */
-	write(data) {
-		let i = 0;
-		const length_ = data.length;
-		let previousIndex = this.index;
-		let {lookbehind, boundary, boundaryChars, index, state, flags} = this;
-		const boundaryLength = this.boundary.length;
-		const boundaryEnd = boundaryLength - 1;
-		const bufferLength = data.length;
-		let c;
-		let cl;
-
-		const mark = name => {
-			this[name + 'Mark'] = i;
-		};
-
-		const clear = name => {
-			delete this[name + 'Mark'];
-		};
-
-		const callback = (callbackSymbol, start, end, ui8a) => {
-			if (start === undefined || start !== end) {
-				this[callbackSymbol](ui8a && ui8a.subarray(start, end));
-			}
-		};
-
-		const dataCallback = (name, clear) => {
-			const markSymbol = name + 'Mark';
-			if (!(markSymbol in this)) {
-				return;
-			}
-
-			if (clear) {
-				callback(name, this[markSymbol], i, data);
-				delete this[markSymbol];
-			} else {
-				callback(name, this[markSymbol], data.length, data);
-				this[markSymbol] = 0;
-			}
-		};
-
-		for (i = 0; i < length_; i++) {
-			c = data[i];
-
-			switch (state) {
-				case S.START_BOUNDARY:
-					if (index === boundary.length - 2) {
-						if (c === HYPHEN) {
-							flags |= F.LAST_BOUNDARY;
-						} else if (c !== CR) {
-							return;
-						}
-
-						index++;
-						break;
-					} else if (index - 1 === boundary.length - 2) {
-						if (flags & F.LAST_BOUNDARY && c === HYPHEN) {
-							state = S.END;
-							flags = 0;
-						} else if (!(flags & F.LAST_BOUNDARY) && c === LF) {
-							index = 0;
-							callback('onPartBegin');
-							state = S.HEADER_FIELD_START;
-						} else {
-							return;
-						}
-
-						break;
-					}
-
-					if (c !== boundary[index + 2]) {
-						index = -2;
-					}
-
-					if (c === boundary[index + 2]) {
-						index++;
-					}
-
-					break;
-				case S.HEADER_FIELD_START:
-					state = S.HEADER_FIELD;
-					mark('onHeaderField');
-					index = 0;
-					// falls through
-				case S.HEADER_FIELD:
-					if (c === CR) {
-						clear('onHeaderField');
-						state = S.HEADERS_ALMOST_DONE;
-						break;
-					}
-
-					index++;
-					if (c === HYPHEN) {
-						break;
-					}
-
-					if (c === COLON) {
-						if (index === 1) {
-							// empty header field
-							return;
-						}
-
-						dataCallback('onHeaderField', true);
-						state = S.HEADER_VALUE_START;
-						break;
-					}
-
-					cl = lower(c);
-					if (cl < A || cl > Z) {
-						return;
-					}
-
-					break;
-				case S.HEADER_VALUE_START:
-					if (c === SPACE) {
-						break;
-					}
-
-					mark('onHeaderValue');
-					state = S.HEADER_VALUE;
-					// falls through
-				case S.HEADER_VALUE:
-					if (c === CR) {
-						dataCallback('onHeaderValue', true);
-						callback('onHeaderEnd');
-						state = S.HEADER_VALUE_ALMOST_DONE;
-					}
-
-					break;
-				case S.HEADER_VALUE_ALMOST_DONE:
-					if (c !== LF) {
-						return;
-					}
-
-					state = S.HEADER_FIELD_START;
-					break;
-				case S.HEADERS_ALMOST_DONE:
-					if (c !== LF) {
-						return;
-					}
-
-					callback('onHeadersEnd');
-					state = S.PART_DATA_START;
-					break;
-				case S.PART_DATA_START:
-					state = S.PART_DATA;
-					mark('onPartData');
-					// falls through
-				case S.PART_DATA:
-					previousIndex = index;
-
-					if (index === 0) {
-						// boyer-moore derrived algorithm to safely skip non-boundary data
-						i += boundaryEnd;
-						while (i < bufferLength && !(data[i] in boundaryChars)) {
-							i += boundaryLength;
-						}
-
-						i -= boundaryEnd;
-						c = data[i];
-					}
-
-					if (index < boundary.length) {
-						if (boundary[index] === c) {
-							if (index === 0) {
-								dataCallback('onPartData', true);
-							}
-
-							index++;
-						} else {
-							index = 0;
-						}
-					} else if (index === boundary.length) {
-						index++;
-						if (c === CR) {
-							// CR = part boundary
-							flags |= F.PART_BOUNDARY;
-						} else if (c === HYPHEN) {
-							// HYPHEN = end boundary
-							flags |= F.LAST_BOUNDARY;
-						} else {
-							index = 0;
-						}
-					} else if (index - 1 === boundary.length) {
-						if (flags & F.PART_BOUNDARY) {
-							index = 0;
-							if (c === LF) {
-								// unset the PART_BOUNDARY flag
-								flags &= ~F.PART_BOUNDARY;
-								callback('onPartEnd');
-								callback('onPartBegin');
-								state = S.HEADER_FIELD_START;
-								break;
-							}
-						} else if (flags & F.LAST_BOUNDARY) {
-							if (c === HYPHEN) {
-								callback('onPartEnd');
-								state = S.END;
-								flags = 0;
-							} else {
-								index = 0;
-							}
-						} else {
-							index = 0;
-						}
-					}
-
-					if (index > 0) {
-						// when matching a possible boundary, keep a lookbehind reference
-						// in case it turns out to be a false lead
-						lookbehind[index - 1] = c;
-					} else if (previousIndex > 0) {
-						// if our boundary turned out to be rubbish, the captured lookbehind
-						// belongs to partData
-						const _lookbehind = new Uint8Array(lookbehind.buffer, lookbehind.byteOffset, lookbehind.byteLength);
-						callback('onPartData', 0, previousIndex, _lookbehind);
-						previousIndex = 0;
-						mark('onPartData');
-
-						// reconsider the current character even so it interrupted the sequence
-						// it could be the beginning of a new sequence
-						i--;
-					}
-
-					break;
-				case S.END:
-					break;
-				default:
-					throw new Error(`Unexpected state entered: ${state}`);
-			}
-		}
-
-		dataCallback('onHeaderField');
-		dataCallback('onHeaderValue');
-		dataCallback('onPartData');
-
-		// Update properties for the next call
-		this.index = index;
-		this.state = state;
-		this.flags = flags;
-	}
-
-	end() {
-		if ((this.state === S.HEADER_FIELD_START && this.index === 0) ||
-			(this.state === S.PART_DATA && this.index === this.boundary.length)) {
-			this.onPartEnd();
-		} else if (this.state !== S.END) {
-			throw new Error('MultipartParser.end(): stream ended unexpectedly');
-		}
-	}
-}
-
-function _fileName(headerValue) {
-	// matches either a quoted-string or a token (RFC 2616 section 19.5.1)
-	const m = headerValue.match(/\bfilename=("(.*?)"|([^()<>@,;:\\"/[\]?={}\s\t]+))($|;\s)/i);
-	if (!m) {
-		return;
-	}
-
-	const match = m[2] || m[3] || '';
-	let filename = match.slice(match.lastIndexOf('\\') + 1);
-	filename = filename.replace(/%22/g, '"');
-	filename = filename.replace(/&#(\d{4});/g, (m, code) => {
-		return String.fromCharCode(code);
-	});
-	return filename;
-}
-
-async function toFormData(Body, ct) {
-	if (!/multipart/i.test(ct)) {
-		throw new TypeError('Failed to fetch');
-	}
-
-	const m = ct.match(/boundary=(?:"([^"]+)"|([^;]+))/i);
-
-	if (!m) {
-		throw new TypeError('no or bad content-type header, no multipart boundary');
-	}
-
-	const parser = new MultipartParser(m[1] || m[2]);
-
-	let headerField;
-	let headerValue;
-	let entryValue;
-	let entryName;
-	let contentType;
-	let filename;
-	const entryChunks = [];
-	const formData = new formdata_polyfill_esm_min_js__WEBPACK_IMPORTED_MODULE_1__/* .FormData */ .Ct();
-
-	const onPartData = ui8a => {
-		entryValue += decoder.decode(ui8a, {stream: true});
-	};
-
-	const appendToFile = ui8a => {
-		entryChunks.push(ui8a);
-	};
-
-	const appendFileToFormData = () => {
-		const file = new fetch_blob_from_js__WEBPACK_IMPORTED_MODULE_0__/* .File */ .$B(entryChunks, filename, {type: contentType});
-		formData.append(entryName, file);
-	};
-
-	const appendEntryToFormData = () => {
-		formData.append(entryName, entryValue);
-	};
-
-	const decoder = new TextDecoder('utf-8');
-	decoder.decode();
-
-	parser.onPartBegin = function () {
-		parser.onPartData = onPartData;
-		parser.onPartEnd = appendEntryToFormData;
-
-		headerField = '';
-		headerValue = '';
-		entryValue = '';
-		entryName = '';
-		contentType = '';
-		filename = null;
-		entryChunks.length = 0;
-	};
-
-	parser.onHeaderField = function (ui8a) {
-		headerField += decoder.decode(ui8a, {stream: true});
-	};
-
-	parser.onHeaderValue = function (ui8a) {
-		headerValue += decoder.decode(ui8a, {stream: true});
-	};
-
-	parser.onHeaderEnd = function () {
-		headerValue += decoder.decode();
-		headerField = headerField.toLowerCase();
-
-		if (headerField === 'content-disposition') {
