Update actions/setup-python action to v6

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/setup-python	action	major	v5 → v6

---

Release Notes

actions/setup-python (actions/setup-python)

v6.2.0

Compare Source

v6.1.0

Compare Source

What's Changed

Enhancements:

• Add support for pip-install input by @​gowridurgad in #​1201
• Add graalpy early-access and windows builds by @​timfel in #​880

Dependency and Documentation updates:

• Enhanced wording and updated example usage for allow-prereleases by @​yarikoptic in #​979
• Upgrade urllib3 from 1.26.19 to 2.5.0 and document breaking changes in v6 by @​dependabot in #​1139
• Upgrade typescript from 5.4.2 to 5.9.3 and Documentation update by @​dependabot in #​1094
• Upgrade actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pip-install input by @​dependabot in #​1199
• Upgrade requests from 2.32.2 to 2.32.4 by @​dependabot in #​1130
• Upgrade prettier from 3.5.3 to 3.6.2 by @​dependabot in #​1234
• Upgrade @​types/node from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel by @​dependabot in #​1235

New Contributors

• @​yarikoptic made their first contribution in #​979

Full Changelog: actions/setup-python@v6...v6.1.0

v6.0.0

Compare Source

What's Changed

Breaking Changes

• Upgrade to node 24 by @​salmanmkc in #​1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

• Add support for pip-version by @​priyagupta108 in #​1129
• Enhance reading from .python-version by @​krystof-k in #​787
• Add version parsing from Pipfile by @​aradkdj in #​1067

Bug fixes:

• Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @​aparnajyothi-y in #​1183
• Change missing cache directory error to warning by @​aparnajyothi-y in #​1182
• Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @​aparnajyothi-y in #​1122
• Include python version in PyPy python-version output by @​cdce8p in #​1110
• Update docs: clarification on pip authentication with setup-python by @​priya-kinthali in #​1156

Dependency updates:

• Upgrade idna from 2.9 to 3.7 in /tests/data by @​dependabot[bot] in #​843
• Upgrade form-data to fix critical vulnerabilities #​182 & #​183 by @​aparnajyothi-y in #​1163
• Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @​aparnajyothi-y in #​1165
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in #​1181
• Upgrade @​actions/tool-cache from 2.0.1 to 2.0.2 by @​dependabot[bot] in #​1095

New Contributors

• @​krystof-k made their first contribution in #​787
• @​cdce8p made their first contribution in #​1110
• @​aradkdj made their first contribution in #​1067

Full Changelog: actions/setup-python@v5...v6.0.0

v6

Compare Source

v5.6.0

Compare Source

What's Changed

• Workflow updates related to Ubuntu 20.04 by @​aparnajyothi-y in #​1065
• Fix for Candidate Not Iterable Error by @​aparnajyothi-y in #​1082
• Upgrade semver and @​types/semver by @​dependabot in #​1091
• Upgrade prettier from 2.8.8 to 3.5.3 by @​dependabot in #​1046
• Upgrade ts-jest from 29.1.2 to 29.3.2 by @​dependabot in #​1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

Compare Source

What's Changed

Enhancements:

• Support free threaded Python versions like '3.13t' by @​colesbury in #​973
• Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @​action/cache from 4.0.0 to 4.0.3 by @​priya-kinthali in #​1056
• Add support for .tool-versions file in setup-python by @​mahabaleshwars in #​1043

Bug fixes:

• Fix architecture for pypy on Linux ARM64 by @​mayeut in #​1011
  This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

Dependency updates:

• Upgrade @​vercel/ncc from 0.38.1 to 0.38.3 by @​dependabot in #​1016
• Upgrade @​actions/glob from 0.4.0 to 0.5.0 by @​dependabot in #​1015

New Contributors

• @​colesbury made their first contribution in #​973
• @​mahabaleshwars made their first contribution in #​1043

Full Changelog: actions/setup-python@v5...v5.5.0

v5.4.0

Compare Source

What's Changed

Enhancements:

• Update cache error message by @​aparnajyothi-y in #​968
• Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 by @​priya-kinthali in #​985
• Configure Dependabot settings by @​HarithaVattikuti in #​1008

Documentation changes:

• Readme update - recommended permissions by @​benwells in #​1009
• Improve Advanced Usage examples by @​lrq3000 in #​645

Dependency updates:

• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in #​1012
• Upgrade urllib3 from 1.25.9 to 1.26.19 in /tests/data by @​dependabot in #​895
• Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in #​1014
• Upgrade @actions/http-client from 2.2.1 to 2.2.3 by @​dependabot in #​1020
• Upgrade requests from 2.24.0 to 2.32.2 in /tests/data by @​dependabot in #​1019
• Upgrade @actions/cache to ^4.0.0 by @​priyagupta108 in #​1007

New Contributors

• @​benwells made their first contribution in #​1009
• @​HarithaVattikuti made their first contribution in #​1008
• @​lrq3000 made their first contribution in #​645

Full Changelog: actions/setup-python@v5...v5.4.0

v5.3.0

Compare Source

What's Changed

• Add workflow file for publishing releases to immutable action package by @​Jcambass in #​941
• Upgrade IA publish by @​Jcambass in #​943

Bug Fixes:

• Normalise Line Endings to Ensure Cross-Platform Consistency by @​priya-kinthali in #​938
• Revise isGhes logic by @​jww3 in #​963
• Bump pillow from 7.2 to 10.2.0 by @​aparnajyothi-y in #​956

Enhancements:

• Enhance workflows and documentation updates by @​priya-kinthali in #​965
• Bump default versions to latest by @​jeffwidman in #​905

New Contributors

• @​Jcambass made their first contribution in #​941
• @​jww3 made their first contribution in #​963

Full Changelog: actions/setup-python@v5...v5.3.0

v5.2.0

Compare Source

What's Changed

Bug fixes:

• Add .zip extension to Windows package downloads for Expand-Archive Compatibility by @​priyagupta108 in #​916
  This addresses compatibility issues on Windows self-hosted runners by ensuring that the filenames for Python and PyPy package downloads explicitly include the .zip extension, allowing the Expand-Archive command to function correctly.
• Add arch to cache key by @​Zxilly in #​896
  This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts.
  Note: This change may break previous cache keys as they will no longer be compatible with the new format.

Documentation changes:

• Fix display of emojis in contributors doc by @​sciencewhiz in #​899
• Documentation update for caching poetry dependencies by @​gowridurgad in #​908

Dependency updates:

• Bump @​iarna/toml version from 2.2.5 to 3.0.0 by @​priya-kinthali in #​912
• Bump pyinstaller from 3.6 to 5.13.1 by @​aparnajyothi-y in #​923

New Contributors

• @​sciencewhiz made their first contribution in #​899
• @​priyagupta108 made their first contribution in #​916
• @​Zxilly made their first contribution in #​896
• @​aparnajyothi-y made their first contribution in #​923

Full Changelog: actions/setup-python@v5...v5.2.0

v5.1.1

Compare Source

What's Changed

Bug fixes:

• fix(ci): update all failing workflows by @​mayeut in #​863
  This update ensures compatibility and optimal performance of workflows on the latest macOS version.

Documentation changes:

• Documentation update for cache by @​gowridurgad in #​873

Dependency updates:

• Bump braces from 3.0.2 to 3.0.3 and undici from 5.28.3 to 5.28.4 by @​dependabot in #​893

New Contributors

• @​gowridurgad made their first contribution in #​873

Full Changelog: actions/setup-python@v5...v5.1.1

v5.1.0

Compare Source

What's Changed

• Leveraging the raw API to retrieve the version-manifest, as it does not impose a rate limit and hence facilitates unrestricted consumption without the need for a token for Github Enterprise Servers by @​Shegox in #​766.
• Dependency updates by @​dependabot and @​HarithaVattikuti in #​817
• Documentation changes for version in README by @​basnijholt in #​776
• Documentation changes for link in README by @​ukd1 in #​793
• Documentation changes for link in Advanced Usage by @​Jamim in #​782
• Documentation changes for avoiding rate limit issues on GHES by @​priya-kinthali in #​835

New Contributors

• @​basnijholt made their first contribution in #​776
• @​ukd1 made their first contribution in #​793
• @​Jamim made their first contribution in #​782
• @​Shegox made their first contribution in #​766
• @​priya-kinthali made their first contribution in #​835

Full Changelog: actions/setup-python@v5.0.0...v5.1.0

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Super-linter summary

Language	Validation result
CHECKOV	Pass ✅
GITHUB_ACTIONS	Pass ✅
GITHUB_ACTIONS_ZIZMOR	Fail ❌
GITLEAKS	Pass ✅
GIT_MERGE_CONFLICT_MARKERS	Pass ✅
JSCPD	Pass ✅
PRE_COMMIT	Pass ✅
SPELL_CODESPELL	Pass ✅
TRIVY	Pass ✅
YAML	Pass ✅
YAML_PRETTIER	Fail ❌

