actions/setup-python
10
0
Fork 0
mirror of https://github.com/actions/setup-python.git synced 2026-04-06 09:56:54 +00:00
Code Activity Actions
setup-python/.github/workflows
History
Ludovic Henry 8b57351c0f feat: Add mirror and mirror-token inputs for custom Python distribution sources 
Users who need custom CPython builds (internal mirrors, GHES-hosted forks,
special build configurations, compliance builds, air-gapped runners) could not
previously point setup-python at anything other than actions/python-versions.

Adds two new inputs:
- `mirror`: base URL hosting versions-manifest.json and the Python
  distributions it references. Defaults to the existing
  https://raw.githubusercontent.com/actions/python-versions/main.
- `mirror-token`: optional token used to authenticate requests to the mirror.

If `mirror` is a raw.githubusercontent.com/{owner}/{repo}/{branch} URL, the
manifest is fetched via the GitHub REST API (authenticated rate limit applies);
otherwise the action falls back to a direct GET of {mirror}/versions-manifest.json.

Token interaction
-----------------

`token` is never forwarded to arbitrary hosts. Auth resolution is per-URL:

  1. if mirror-token is set, use mirror-token
  2. else if token is set AND the target host is github.com,
     *.github.com, or *.githubusercontent.com, use token
  3. else send no auth

Cases:

  Default (no inputs set)
    mirror = default raw.githubusercontent.com URL, mirror-token empty,
    token = github.token.
    → manifest API call and tarball downloads use `token`.
    Identical to prior behavior.

  Custom raw.githubusercontent.com mirror (e.g. personal fork)
    mirror-token empty, token = github.token.
    → manifest API call and tarball downloads use `token`
      (target hosts are GitHub-owned).

  Custom non-GitHub mirror, no mirror-token
    mirror-token empty, token = github.token.
    → manifest fetched via direct URL (no auth attached),
      tarball downloads use no auth.
    `token` is NOT forwarded to the custom host — this is the
    leak-prevention case.

  Custom non-GitHub mirror with mirror-token
    mirror-token set, token may be set.
    → manifest fetch and tarball downloads use `mirror-token`.

  Custom GitHub mirror with both tokens set
    mirror-token wins. Used for both the manifest API call and
    tarball downloads.
2026-04-06 01:17:51 +02:00
..
basic-validation.yml Upgrade to node 24 (#1164) 2025-09-03 21:57:37 -05:00
check-dist.yml Upgrade to node 24 (#1164) 2025-09-03 21:57:37 -05:00
codeql-analysis.yml Add and configure ESLint and update configuration for Prettier (#617) 2023-03-09 12:44:56 +02:00
e2e-cache-freethreaded.yml Upgrade @actions dependencies to Node 24 compatible versions (#1259) 2026-01-20 09:38:55 -06:00
e2e-cache.yml Upgrade @actions dependencies to Node 24 compatible versions (#1259) 2026-01-20 09:38:55 -06:00
e2e-tests.yml Bump urllib3 from 2.6.0 to 2.6.3 in /__tests__/data (#1264) 2026-01-21 20:49:33 -06:00
licensed.yml Add and configure ESLint and update configuration for Prettier (#617) 2023-03-09 12:44:56 +02:00
publish-immutable-actions.yml Upgrade @actions dependencies to Node 24 compatible versions (#1259) 2026-01-20 09:38:55 -06:00
release-new-action-version.yml Bump actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pip-install input (#1199) 2025-11-12 12:53:30 -06:00
test-graalpy.yml Upgrade @actions dependencies to Node 24 compatible versions (#1259) 2026-01-20 09:38:55 -06:00
test-pypy.yml Upgrade @actions dependencies to Node 24 compatible versions (#1259) 2026-01-20 09:38:55 -06:00
test-python-freethreaded.yml Upgrade @actions dependencies to Node 24 compatible versions (#1259) 2026-01-20 09:38:55 -06:00
test-python.yml feat: Add mirror and mirror-token inputs for custom Python distribution sources 2026-04-06 01:17:51 +02:00
update-config-files.yml Add update-config-files.yml 2023-03-09 11:47:39 +01:00