-			// matches either a quoted-string or a token (RFC 2616 section 19.5.1)
-			const m = headerValue.match(/\bname=("([^"]*)"|([^()<>@,;:\\"/[\]?={}\s\t]+))/i);
-
-			if (m) {
-				entryName = m[2] || m[3] || '';
-			}
-
-			filename = _fileName(headerValue);
-
-			if (filename) {
-				parser.onPartData = appendToFile;
-				parser.onPartEnd = appendFileToFormData;
-			}
-		} else if (headerField === 'content-type') {
-			contentType = headerValue;
-		}
-
-		headerValue = '';
-		headerField = '';
-	};
-
-	for await (const chunk of Body) {
-		parser.write(chunk);
-	}
-
-	parser.end();
-
-	return formData;
-}
-
-
-/***/ })
-
-};
-;
-//# sourceMappingURL=37.index.js.map
@@ -1,15 +0,0 @@
-<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" width="545" height="153" viewBox="0 0 545 153">
-<defs>
-<style>
-.cls-1{fill:#009ee3;}.cls-1,.cls-2,.cls-3{fill-rule:evenodd;}.cls-2{fill:#113984;}.cls-3{fill:#172c70;}</style>
-</defs>
-<title>paypal-seeklogo.com</title>
-<path transform="scale(1, 1)" d="M0 24.48C0 10.9601 10.9601 0 24.48 0H520.2C533.72 0 544.68 10.9601 544.68 24.48V128.52C544.68 142.04 533.72 153 520.2 153H24.48C10.9601 153 0 142.04 0 128.52V24.48Z" fill="#ebf2ff"/>
-<g transform="scale(0.8, 0.8) translate(45, 25)">
-<path class="cls-1" d="M192.95,386.87h38.74c20.8,0,28.63,10.53,27.42,26-2,25.54-17.44,39.67-37.92,39.67H210.85c-2.81,0-4.7,1.86-5.46,6.9L201,488.74c-0.29,1.9-1.29,3-2.79,3.15H173.87c-2.29,0-3.1-1.75-2.5-5.54l14.84-93.93C186.79,388.66,188.85,386.87,192.95,386.87Z" transform="translate(-143.48 -354.54)"/>
-<path class="cls-2" d="M361.14,385.13c13.07,0,25.13,7.09,23.48,24.76-2,21-13.25,32.62-31,32.67H338.11c-2.23,0-3.31,1.82-3.89,5.55l-3,19.07c-0.45,2.88-1.93,4.3-4.11,4.3H312.68c-2.3,0-3.1-1.47-2.59-4.76L322,390.29c0.59-3.76,2-5.16,4.57-5.16h34.54Zm-23.5,40.92h11.75c7.35-.28,12.23-5.37,12.72-14.55,0.3-5.67-3.53-9.73-9.62-9.7l-11.06.05-3.79,24.2h0Zm86.21,39.58c1.32-1.2,2.66-1.82,2.47-.34l-0.47,3.54c-0.24,1.85.49,2.83,2.21,2.83h12.82c2.16,0,3.21-.87,3.74-4.21l7.9-49.58c0.4-2.49-.21-3.71-2.1-3.71H436.32c-1.27,0-1.89.71-2.22,2.65l-0.52,3.05c-0.27,1.59-1,1.87-1.68.27-2.39-5.66-8.49-8.2-17-8-19.77.41-33.1,15.42-34.53,34.66-1.1,14.88,9.56,26.57,23.62,26.57,10.2,0,14.76-3,19.9-7.7h0ZM413.11,458c-8.51,0-14.44-6.79-13.21-15.11s9.19-15.11,17.7-15.11,14.44,6.79,13.21,15.11S421.63,458,413.11,458h0Zm64.5-44h-13c-2.68,0-3.77,2-2.92,4.46l16.14,47.26L462,488.21c-1.33,1.88-.3,3.59,1.57,3.59h14.61a4.47,4.47,0,0,0,4.34-2.13l49.64-71.2c1.53-2.19.81-4.49-1.7-4.49H516.63c-2.37,0-3.32.94-4.68,2.91l-20.7,30L482,416.82C481.46,415,480.11,414,477.62,414Z" transform="translate(-143.48 -354.54)"/>
-<path class="cls-1" d="M583.8,385.13c13.07,0,25.13,7.09,23.48,24.76-2,21-13.25,32.62-31,32.67H560.78c-2.23,0-3.31,1.82-3.89,5.55l-3,19.07c-0.45,2.88-1.93,4.3-4.11,4.3H535.35c-2.3,0-3.1-1.47-2.59-4.76l11.93-76.45c0.59-3.76,2-5.16,4.57-5.16H583.8Zm-23.5,40.92h11.75c7.35-.28,12.23-5.37,12.72-14.55,0.3-5.67-3.53-9.73-9.62-9.7l-11.06.05-3.79,24.2h0Zm86.21,39.58c1.32-1.2,2.66-1.82,2.47-.34l-0.47,3.54c-0.24,1.85.49,2.83,2.21,2.83h12.82c2.16,0,3.21-.87,3.74-4.21l7.9-49.58c0.4-2.49-.21-3.71-2.1-3.71H659c-1.27,0-1.89.71-2.22,2.65l-0.52,3.05c-0.27,1.59-1,1.87-1.68.27-2.39-5.66-8.49-8.2-17-8-19.77.41-33.1,15.42-34.53,34.66-1.1,14.88,9.56,26.57,23.62,26.57,10.2,0,14.76-3,19.9-7.7h0ZM635.78,458c-8.51,0-14.44-6.79-13.21-15.11s9.19-15.11,17.7-15.11,14.44,6.79,13.21,15.11S644.29,458,635.78,458h0Zm59.13,13.74h-14.8a1.75,1.75,0,0,1-1.81-2l13-82.36a2.55,2.55,0,0,1,2.46-2h14.8a1.75,1.75,0,0,1,1.81,2l-13,82.36A2.55,2.55,0,0,1,694.91,471.76Z" transform="translate(-143.48 -354.54)"/>
-<path class="cls-2" d="M168.72,354.54h38.78c10.92,0,23.88.35,32.54,8,5.79,5.11,8.83,13.24,8.13,22-2.38,29.61-20.09,46.2-43.85,46.2H185.2c-3.26,0-5.41,2.16-6.33,8l-5.34,34c-0.35,2.2-1.3,3.5-3,3.66H146.6c-2.65,0-3.59-2-2.9-6.42L160.9,361C161.59,356.62,164,354.54,168.72,354.54Z" transform="translate(-143.48 -354.54)"/>
-<path class="cls-3" d="M179.43,435.29l6.77-42.87c0.59-3.76,2.65-5.56,6.75-5.56h38.74c6.41,0,11.6,1,15.66,2.85-3.89,26.36-20.94,41-43.26,41H185C182.44,430.72,180.56,432,179.43,435.29Z" transform="translate(-143.48 -354.54)"/>
-</g>
-</svg>
@@ -1,9 +1,9 @@
 module.exports = {
  clearMocks: true,
-  moduleFileExtensions: ['js', 'ts'],
-  testMatch: ['**/*.test.ts'],
+  moduleFileExtensions: ["js", "ts"],
+  testMatch: ["**/*.test.ts"],
  transform: {
-    '^.+\\.ts$': 'ts-jest'
+    "^.+\\.ts$": "ts-jest",
  },
-  verbose: true
-}
+  verbose: true,
+};
@@ -6,52 +6,43 @@
  "main": "dist/index.js",
  "scripts": {
    "build": "tsc",
-    "format": "prettier --write '**/*.ts'",
-    "format-check": "prettier --check '**/*.ts'",
-    "lint": "eslint src/**/*.ts --fix",
-    "package": "ncc build -o dist/setup src/setup-uv.ts && ncc build -o dist/save-cache src/save-cache.ts && ncc build -o dist/update-default-version src/update-default-version.ts",
+    "check": "biome check --write",
+    "package": "ncc build -o dist/setup src/setup-uv.ts && ncc build -o dist/save-cache src/save-cache.ts && ncc build -o dist/update-known-versions src/update-known-versions.ts",
    "test": "jest",
    "act": "act pull_request -W .github/workflows/test.yml --container-architecture linux/amd64 -s GITHUB_TOKEN=\"$(gh auth token)\"",
-    "update-default-version": "node dist/update-default-version/index.js src/download/checksum/known-checksums.ts action.yml \"$(gh auth token)\"",
-    "all": "npm run build && npm run format && npm run lint && npm run package && npm test"
+    "update-known-versions": "RUNNER_TEMP=known_versions node dist/update-known-versions/index.js src/download/checksum/known-versions.ts \"$(gh auth token)\"",
+    "all": "npm run build && npm run check && npm run package && npm test"
  },
  "repository": {
    "type": "git",
-    "url": "git+https://github.com/eifinger/setup-uv.git"
+    "url": "git+https://github.com/astral-sh/setup-uv.git"
  },
-  "keywords": [
-    "actions",
-    "python",
-    "setup",
-    "uv"
-  ],
+  "keywords": ["actions", "python", "setup", "uv"],
  "author": "@eifinger",
  "license": "MIT",
  "dependencies": {
-    "@actions/cache": "^3.2.4",
-    "@actions/core": "^1.10.1",
+    "@actions/cache": "^4.0.5",
+    "@actions/core": "^1.11.1",
    "@actions/exec": "^1.1.1",
-    "@actions/github": "^6.0.0",
-    "@actions/glob": "^0.4.0",
+    "@actions/glob": "^0.5.0",
    "@actions/io": "^1.1.3",
-    "@actions/tool-cache": "^2.0.1",
-    "@octokit/rest": "^21.0.2"
+    "@actions/tool-cache": "^2.0.2",
+    "@octokit/core": "^7.0.5",
+    "@octokit/plugin-paginate-rest": "^13.1.1",
+    "@octokit/plugin-rest-endpoint-methods": "^16.1.0",
+    "@renovatebot/pep440": "^4.2.1",
+    "smol-toml": "^1.4.2",
+    "undici": "^7.16.0"
  },
  "devDependencies": {
-    "@types/node": "^20.14.9",
-    "@types/semver": "^7.5.8",
-    "@typescript-eslint/eslint-plugin": "^7.15.0",
-    "@typescript-eslint/parser": "^7.15.0",
-    "@vercel/ncc": "^0.38.1",
-    "eslint": "^8.57.0",
-    "eslint-plugin-github": "^5.0.1",
-    "eslint-plugin-import": "^2.29.1",
-    "eslint-plugin-jest": "^28.6.0",
-    "eslint-plugin-prettier": "^5.2.1",
-    "jest": "^29.7.0",
+    "@biomejs/biome": "2.2.4",
+    "@types/js-yaml": "^4.0.9",
+    "@types/node": "^24.7.0",
+    "@types/semver": "^7.7.1",
+    "@vercel/ncc": "^0.38.4",
+    "jest": "^30.1.3",
    "js-yaml": "^4.1.0",
-    "prettier": "^3.3.3",
-    "ts-jest": "^29.2.5",
-    "typescript": "^5.4.5"
+    "ts-jest": "^29.4.4",
+    "typescript": "^5.9.2"
  }
 }
@@ -1,65 +1,121 @@
-import * as cache from '@actions/cache'
-import * as glob from '@actions/glob'
-import * as core from '@actions/core'
-import path from 'path'
-import {cacheDependencyGlob, cacheLocalPath, cacheSuffix} from '../utils/inputs'
-import {getArch, getPlatform} from '../utils/platforms'
+import * as cache from "@actions/cache";
+import * as core from "@actions/core";
+import * as exec from "@actions/exec";
+import { hashFiles } from "../hash/hash-files";
+import {
+  cacheDependencyGlob,
+  cacheLocalPath,
+  cachePython,
+  cacheSuffix,
+  pruneCache,
+  pythonDir,
+  pythonVersion as pythonVersionInput,
+  restoreCache as shouldRestoreCache,
+  workingDirectory,
+} from "../utils/inputs";
+import { getArch, getPlatform } from "../utils/platforms";

