Changes
This release brings two new inputs and a few bug fixes.
New inputs
Lets talk about the new inputs first.
quiet
Pretty simple. It turns of all info loggings. Useful if you use this in a composite action and are not interested in all the details.
In the upcoming releases we will add log groups to fully implement support for "less noise"
Note
Warnings and errors are always logged.
download-from-astral-mirror
In some cases you may want to directly use the fallback of checking for available versions and downloading releases from GitHub instead of using the astral.sh mirror. Setting download-from-astral-mirror: false allows you to do that.
Bugfixes
When using the astral.sh mirror to query available versions and download releases (done by default) we now stop sending the GitHub token in the header. The mirror never looked at it but we shouldn't be handing out that data even if it is just a short lived token.
All other bugfixes try to limit the impact of failed GitHub queries due to retries and other faults.
We couldn't pinpoint all rootcauses yet but added more logging for error cases to track them down.
🐛 Bug fixes
- fix: report unexpected cache save failures @eifinger (#896)
- fix: report unexpected setup failures @eifinger (#895)
- fix: add timeout to fetch to prevent silent hangs @eifinger-bot (#883)
- Limit GitHub tokens to github.com download URLs @zsol (#878)
- increase libuv-workaround timeout to 100ms @eifinger (#880)
🚀 Enhancements
- Add quiet input to suppress info-level log output @eifinger (#898)
- feat: add
download-from-astral-mirrorinput @eifinger (#897)
🧰 Maintenance
- docs: update dependabot rollup biome guidance @eifinger (#902)
- chore: update known checksums for 0.11.18 @github-actions[bot] (#899)
- chore: update known checksums for 0.11.17 @github-actions[bot] (#892)
- chore: update known checksums for 0.11.16 @github-actions[bot] (#889)
- chore: update known checksums for 0.11.15 @github-actions[bot] (#885)
- chore: update known checksums for 0.11.14 @github-actions[bot] (#879)
- chore: update known checksums for 0.11.13 @github-actions[bot] (#877)
- chore: update known checksums for 0.11.12 @github-actions[bot] (#876)
- chore: update known checksums for 0.11.11 @github-actions[bot] (#873)
- chore: update known checksums for 0.11.9/0.11.10 @github-actions[bot] (#871)
- chore: update known checksums for 0.11.8 @github-actions[bot] (#867)
- Bump setup-uv references to v8.1.0 SHA in docs @eifinger (#862)
- Add update-docs.yml workflow @eifinger (#861)
⬆️ Dependency updates
- chore(deps): roll up dependabot updates @eifinger (#903)
- chore(deps): roll up dependabot updates @eifinger (#901)
- chore(deps): bump release-drafter/release-drafter from 7.3.0 to 7.3.1 @dependabot[bot] (#900)
- chore(deps): bump eifinger/actionlint-action from 1.10.1 to 1.10.2 @dependabot[bot] (#842)
- chore(deps): bump github/codeql-action from 4.35.4 to 4.36.0 @dependabot[bot] (#893)
- chore(deps): bump zizmorcore/zizmor-action from 0.5.5 to 0.5.6 @dependabot[bot] (#891)
- chore(deps): bump release-drafter/release-drafter from 7.2.0 to 7.3.0 @dependabot[bot] (#884)
- chore(deps): bump zizmorcore/zizmor-action from 0.5.3 to 0.5.5 @dependabot[bot] (#888)
- chore(deps): bump github/codeql-action from 4.35.3 to 4.35.4 @dependabot[bot] (#881)
- chore(deps): bump github/codeql-action from 4.32.2 to 4.35.3 @dependabot[bot] (#875)
- chore(deps): bump actions/setup-node from 6.3.0 to 6.4.0 @dependabot[bot] (#866)
- chore(deps): bump zizmorcore/zizmor-action from 0.5.2 to 0.5.3 @dependabot[bot] (#864)
- chore(deps): bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 @dependabot[bot] (#863)