Super-linter detected linting errors

For more information, see the GitHub Actions workflow run

Powered by Super-linter

GITHUB_ACTIONS_ZIZMOR

�[1m�[96mhelp[artipacked]�[0m�[1m: credential persistence through GitHub Actions artifacts�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/docs.yml:24:9
   �[1m�[94m|�[0m
�[1m�[94m24�[0m �[1m�[94m|�[0m         - name: Checkout
   �[1m�[94m|�[0m �[1m�[96m _________^�[0m
�[1m�[94m25�[0m �[1m�[94m|�[0m �[1m�[96m|�[0m         uses: actions/checkout@v6
   �[1m�[94m|�[0m �[1m�[96m|_________________________________^�[0m �[1m�[96mdoes not set persist-credentials: false�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → Low
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#artipacked�[39m

�[1m�[91merror[excessive-permissions]�[0m�[1m: overly broad permissions�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/docs.yml:13:3
   �[1m�[94m|�[0m
�[1m�[94m13�[0m �[1m�[94m|�[0m   pages: write
   �[1m�[94m|�[0m   �[1m�[91m^^^^^^^^^^^^�[0m �[1m�[91mpages: write is overly broad at the workflow level�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#excessive-permissions�[39m

�[1m�[91merror[excessive-permissions]�[0m�[1m: overly broad permissions�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/docs.yml:14:3
   �[1m�[94m|�[0m
�[1m�[94m14�[0m �[1m�[94m|�[0m   id-token: write
   �[1m�[94m|�[0m   �[1m�[91m^^^^^^^^^^^^^^^�[0m �[1m�[91mid-token: write is overly broad at the workflow level�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#excessive-permissions�[39m

�[1m�[91merror[unpinned-uses]�[0m�[1m: unpinned action reference�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/docs.yml:25:15
   �[1m�[94m|�[0m
�[1m�[94m25�[0m �[1m�[94m|�[0m         uses: actions/checkout@v6
   �[1m�[94m|�[0m               �[1m�[91m^^^^^^^^^^^^^^^^^^^�[0m �[1m�[91maction is not pinned to a hash (required by blanket policy)�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#unpinned-uses�[39m

�[1m�[91merror[unpinned-uses]�[0m�[1m: unpinned action reference�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/docs.yml:28:15
   �[1m�[94m|�[0m
�[1m�[94m28�[0m �[1m�[94m|�[0m         uses: actions/setup-python@v6
   �[1m�[94m|�[0m               �[1m�[91m^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[91maction is not pinned to a hash (required by blanket policy)�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#unpinned-uses�[39m

�[1m�[91merror[unpinned-uses]�[0m�[1m: unpinned action reference�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/docs.yml:45:15
   �[1m�[94m|�[0m
�[1m�[94m45�[0m �[1m�[94m|�[0m         uses: actions/upload-pages-artifact@v3
   �[1m�[94m|�[0m               �[1m�[91m^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[91maction is not pinned to a hash (required by blanket policy)�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#unpinned-uses�[39m

�[1m�[91merror[unpinned-uses]�[0m�[1m: unpinned action reference�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/docs.yml:58:15
   �[1m�[94m|�[0m
�[1m�[94m58�[0m �[1m�[94m|�[0m         uses: actions/deploy-pages@v5
   �[1m�[94m|�[0m               �[1m�[91m^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[91maction is not pinned to a hash (required by blanket policy)�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#unpinned-uses�[39m

�[32m10�[39m findings (�[1m�[93m3�[39m suppressed, �[92m5�[39m fixable�[0m): �[35m0�[39m informational, �[36m1�[39m low, �[33m0�[39m medium, �[31m6�[39m high🌈 zizmor v1.23.1
�[32m INFO�[0m �[1maudit�[0m�[2m:�[0m �[2mzizmor�[0m�[2m:�[0m 🌈 completed /github/workspace/.github/workflows/docs.yml

YAML_PRETTIER

Checking formatting...[�[33mwarn�[39m] .github/workflows/docs.yml
[�[33mwarn�[39m] Code style issues found in the above file. Run Prettier with --write to fix.