-export const STATE_CACHE_KEY = 'cache-key'
-export const STATE_CACHE_MATCHED_KEY = 'cache-matched-key'
-const CACHE_VERSION = '1'
+export const STATE_CACHE_KEY = "cache-key";
+export const STATE_CACHE_MATCHED_KEY = "cache-matched-key";
+const CACHE_VERSION = "1";

-export async function restoreCache(version: string): Promise<void> {
-  const cacheKey = await computeKeys(version)
+export async function restoreCache(): Promise<void> {
+  const cacheKey = await computeKeys();
+  core.saveState(STATE_CACHE_KEY, cacheKey);

-  let matchedKey: string | undefined
-  core.info(
-    `Trying to restore uv cache from GitHub Actions cache with key: ${cacheKey}`
-  )
-  try {
-    matchedKey = await cache.restoreCache([cacheLocalPath], cacheKey)
-  } catch (err) {
-    const message = (err as Error).message
-    core.warning(message)
-    core.setOutput('cache-hit', false)
-    return
+  if (!shouldRestoreCache) {
+    core.info("restore-cache is false. Skipping restore cache step.");
+    return;
  }

-  core.saveState(STATE_CACHE_KEY, cacheKey)
+  let matchedKey: string | undefined;
+  core.info(
+    `Trying to restore uv cache from GitHub Actions cache with key: ${cacheKey}`,
+  );
+  const cachePaths = [cacheLocalPath];
+  if (cachePython) {
+    cachePaths.push(pythonDir);
+  }
+  try {
+    matchedKey = await cache.restoreCache(cachePaths, cacheKey);
+  } catch (err) {
+    const message = (err as Error).message;
+    core.warning(message);
+    core.setOutput("cache-hit", false);
+    return;
+  }

-  handleMatchResult(matchedKey, cacheKey)
+  handleMatchResult(matchedKey, cacheKey);
 }

-async function computeKeys(version: string): Promise<string> {
-  let cacheDependencyPathHash = '-'
-  if (cacheDependencyGlob !== '') {
-    const fullCacheDependencyGlob = `${process.env['GITHUB_WORKSPACE']}${path.sep}${cacheDependencyGlob}`
-    cacheDependencyPathHash += await glob.hashFiles(fullCacheDependencyGlob)
-    if (cacheDependencyPathHash === '-') {
-      throw new Error(
-        `No file in ${process.cwd()} matched to [${cacheDependencyGlob}], make sure you have checked out the target repository`
-      )
+async function computeKeys(): Promise<string> {
+  let cacheDependencyPathHash = "-";
+  if (cacheDependencyGlob !== "") {
+    core.info(
+      `Searching files using cache dependency glob: ${cacheDependencyGlob.split("\n").join(",")}`,
+    );
+    cacheDependencyPathHash += await hashFiles(cacheDependencyGlob, true);
+    if (cacheDependencyPathHash === "-") {
+      core.warning(
+        `No file matched to [${cacheDependencyGlob.split("\n").join(",")}]. The cache will never get invalidated. Make sure you have checked out the target repository and configured the cache-dependency-glob input correctly.`,
+      );
    }
-  } else {
-    cacheDependencyPathHash += 'no-dependency-glob'
  }
-  const suffix = cacheSuffix ? `-${cacheSuffix}` : ''
-  return `setup-uv-${CACHE_VERSION}-${getArch()}-${getPlatform()}-${version}${cacheDependencyPathHash}${suffix}`
+  if (cacheDependencyPathHash === "-") {
+    cacheDependencyPathHash = "-no-dependency-glob";
+  }
+  const suffix = cacheSuffix ? `-${cacheSuffix}` : "";
+  const pythonVersion = await getPythonVersion();
+  const platform = await getPlatform();
+  const pruned = pruneCache ? "-pruned" : "";
+  const python = cachePython ? "-py" : "";
+  return `setup-uv-${CACHE_VERSION}-${getArch()}-${platform}-${pythonVersion}${pruned}${python}${cacheDependencyPathHash}${suffix}`;
+}
+
+async function getPythonVersion(): Promise<string> {
+  if (pythonVersionInput !== "") {
+    return pythonVersionInput;
+  }
+
+  let output = "";
+  const options: exec.ExecOptions = {
+    listeners: {
+      stdout: (data: Buffer) => {
+        output += data.toString();
+      },
+    },
+    silent: !core.isDebug(),
+  };
+
+  try {
+    const execArgs = ["python", "find", "--directory", workingDirectory];
+    await exec.exec("uv", execArgs, options);
+    const pythonPath = output.trim();
+
+    output = "";
+    await exec.exec(pythonPath, ["--version"], options);
+    // output is like "Python 3.8.10"
+    return output.split(" ")[1].trim();
+  } catch (error) {
+    const err = error as Error;
+    core.debug(`Failed to get python version from uv. Error: ${err.message}`);
+    return "unknown";
+  }
 }

 function handleMatchResult(
  matchedKey: string | undefined,
-  primaryKey: string
+  primaryKey: string,
 ): void {
  if (!matchedKey) {
-    core.info(`No GitHub Actions cache found for key: ${primaryKey}`)
-    core.setOutput('cache-hit', false)
-    return
+    core.info(`No GitHub Actions cache found for key: ${primaryKey}`);
+    core.setOutput("cache-hit", false);
+    return;
  }

-  core.saveState(STATE_CACHE_MATCHED_KEY, matchedKey)
+  core.saveState(STATE_CACHE_MATCHED_KEY, matchedKey);
  core.info(
-    `uv cache restored from GitHub Actions cache with key: ${matchedKey}`
-  )
-  core.setOutput('cache-hit', true)
+    `uv cache restored from GitHub Actions cache with key: ${matchedKey}`,
+  );
+  core.setOutput("cache-hit", true);
 }
@@ -1,55 +1,57 @@
-import * as fs from 'fs'
-import * as crypto from 'crypto'
+import * as crypto from "node:crypto";
+import * as fs from "node:fs";

-import * as core from '@actions/core'
-import {KNOWN_CHECKSUMS} from './known-checksums'
-import {Architecture, Platform} from '../../utils/platforms'
+import * as core from "@actions/core";
+import type { Architecture, Platform } from "../../utils/platforms";
+import { KNOWN_CHECKSUMS } from "./known-checksums";

 export async function validateChecksum(
  checkSum: string | undefined,
  downloadPath: string,
  arch: Architecture,
  platform: Platform,
-  version: string
+  version: string,
 ): Promise<void> {
-  let isValid = true
-  if (checkSum !== undefined && checkSum !== '') {
-    isValid = await validateFileCheckSum(downloadPath, checkSum)
+  let isValid: boolean | undefined;
+  if (checkSum !== undefined && checkSum !== "") {
+    isValid = await validateFileCheckSum(downloadPath, checkSum);
  } else {
-    core.debug(`Checksum not provided. Checking known checksums.`)
-    const key = `${arch}-${platform}-${version}`
+    core.debug("Checksum not provided. Checking known checksums.");
+    const key = `${arch}-${platform}-${version}`;
    if (key in KNOWN_CHECKSUMS) {
-      const knownChecksum = KNOWN_CHECKSUMS[`${arch}-${platform}-${version}`]
-      core.debug(`Checking checksum for ${arch}-${platform}-${version}.`)
-      isValid = await validateFileCheckSum(downloadPath, knownChecksum)
+      const knownChecksum = KNOWN_CHECKSUMS[`${arch}-${platform}-${version}`];
+      core.debug(`Checking checksum for ${arch}-${platform}-${version}.`);
+      isValid = await validateFileCheckSum(downloadPath, knownChecksum);
    } else {
-      core.debug(`No known checksum found for ${key}.`)
+      core.debug(`No known checksum found for ${key}.`);
    }
  }

-  if (!isValid) {
-    throw new Error(`Checksum for ${downloadPath} did not match ${checkSum}.`)
+  if (isValid === false) {
+    throw new Error(`Checksum for ${downloadPath} did not match ${checkSum}.`);
+  }
+  if (isValid === true) {
+    core.debug(`Checksum for ${downloadPath} is valid.`);
  }
-  core.debug(`Checksum for ${downloadPath} is valid.`)
 }

 async function validateFileCheckSum(
  filePath: string,
-  expected: string
+  expected: string,
 ): Promise<boolean> {
  return new Promise((resolve, reject) => {
-    const hash = crypto.createHash('sha256')
-    const stream = fs.createReadStream(filePath)
-    stream.on('error', err => reject(err))
-    stream.on('data', chunk => hash.update(chunk))
-    stream.on('end', () => {
-      const actual = hash.digest('hex')
-      resolve(actual === expected)
-    })
-  })
+    const hash = crypto.createHash("sha256");
+    const stream = fs.createReadStream(filePath);
+    stream.on("error", (err) => reject(err));
+    stream.on("data", (chunk) => hash.update(chunk));
+    stream.on("end", () => {
+      const actual = hash.digest("hex");
+      resolve(actual === expected);
+    });
+  });
 }

 export function isknownVersion(version: string): boolean {
-  const pattern = new RegExp(`^.*-.*-${version}$`)
-  return Object.keys(KNOWN_CHECKSUMS).some(key => pattern.test(key))
+  const pattern = new RegExp(`^.*-.*-${version}$`);
+  return Object.keys(KNOWN_CHECKSUMS).some((key) => pattern.test(key));
 }
@@ -1,39 +1,59 @@
-import {promises as fs} from 'fs'
-import * as tc from '@actions/tool-cache'
+import { promises as fs } from "node:fs";
+import * as tc from "@actions/tool-cache";
+import { KNOWN_CHECKSUMS } from "./known-checksums";
 export async function updateChecksums(
  filePath: string,
-  downloadUrls: string[]
+  downloadUrls: string[],
 ): Promise<void> {
-  await fs.rm(filePath)
+  await fs.rm(filePath);
  await fs.appendFile(
    filePath,
-    '// AUTOGENERATED_DO_NOT_EDIT\nexport const KNOWN_CHECKSUMS: {[key: string]: string} = {\n'
-  )
-  let firstLine = true
+    "// AUTOGENERATED_DO_NOT_EDIT\nexport const KNOWN_CHECKSUMS: { [key: string]: string } = {\n",
+  );
+  let firstLine = true;
  for (const downloadUrl of downloadUrls) {
-    const content = await downloadAssetContent(downloadUrl)
-    const checksum = content.split(' ')[0].trim()
-    const key = getKey(downloadUrl)
-    if (!firstLine) {
-      await fs.appendFile(filePath, ',\n')
+    const key = getKey(downloadUrl);
+    if (key === undefined) {
+      continue;
    }
-    await fs.appendFile(filePath, `  '${key}':\n    '${checksum}'`)
-    firstLine = false
+    const checksum = await getOrDownloadChecksum(key, downloadUrl);
+    if (!firstLine) {
+      await fs.appendFile(filePath, ",\n");
+    }
+    await fs.appendFile(filePath, `  "${key}":\n    "${checksum}"`);
+    firstLine = false;
  }
-  await fs.appendFile(filePath, '}\n')
+  await fs.appendFile(filePath, ",\n};\n");
 }

-function getKey(downloadUrl: string): string {
+function getKey(downloadUrl: string): string | undefined {
  // https://github.com/astral-sh/uv/releases/download/0.3.2/uv-aarch64-apple-darwin.tar.gz.sha256
-  const parts = downloadUrl.split('/')
-  const fileName = parts[parts.length - 1]
-  const name = fileName.split('.')[0].split('uv-')[1]
-  const version = parts[parts.length - 2]
-  return `${name}-${version}`
+  const parts = downloadUrl.split("/");
+  const fileName = parts[parts.length - 1];
+  if (fileName.startsWith("source")) {
+    return undefined;
+  }
+  const name = fileName.split(".")[0].split("uv-")[1];
+  const version = parts[parts.length - 2];
+  return `${name}-${version}`;
+}
+
+async function getOrDownloadChecksum(
+  key: string,
+  downloadUrl: string,
+): Promise<string> {
+  let checksum = "";
+  if (key in KNOWN_CHECKSUMS) {
+    checksum = KNOWN_CHECKSUMS[key];
+  } else {
+    const content = await downloadAssetContent(downloadUrl);
+    checksum = content.split(" ")[0].trim();
+  }
+  return checksum;
 }

 async function downloadAssetContent(downloadUrl: string): Promise<string> {
-  const downloadPath = await tc.downloadTool(downloadUrl)
-  const content = await fs.readFile(downloadPath, 'utf8')
-  return content
+  const downloadPath = await tc.downloadTool(downloadUrl);
+  const content = await fs.readFile(downloadPath, "utf8");
+  return content;
 }
@@ -1,66 +0,0 @@
-import * as core from '@actions/core'
-import * as tc from '@actions/tool-cache'
-import * as exec from '@actions/exec'
-import * as path from 'path'
-import {Architecture, Platform} from '../utils/platforms'
-import {validateChecksum} from './checksum/checksum'
-import {OWNER, REPO, TOOL_CACHE_NAME} from '../utils/utils'
-
-export async function downloadLatest(
-  platform: Platform,
-  arch: Architecture,
-  checkSum: string | undefined,
-  githubToken: string | undefined
-): Promise<{cachedToolDir: string; version: string}> {
-  const artifact = `uv-${arch}-${platform}`
-  let downloadUrl = `https://github.com/${OWNER}/${REPO}/releases/latest/download/${artifact}`
-  if (platform === 'pc-windows-msvc') {
-    downloadUrl += '.zip'
-  } else {
-    downloadUrl += '.tar.gz'
-  }
-  core.info(`Downloading uv from "${downloadUrl}" ...`)
-
-  const downloadPath = await tc.downloadTool(
-    downloadUrl,
-    undefined,
-    githubToken
-  )
-  let uvExecutablePath: string
-  let uvDir: string
-  if (platform === 'pc-windows-msvc') {
-    uvDir = await tc.extractZip(downloadPath)
-    // On windows extracting the zip does not create an intermediate directory
-    uvExecutablePath = path.join(uvDir, 'uv.exe')
-  } else {
-    const extractedDir = await tc.extractTar(downloadPath)
-    uvDir = path.join(extractedDir, artifact)
-    uvExecutablePath = path.join(uvDir, 'uv')
-  }
-  const version = await getVersion(uvExecutablePath)
-  await validateChecksum(checkSum, downloadPath, arch, platform, version)
-  const cachedToolDir = await tc.cacheDir(uvDir, TOOL_CACHE_NAME, version, arch)
-
-  return {cachedToolDir, version}
-}
-
-async function getVersion(uvExecutablePath: string): Promise<string> {
-  // Parse the output of `uv --version` to get the version
-  // The output looks like
-  // uv 0.3.1 (be17d132a 2024-08-21)
-
-  const options: exec.ExecOptions = {
-    silent: !core.isDebug()
-  }
-  const execArgs = ['--version']
-
-  let output = ''
-  options.listeners = {
-    stdout: (data: Buffer) => {
-      output += data.toString()
-    }
-  }
-  await exec.exec(uvExecutablePath, execArgs, options)
-  const parts = output.split(' ')
-  return parts[1]
-}
@@ -1,51 +1,266 @@
-import * as core from '@actions/core'
-import * as tc from '@actions/tool-cache'
-import * as path from 'path'
-import {OWNER, REPO, TOOL_CACHE_NAME} from '../utils/utils'
-import {Architecture, Platform} from '../utils/platforms'
-import {validateChecksum} from './checksum/checksum'
+import { promises as fs } from "node:fs";
+import * as path from "node:path";
+import * as core from "@actions/core";
+import * as tc from "@actions/tool-cache";
+import type { Endpoints } from "@octokit/types";
+import * as pep440 from "@renovatebot/pep440";
+import { OWNER, REPO, TOOL_CACHE_NAME } from "../utils/constants";
+import { Octokit } from "../utils/octokit";
+import type { Architecture, Platform } from "../utils/platforms";
+import { validateChecksum } from "./checksum/checksum";
+import {
+  getDownloadUrl,
+  getLatestKnownVersion as getLatestVersionInManifest,
+} from "./version-manifest";
+
+type Release =
+  Endpoints["GET /repos/{owner}/{repo}/releases"]["response"]["data"][number];

 export function tryGetFromToolCache(
  arch: Architecture,
-  version: string
-): string | undefined {
-  core.debug(`Trying to get uv from tool cache for ${version}...`)
-  const cachedVersions = tc.findAllVersions(TOOL_CACHE_NAME, arch)
-  core.debug(`Cached versions: ${cachedVersions}`)
-  return tc.find(TOOL_CACHE_NAME, version, arch)
+  version: string,
+): { version: string; installedPath: string | undefined } {
+  core.debug(`Trying to get uv from tool cache for ${version}...`);
+  const cachedVersions = tc.findAllVersions(TOOL_CACHE_NAME, arch);
+  core.debug(`Cached versions: ${cachedVersions}`);
+  let resolvedVersion = tc.evaluateVersions(cachedVersions, version);
+  if (resolvedVersion === "") {
+    resolvedVersion = version;
+  }
+  const installedPath = tc.find(TOOL_CACHE_NAME, resolvedVersion, arch);
+  return { installedPath, version: resolvedVersion };
 }

-export async function downloadVersion(
+export async function downloadVersionFromGithub(
  platform: Platform,
  arch: Architecture,
  version: string,
  checkSum: string | undefined,
-  githubToken: string | undefined
-): Promise<string> {
-  const artifact = `uv-${arch}-${platform}`
-  let downloadUrl = `https://github.com/${OWNER}/${REPO}/releases/download/${version}/${artifact}`
-  if (platform === 'pc-windows-msvc') {
-    downloadUrl += '.zip'
-  } else {
-    downloadUrl += '.tar.gz'
-  }
-  core.info(`Downloading uv from "${downloadUrl}" ...`)
+  githubToken: string,
+): Promise<{ version: string; cachedToolDir: string }> {
+  const artifact = `uv-${arch}-${platform}`;
+  const extension = getExtension(platform);
+  const downloadUrl = `https://github.com/${OWNER}/${REPO}/releases/download/${version}/${artifact}${extension}`;
+  return await downloadVersion(
+    downloadUrl,
+    artifact,
+    platform,
+    arch,
+    version,
+    checkSum,
+    githubToken,
+  );
+}

+export async function downloadVersionFromManifest(
+  manifestUrl: string | undefined,
+  platform: Platform,
+  arch: Architecture,
+  version: string,
+  checkSum: string | undefined,
+  githubToken: string,
+): Promise<{ version: string; cachedToolDir: string }> {
+  const downloadUrl = await getDownloadUrl(
+    manifestUrl,
+    version,
+    arch,
+    platform,
+  );
+  if (!downloadUrl) {
+    core.info(
+      `manifest-file does not contain version ${version}, arch ${arch}, platform ${platform}. Falling back to GitHub releases.`,
+    );
+    return await downloadVersionFromGithub(
+      platform,
+      arch,
+      version,
+      checkSum,
+      githubToken,
+    );
+  }
+  return await downloadVersion(
+    downloadUrl,
+    `uv-${arch}-${platform}`,
+    platform,
+    arch,
+    version,
+    checkSum,
+    githubToken,
+  );
+}
+
+async function downloadVersion(
+  downloadUrl: string,
+  artifactName: string,
+  platform: Platform,
+  arch: Architecture,
+  version: string,
+  checkSum: string | undefined,
+  githubToken: string,
+): Promise<{ version: string; cachedToolDir: string }> {
+  core.info(`Downloading uv from "${downloadUrl}" ...`);
  const downloadPath = await tc.downloadTool(
    downloadUrl,
    undefined,
-    githubToken
-  )
-  await validateChecksum(checkSum, downloadPath, arch, platform, version)
+    githubToken,
+  );
+  await validateChecksum(checkSum, downloadPath, arch, platform, version);

-  let uvDir: string
-  if (platform === 'pc-windows-msvc') {
-    uvDir = await tc.extractZip(downloadPath)
+  let uvDir: string;
+  const extension = getExtension(platform);
+  if (platform === "pc-windows-msvc") {
+    const fullPathWithExtension = `${downloadPath}${extension}`;
+    await fs.copyFile(downloadPath, fullPathWithExtension);
+    uvDir = await tc.extractZip(fullPathWithExtension);
    // On windows extracting the zip does not create an intermediate directory
  } else {
-    const extractedDir = await tc.extractTar(downloadPath)
-    uvDir = path.join(extractedDir, artifact)
+    const extractedDir = await tc.extractTar(downloadPath);
+    uvDir = path.join(extractedDir, artifactName);
+  }
+  const cachedToolDir = await tc.cacheDir(
+    uvDir,
+    TOOL_CACHE_NAME,
+    version,
+    arch,
+  );
+  return { cachedToolDir, version: version };
+}
+
+function getExtension(platform: Platform): string {
+  return platform === "pc-windows-msvc" ? ".zip" : ".tar.gz";
+}
+
+export async function resolveVersion(
+  versionInput: string,
+  manifestFile: string | undefined,
+  githubToken: string,
+): Promise<string> {
+  core.debug(`Resolving version: ${versionInput}`);
+  let version: string;
+  const isSimpleMinimumVersionSpecifier =
+    versionInput.includes(">") && !versionInput.includes(",");
+  if (isSimpleMinimumVersionSpecifier) {
+    core.info("Found minimum version specifier, using latest version");
+  }
+  if (manifestFile) {
+    version =
+      versionInput === "latest" || isSimpleMinimumVersionSpecifier
+        ? await getLatestVersionInManifest(manifestFile)
+        : versionInput;
+  } else {
+    version =
+      versionInput === "latest" || isSimpleMinimumVersionSpecifier
+        ? await getLatestVersion(githubToken)
+        : versionInput;
+  }
+  if (tc.isExplicitVersion(version)) {
+    core.debug(`Version ${version} is an explicit version.`);
+    if (isSimpleMinimumVersionSpecifier) {
+      if (!pep440.satisfies(version, versionInput)) {
+        throw new Error(`No version found for ${versionInput}`);
+      }
+    }
+    return version;
+  }
+  const availableVersions = await getAvailableVersions(githubToken);
+  core.debug(`Available versions: ${availableVersions}`);
+  const resolvedVersion = maxSatisfying(availableVersions, version);
+  if (resolvedVersion === undefined) {
+    throw new Error(`No version found for ${version}`);
+  }
+  return resolvedVersion;
+}
+
+async function getAvailableVersions(githubToken: string): Promise<string[]> {
+  core.info("Getting available versions from GitHub API...");
+  try {
+    const octokit = new Octokit({
+      auth: githubToken,
+    });
+    return await getReleaseTagNames(octokit);
+  } catch (err) {
+    if ((err as Error).message.includes("Bad credentials")) {
+      core.info(
+        "No (valid) GitHub token provided. Falling back to anonymous. Requests might be rate limited.",
+      );
+      const octokit = new Octokit();
+      return await getReleaseTagNames(octokit);
+    }
+    throw err;
+  }
+}
+
+async function getReleaseTagNames(octokit: Octokit): Promise<string[]> {
+  const response: Release[] = await octokit.paginate(
+    octokit.rest.repos.listReleases,
+    {
+      owner: OWNER,
+      repo: REPO,
+    },
+  );
+  const releaseTagNames = response.map((release) => release.tag_name);
+  if (releaseTagNames.length === 0) {
+    throw Error(
+      "Github API request failed while getting releases. Check the GitHub status page for outages. Try again later.",
+    );
+  }
+  return releaseTagNames;
+}
+
+async function getLatestVersion(githubToken: string) {
+  core.info("Getting latest version from GitHub API...");
+  const octokit = new Octokit({
+    auth: githubToken,
+  });
+
+  let latestRelease: { tag_name: string } | undefined;
+  try {
+    latestRelease = await getLatestRelease(octokit);
+  } catch (err) {
+    if ((err as Error).message.includes("Bad credentials")) {
+      core.info(
+        "No (valid) GitHub token provided. Falling back to anonymous. Requests might be rate limited.",
+      );
+      const octokit = new Octokit();
+      latestRelease = await getLatestRelease(octokit);
+    } else {
+      core.error(
+        "Github API request failed while getting latest release. Check the GitHub status page for outages. Try again later.",
+      );
+      throw err;
+    }
  }

-  return await tc.cacheDir(uvDir, TOOL_CACHE_NAME, version, arch)
+  if (!latestRelease) {
+    throw new Error("Could not determine latest release.");
+  }
+  core.debug(`Latest version: ${latestRelease.tag_name}`);
+  return latestRelease.tag_name;
+}
+
+async function getLatestRelease(octokit: Octokit) {
+  const { data: latestRelease } = await octokit.rest.repos.getLatestRelease({
+    owner: OWNER,
+    repo: REPO,
+  });
+  return latestRelease;
+}
+
+function maxSatisfying(
+  versions: string[],
+  version: string,
+): string | undefined {
+  const maxSemver = tc.evaluateVersions(versions, version);
+  if (maxSemver !== "") {
+    core.debug(`Found a version that satisfies the semver range: ${maxSemver}`);
+    return maxSemver;
+  }
+  const maxPep440 = pep440.maxSatisfying(versions, version);
+  if (maxPep440 !== null) {
+    core.debug(
+      `Found a version that satisfies the pep440 specifier: ${maxPep440}`,
+    );
+    return maxPep440;
+  }
+  return undefined;
 }
@@ -0,0 +1,91 @@
+import { promises as fs } from "node:fs";
+import { join } from "node:path";
+import * as core from "@actions/core";
+import * as semver from "semver";
+import { fetch } from "../utils/fetch";
+
+const localManifestFile = join(__dirname, "..", "..", "version-manifest.json");
+
+interface ManifestEntry {
+  version: string;
+  artifactName: string;
+  arch: string;
+  platform: string;
+  downloadUrl: string;
+}
+
+export async function getLatestKnownVersion(
+  manifestUrl: string | undefined,
+): Promise<string> {
+  const manifestEntries = await getManifestEntries(manifestUrl);
+  return manifestEntries.reduce((a, b) =>
+    semver.gt(a.version, b.version) ? a : b,
+  ).version;
+}
+
+export async function getDownloadUrl(
+  manifestUrl: string | undefined,
+  version: string,
+  arch: string,
+  platform: string,
+): Promise<string | undefined> {
+  const manifestEntries = await getManifestEntries(manifestUrl);
+  const entry = manifestEntries.find(
+    (entry) =>
+      entry.version === version &&
+      entry.arch === arch &&
+      entry.platform === platform,
+  );
+  return entry ? entry.downloadUrl : undefined;
+}
+
+async function getManifestEntries(
+  manifestUrl: string | undefined,
+): Promise<ManifestEntry[]> {
+  let data: string;
+  if (manifestUrl !== undefined) {
+    core.info(`Fetching manifest-file from: ${manifestUrl}`);
+    const response = await fetch(manifestUrl, {});
+    if (!response.ok) {
+      throw new Error(
+        `Failed to fetch manifest-file: ${response.status} ${response.statusText}`,
+      );
+    }
+    data = await response.text();
+  } else {
+    core.info("manifest-file not provided, reading from local file.");
+    const fileContent = await fs.readFile(localManifestFile);
+    data = fileContent.toString();
+  }
+
+  return JSON.parse(data);
+}
+
+export async function updateVersionManifest(
+  manifestUrl: string,
+  downloadUrls: string[],
+): Promise<void> {
+  const manifest: ManifestEntry[] = [];
+
+  for (const downloadUrl of downloadUrls) {
+    const urlParts = downloadUrl.split("/");
+    const version = urlParts[urlParts.length - 2];
+    const artifactName = urlParts[urlParts.length - 1];
+    if (!artifactName.startsWith("uv-")) {
+      continue;
+    }
+    if (artifactName.startsWith("uv-installer")) {
+      continue;
+    }
+    const artifactParts = artifactName.split(".")[0].split("-");
+    manifest.push({
+      arch: artifactParts[1],
+      artifactName: artifactName,
+      downloadUrl: downloadUrl,
+      platform: artifactName.split(`uv-${artifactParts[1]}-`)[1].split(".")[0],
+      version: version,
+    });
+  }
+  core.debug(`Updating manifest-file: ${JSON.stringify(manifest)}`);
+  await fs.writeFile(manifestUrl, JSON.stringify(manifest));
+}
@@ -0,0 +1,48 @@
+import * as crypto from "node:crypto";
+import * as fs from "node:fs";
+import * as stream from "node:stream";
+import * as util from "node:util";
+import * as core from "@actions/core";
+import { create } from "@actions/glob";
+
+/**
+ * Hashes files matching the given glob pattern.
+ *
+ * Copied from https://github.com/actions/toolkit/blob/20ed2908f19538e9dfb66d8083f1171c0a50a87c/packages/glob/src/internal-hash-files.ts#L9-L49
+ * But supports hashing files outside the GITHUB_WORKSPACE.
+ * @param pattern The glob pattern to match files.
+ * @param verbose Whether to log the files being hashed.
+ */
+export async function hashFiles(
+  pattern: string,
+  verbose = false,
+): Promise<string> {
+  const globber = await create(pattern);
+  let hasMatch = false;
+  const writeDelegate = verbose ? core.info : core.debug;
+  const result = crypto.createHash("sha256");
+  let count = 0;
+  for await (const file of globber.globGenerator()) {
+    writeDelegate(file);
+    if (fs.statSync(file).isDirectory()) {
+      writeDelegate(`Skip directory '${file}'.`);
+      continue;
+    }
+    const hash = crypto.createHash("sha256");
+    const pipeline = util.promisify(stream.pipeline);
+    await pipeline(fs.createReadStream(file), hash);
+    result.write(hash.digest());
+    count++;
+    if (!hasMatch) {
+      hasMatch = true;
+    }
+  }
+  result.end();
+
+  if (hasMatch) {
+    writeDelegate(`Found ${count} files to hash.`);
+    return result.digest("hex");
+  }
+  writeDelegate("No matches found for glob");
+  return "";
+}
@@ -1,49 +1,120 @@
-import * as cache from '@actions/cache'
-import * as core from '@actions/core'
-import * as exec from '@actions/exec'
-import {STATE_CACHE_MATCHED_KEY, STATE_CACHE_KEY} from './cache/restore-cache'
-import {cacheLocalPath, enableCache} from './utils/inputs'
+import * as fs from "node:fs";
+import * as cache from "@actions/cache";
+import * as core from "@actions/core";
+import * as exec from "@actions/exec";
+import * as pep440 from "@renovatebot/pep440";
+import {
+  STATE_CACHE_KEY,
+  STATE_CACHE_MATCHED_KEY,
+} from "./cache/restore-cache";
+import { STATE_UV_PATH, STATE_UV_VERSION } from "./utils/constants";
+import {
+  cacheLocalPath,
+  cachePython,
+  enableCache,
+  ignoreNothingToCache,
+  pythonDir,
+  pruneCache as shouldPruneCache,
+  saveCache as shouldSaveCache,
+} from "./utils/inputs";

 export async function run(): Promise<void> {
  try {
    if (enableCache) {
-      await saveCache()
+      if (shouldSaveCache) {
+        await saveCache();
+      } else {
+        core.info("save-cache is false. Skipping save cache step.");
+      }
+      // node will stay alive if any promises are not resolved,
+      // which is a possibility if HTTP requests are dangling
+      // due to retries or timeouts. We know that if we got here
+      // that all promises that we care about have successfully
+      // resolved, so simply exit with success.
+      process.exit(0);
    }
  } catch (error) {
-    const err = error as Error
-    core.setFailed(err.message)
+    const err = error as Error;
+    core.setFailed(err.message);
  }
-  process.exit(0)
 }

 async function saveCache(): Promise<void> {
-  const cacheKey = core.getState(STATE_CACHE_KEY)
-  const matchedKey = core.getState(STATE_CACHE_MATCHED_KEY)
+  const cacheKey = core.getState(STATE_CACHE_KEY);
+  const matchedKey = core.getState(STATE_CACHE_MATCHED_KEY);

  if (!cacheKey) {
-    core.warning('Error retrieving cache key from state.')
-    return
-  } else if (matchedKey === cacheKey) {
-    core.info(`Cache hit occurred on key ${cacheKey}, not saving cache.`)
-    return
+    core.warning("Error retrieving cache key from state.");
+    return;
+  }
+  if (matchedKey === cacheKey) {
+    core.info(`Cache hit occurred on key ${cacheKey}, not saving cache.`);
+    return;
  }

-  await pruneCache()
+  if (shouldPruneCache) {
+    await pruneCache();
+  }

-  core.info(`Saving cache path: ${cacheLocalPath}`)
-  await cache.saveCache([cacheLocalPath], cacheKey)
+  let actualCachePath = cacheLocalPath;
+  if (process.env.UV_CACHE_DIR && process.env.UV_CACHE_DIR !== cacheLocalPath) {
+    core.warning(
+      `The environment variable UV_CACHE_DIR has been changed to "${process.env.UV_CACHE_DIR}", by an action or step running after astral-sh/setup-uv. This can lead to unexpected behavior. If you expected this to happen set the cache-local-path input to "${process.env.UV_CACHE_DIR}" instead of "${cacheLocalPath}".`,
+    );
+    actualCachePath = process.env.UV_CACHE_DIR;
+  }

-  core.info(`cache saved with the key: ${cacheKey}`)
+  core.info(`Saving cache path: ${actualCachePath}`);
+  if (!fs.existsSync(actualCachePath) && !ignoreNothingToCache) {
+    throw new Error(
+      `Cache path ${actualCachePath} does not exist on disk. This likely indicates that there are no dependencies to cache. Consider disabling the cache input if it is not needed.`,
+    );
+  }
+
+  const cachePaths = [actualCachePath];
+  if (cachePython) {
+    core.info(`Including Python cache path: ${pythonDir}`);
+    if (!fs.existsSync(pythonDir) && !ignoreNothingToCache) {
+      throw new Error(
+        `Python cache path ${pythonDir} does not exist on disk. This likely indicates that there are no dependencies to cache. Consider disabling the cache input if it is not needed.`,
+      );
+    }
+    cachePaths.push(pythonDir);
+  }
+
+  core.info(`Final cache paths: ${cachePaths.join(", ")}`);
+  try {
+    await cache.saveCache(cachePaths, cacheKey);
+    core.info(`cache saved with the key: ${cacheKey}`);
+  } catch (e) {
+    if (
+      e instanceof Error &&
+      e.message ===
+        "Path Validation Error: Path(s) specified in the action for caching do(es) not exist, hence no cache is being saved."
+    ) {
+      core.info(
+        "No cacheable paths were found. Ignoring because ignore-nothing-to-save is enabled.",
+      );
+    } else {
+      throw e;
+    }
+  }
 }

 async function pruneCache(): Promise<void> {
-  const options: exec.ExecOptions = {
-    silent: !core.isDebug()
-  }
-  const execArgs = ['cache', 'prune', '--ci']
+  const forceSupported = pep440.gte(core.getState(STATE_UV_VERSION), "0.8.24");

-  core.info('Pruning cache...')
-  await exec.exec('uv', execArgs, options)
+  const options: exec.ExecOptions = {
+    silent: false,
+  };
+  const execArgs = ["cache", "prune", "--ci"];
+  if (forceSupported) {
+    execArgs.push("--force");
+  }
+
+  core.info("Pruning cache...");
+  const uvPath = core.getState(STATE_UV_PATH);
+  await exec.exec(uvPath, execArgs, options);
 }

-run()
+run();
@@ -1,99 +1,261 @@
-import * as core from '@actions/core'
-import * as path from 'path'
-import {downloadVersion, tryGetFromToolCache} from './download/download-version'
-import {restoreCache} from './cache/restore-cache'
-
-import {downloadLatest} from './download/download-latest'
-import {Architecture, getArch, getPlatform, Platform} from './utils/platforms'
+import fs from "node:fs";
+import * as path from "node:path";
+import * as core from "@actions/core";
+import * as exec from "@actions/exec";
+import { restoreCache } from "./cache/restore-cache";
 import {
+  downloadVersionFromManifest,
+  resolveVersion,
+  tryGetFromToolCache,
+} from "./download/download-version";
+import { getConfigValueFromTomlFile } from "./utils/config-file";
+import { STATE_UV_PATH, STATE_UV_VERSION } from "./utils/constants";
+import {
+  activateEnvironment as activateEnvironmentInput,
+  addProblemMatchers,
  cacheLocalPath,
  checkSum,
  enableCache,
  githubToken,
-  version
-} from './utils/inputs'
+  ignoreEmptyWorkdir,
+  manifestFile,
+  pythonDir,
+  pythonVersion,
+  toolBinDir,
+  toolDir,
+  versionFile as versionFileInput,
+  version as versionInput,
+  workingDirectory,
+} from "./utils/inputs";
+import {
+  type Architecture,
+  getArch,
+  getPlatform,
+  type Platform,
+} from "./utils/platforms";
+import { getUvVersionFromFile } from "./version/resolve";

 async function run(): Promise<void> {
-  const platform = getPlatform()
-  const arch = getArch()
+  detectEmptyWorkdir();
+  const platform = await getPlatform();
+  const arch = getArch();

  try {
    if (platform === undefined) {
-      throw new Error(`Unsupported platform: ${process.platform}`)
+      throw new Error(`Unsupported platform: ${process.platform}`);
    }
    if (arch === undefined) {
-      throw new Error(`Unsupported architecture: ${process.arch}`)
+      throw new Error(`Unsupported architecture: ${process.arch}`);
    }
-    const setupResult = await setupUv(
-      platform,
-      arch,
-      version,
-      checkSum,
-      githubToken
-    )
+    const setupResult = await setupUv(platform, arch, checkSum, githubToken);

-    addUvToPath(setupResult.uvDir)
-    core.setOutput('uv-version', version)
-    core.info(`Successfully installed uv version ${version}`)
+    addToolBinToPath();
+    addUvToPathAndOutput(setupResult.uvDir);
+    setToolDir();
+    addPythonDirToPath();
+    setupPython();
+    await activateEnvironment();
+    addMatchers();
+    setCacheDir();

-    addMatchers()
-    setCacheDir(cacheLocalPath)
+    core.setOutput("uv-version", setupResult.version);
+    core.saveState(STATE_UV_VERSION, setupResult.version);
+    core.info(`Successfully installed uv version ${setupResult.version}`);

    if (enableCache) {
-      await restoreCache(setupResult.version)
+      await restoreCache();
    }
+    process.exit(0);
  } catch (err) {
-    core.setFailed((err as Error).message)
+    core.setFailed((err as Error).message);
+  }
+}
+
+function detectEmptyWorkdir(): void {
+  if (fs.readdirSync(".").length === 0) {
+    if (ignoreEmptyWorkdir) {
+      core.info(
+        "Empty workdir detected. Ignoring because ignore-empty-workdir is enabled",
+      );
+    } else {
+      core.warning(
+        "Empty workdir detected. This may cause unexpected behavior. You can enable ignore-empty-workdir to mute this warning.",
+      );
+    }
  }
-  process.exit(0)
 }

 async function setupUv(
  platform: Platform,
  arch: Architecture,
-  versionInput: string,
  checkSum: string | undefined,
-  githubToken: string | undefined
-): Promise<{uvDir: string; version: string}> {
-  let installedPath: string | undefined
-  let cachedToolDir: string
-  let version: string
-  if (versionInput === 'latest') {
-    const result = await downloadLatest(platform, arch, checkSum, githubToken)
-    version = result.version
-    cachedToolDir = result.cachedToolDir
-  } else {
-    version = versionInput
-    installedPath = tryGetFromToolCache(arch, versionInput)
-    if (installedPath) {
-      core.info(`Found uv in tool-cache for ${versionInput}`)
-      return {uvDir: installedPath, version}
-    }
-    cachedToolDir = await downloadVersion(
-      platform,
-      arch,
-      versionInput,
-      checkSum,
-      githubToken
-    )
+  githubToken: string,
+): Promise<{ uvDir: string; version: string }> {
+  const resolvedVersion = await determineVersion(manifestFile);
+  const toolCacheResult = tryGetFromToolCache(arch, resolvedVersion);
+  if (toolCacheResult.installedPath) {
+    core.info(`Found uv in tool-cache for ${toolCacheResult.version}`);
+    return {
+      uvDir: toolCacheResult.installedPath,
+      version: toolCacheResult.version,
+    };
  }

-  return {uvDir: cachedToolDir, version}
+  const downloadVersionResult = await downloadVersionFromManifest(
+    manifestFile,
+    platform,
+    arch,
+    resolvedVersion,
+    checkSum,
+    githubToken,
+  );
+
+  return {
+    uvDir: downloadVersionResult.cachedToolDir,
+    version: downloadVersionResult.version,
+  };
 }

-function addUvToPath(cachedPath: string): void {
-  core.addPath(cachedPath)
-  core.info(`Added ${cachedPath} to the path`)
+async function determineVersion(
+  manifestFile: string | undefined,
+): Promise<string> {
+  if (versionInput !== "") {
+    return await resolveVersion(versionInput, manifestFile, githubToken);
+  }
+  if (versionFileInput !== "") {
+    const versionFromFile = getUvVersionFromFile(versionFileInput);
+    if (versionFromFile === undefined) {
+      throw new Error(
+        `Could not determine uv version from file: ${versionFileInput}`,
+      );
+    }
+    return await resolveVersion(versionFromFile, manifestFile, githubToken);
+  }
+  const versionFromUvToml = getUvVersionFromFile(
+    `${workingDirectory}${path.sep}uv.toml`,
+  );
+  const versionFromPyproject = getUvVersionFromFile(
+    `${workingDirectory}${path.sep}pyproject.toml`,
+  );
+  if (versionFromUvToml === undefined && versionFromPyproject === undefined) {
+    core.info(
+      "Could not determine uv version from uv.toml or pyproject.toml. Falling back to latest.",
+    );
+  }
+  return await resolveVersion(
+    versionFromUvToml || versionFromPyproject || "latest",
+    manifestFile,
+    githubToken,
+  );
 }

-function setCacheDir(cacheLocalPath: string): void {
-  core.exportVariable('UV_CACHE_DIR', cacheLocalPath)
-  core.info(`Set UV_CACHE_DIR to ${cacheLocalPath}`)
+function addUvToPathAndOutput(cachedPath: string): void {
+  core.setOutput("uv-path", `${cachedPath}${path.sep}uv`);
+  core.saveState(STATE_UV_PATH, `${cachedPath}${path.sep}uv`);
+  core.setOutput("uvx-path", `${cachedPath}${path.sep}uvx`);
+  if (process.env.UV_NO_MODIFY_PATH !== undefined) {
+    core.info("UV_NO_MODIFY_PATH is set, not modifying PATH");
+  } else {
+    core.addPath(cachedPath);
+    core.info(`Added ${cachedPath} to the path`);
+  }
+}
+
+function addToolBinToPath(): void {
+  if (toolBinDir !== undefined) {
+    core.exportVariable("UV_TOOL_BIN_DIR", toolBinDir);
+    core.info(`Set UV_TOOL_BIN_DIR to ${toolBinDir}`);
+    if (process.env.UV_NO_MODIFY_PATH !== undefined) {
+      core.info(`UV_NO_MODIFY_PATH is set, not adding ${toolBinDir} to path`);
+    } else {
+      core.addPath(toolBinDir);
+      core.info(`Added ${toolBinDir} to the path`);
+    }
+  } else {
+    if (process.env.UV_NO_MODIFY_PATH !== undefined) {
+      core.info("UV_NO_MODIFY_PATH is set, not adding user local bin to path");
+      return;
+    }
+    if (process.env.XDG_BIN_HOME !== undefined) {
+      core.addPath(process.env.XDG_BIN_HOME);
+      core.info(`Added ${process.env.XDG_BIN_HOME} to the path`);
+    } else if (process.env.XDG_DATA_HOME !== undefined) {
+      core.addPath(`${process.env.XDG_DATA_HOME}/../bin`);
+      core.info(`Added ${process.env.XDG_DATA_HOME}/../bin to the path`);
+    } else {
+      core.addPath(`${process.env.HOME}/.local/bin`);
+      core.info(`Added ${process.env.HOME}/.local/bin to the path`);
+    }
+  }
+}
+
+function setToolDir(): void {
+  if (toolDir !== undefined) {
+    core.exportVariable("UV_TOOL_DIR", toolDir);
+    core.info(`Set UV_TOOL_DIR to ${toolDir}`);
+  }
+}
+
+function addPythonDirToPath(): void {
+  core.exportVariable("UV_PYTHON_INSTALL_DIR", pythonDir);
+  core.info(`Set UV_PYTHON_INSTALL_DIR to ${pythonDir}`);
+  if (process.env.UV_NO_MODIFY_PATH !== undefined) {
+    core.info("UV_NO_MODIFY_PATH is set, not adding python dir to path");
+  } else {
+    core.addPath(pythonDir);
+    core.info(`Added ${pythonDir} to the path`);
+  }
+}
+
+function setupPython(): void {
+  if (pythonVersion !== "") {
+    core.exportVariable("UV_PYTHON", pythonVersion);
+    core.info(`Set UV_PYTHON to ${pythonVersion}`);
+  }
+}
+
+async function activateEnvironment(): Promise<void> {
+  if (activateEnvironmentInput) {
+    if (process.env.UV_NO_MODIFY_PATH !== undefined) {
+      throw new Error(
+        "UV_NO_MODIFY_PATH and activate-environment cannot be used together.",
+      );
+    }
+    const execArgs = ["venv", ".venv", "--directory", workingDirectory];
+
+    core.info("Activating python venv...");
+    await exec.exec("uv", execArgs);
+
+    const venvPath = path.resolve(`${workingDirectory}${path.sep}.venv`);
+    let venvBinPath = `${venvPath}${path.sep}bin`;
+    if (process.platform === "win32") {
+      venvBinPath = `${venvPath}${path.sep}Scripts`;
+    }
+    core.addPath(path.resolve(venvBinPath));
+    core.exportVariable("VIRTUAL_ENV", venvPath);
+    core.setOutput("venv", venvPath);
+  }
+}
+
+function setCacheDir(): void {
+  if (enableCache) {
+    const cacheDirFromConfig = getConfigValueFromTomlFile("", "cache-dir");
+    if (cacheDirFromConfig !== undefined) {
+      core.info(
+        "Using cache-dir from uv config file, not modifying UV_CACHE_DIR",
+      );
+      return;
+    }
+    core.exportVariable("UV_CACHE_DIR", cacheLocalPath);
+    core.info(`Set UV_CACHE_DIR to ${cacheLocalPath}`);
+  }
 }

 function addMatchers(): void {
-  const matchersPath = path.join(__dirname, `..${path.sep}..`, '.github')
-  core.info(`##[add-matcher]${path.join(matchersPath, 'python.json')}`)
+  if (addProblemMatchers) {
+    const matchersPath = path.join(__dirname, `..${path.sep}..`, ".github");
+    core.info(`##[add-matcher]${path.join(matchersPath, "python.json")}`);
+  }
 }

-run()
+run();
@@ -1,65 +0,0 @@
-import * as github from '@actions/github'
-import * as core from '@actions/core'
-
-import {OWNER, REPO} from './utils/utils'
-import {createReadStream, promises as fs} from 'fs'
-import * as readline from 'readline'
-import * as semver from 'semver'
-
-import {updateChecksums} from './download/checksum/update-known-checksums'
-
-async function run(): Promise<void> {
-  const checksumFilePath = process.argv.slice(2)[0]
-  const defaultVersionFilePath = process.argv.slice(2)[1]
-  const github_token = process.argv.slice(2)[2]
-
-  const octokit = github.getOctokit(github_token)
-
-  const response = await octokit.paginate(octokit.rest.repos.listReleases, {
-    owner: OWNER,
-    repo: REPO
-  })
-  const downloadUrls: string[] = response.flatMap(release =>
-    release.assets
-      .filter(asset => asset.name.endsWith('.sha256'))
-      .map(asset => asset.browser_download_url)
-  )
-  await updateChecksums(checksumFilePath, downloadUrls)
-
-  const latestVersion = response
-    .map(release => release.tag_name)
-    .sort(semver.rcompare)[0]
-  core.setOutput('latest-version', latestVersion)
-  await updateDefaultVersion(defaultVersionFilePath, latestVersion)
-}
-
-async function updateDefaultVersion(
-  filePath: string,
-  latestVersion: string
-): Promise<void> {
-  const fileStream = createReadStream(filePath)
-
-  const rl = readline.createInterface({
-    input: fileStream
-  })
-
-  let foundDescription = false
-  const lines = []
-
-  for await (let line of rl) {
-    if (
-      !foundDescription &&
-      line.includes("description: 'The version of uv to install'")
-    ) {
-      foundDescription = true
-    } else if (foundDescription && line.includes('default: ')) {
-      line = line.replace(/'[^']*'/, `'${latestVersion}'`)
-      foundDescription = false
-    }
-    lines.push(line)
-  }
-
-  await fs.writeFile(filePath, lines.join('\n'))
-}
-
-run()
@@ -0,0 +1,63 @@
+import * as core from "@actions/core";
+import type { Endpoints } from "@octokit/types";
+import * as semver from "semver";
+import { updateChecksums } from "./download/checksum/update-known-checksums";
+import {
+  getLatestKnownVersion,
+  updateVersionManifest,
+} from "./download/version-manifest";
+import { OWNER, REPO } from "./utils/constants";
+import { Octokit } from "./utils/octokit";
+
+type Release =
+  Endpoints["GET /repos/{owner}/{repo}/releases"]["response"]["data"][number];
+
+async function run(): Promise<void> {
+  const checksumFilePath = process.argv.slice(2)[0];
+  const versionsManifestFile = process.argv.slice(2)[1];
+  const githubToken = process.argv.slice(2)[2];
+
+  const octokit = new Octokit({
+    auth: githubToken,
+  });
+
+  const { data: latestRelease } = await octokit.rest.repos.getLatestRelease({
+    owner: OWNER,
+    repo: REPO,
+  });
+
+  const latestKnownVersion = await getLatestKnownVersion(undefined);
+
+  if (semver.lte(latestRelease.tag_name, latestKnownVersion)) {
+    core.info(
+      `Latest release (${latestRelease.tag_name}) is not newer than the latest known version (${latestKnownVersion}). Skipping update.`,
+    );
+    return;
+  }
+
+  const releases: Release[] = await octokit.paginate(
+    octokit.rest.repos.listReleases,
+    {
+      owner: OWNER,
+      repo: REPO,
+    },
+  );
+  const checksumDownloadUrls: string[] = releases.flatMap((release) =>
+    release.assets
+      .filter((asset) => asset.name.endsWith(".sha256"))
+      .map((asset) => asset.browser_download_url),
+  );
+  await updateChecksums(checksumFilePath, checksumDownloadUrls);
+
+  const artifactDownloadUrls: string[] = releases.flatMap((release) =>
+    release.assets
+      .filter((asset) => !asset.name.endsWith(".sha256"))
+      .map((asset) => asset.browser_download_url),
+  );
+
+  await updateVersionManifest(versionsManifestFile, artifactDownloadUrls);
+
+  core.setOutput("latest-version", latestRelease.tag_name);
+}
+
+run();
@@ -0,0 +1,24 @@
+import fs from "node:fs";
+import * as toml from "smol-toml";
+
+export function getConfigValueFromTomlFile(
+  filePath: string,
+  key: string,
+): string | undefined {
+  if (!fs.existsSync(filePath) || !filePath.endsWith(".toml")) {
+    return undefined;
+  }
+  const fileContent = fs.readFileSync(filePath, "utf-8");
+
+  if (filePath.endsWith("pyproject.toml")) {
+    const tomlContent = toml.parse(fileContent) as {
+      tool?: { uv?: Record<string, string | undefined> };
+    };
+    return tomlContent?.tool?.uv?.[key];
+  }
+  const tomlContent = toml.parse(fileContent) as Record<
+    string,
+    string | undefined
+  >;
+  return tomlContent[key];
+}
@@ -0,0 +1,5 @@
+export const REPO = "uv";
+export const OWNER = "astral-sh";
+export const TOOL_CACHE_NAME = "uv";
+export const STATE_UV_PATH = "uv-path";
+export const STATE_UV_VERSION = "uv-version";
@@ -0,0 +1,21 @@
+import { ProxyAgent, type RequestInit, fetch as undiciFetch } from "undici";
+
+export function getProxyAgent() {
+  const httpProxy = process.env.HTTP_PROXY || process.env.http_proxy;
+  if (httpProxy) {
+    return new ProxyAgent(httpProxy);
+  }
+
+  const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
+  if (httpsProxy) {
+    return new ProxyAgent(httpsProxy);
+  }
+
+  return undefined;
+}
+
+export const fetch = async (url: string, opts: RequestInit) =>
+  await undiciFetch(url, {
+    dispatcher: getProxyAgent(),
+    ...opts,
+  });
--- a/Show More
+++ b/Show More