Bump semver and @types/semver (#652)

* Bump semver and @types/semver

Bumps [semver](https://github.com/npm/node-semver) and [@types/semver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/semver). These dependencies needed to be updated together.

Updates `semver` from 7.7.1 to 7.7.2
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2)

Updates `@types/semver` from 7.5.8 to 7.7.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/semver)

---
updated-dependencies:
- dependency-name: semver
  dependency-version: 7.7.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: "@types/semver"
  dependency-version: 7.7.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore: add license information for semver dependency

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>

.github/workflows/release-new-action-version.yml

@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Update the ${{ env.TAG_NAME }} tag
-        uses: actions/publish-action@v0.3.0
+        uses: actions/publish-action@v0.4.0
         with:
           source-tag: ${{ env.TAG_NAME }}
           slack-webhook: ${{ secrets.SLACK_WEBHOOK }}

.github/workflows/versions.yml

@@ -18,7 +18,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
     steps:
       - uses: actions/checkout@v5
       - name: Setup Go Stable
@@ -33,7 +33,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
     steps:
       - uses: actions/checkout@v5
       - name: Setup Go oldStable
@@ -48,13 +48,13 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
         version: [stable, oldstable]
         architecture: [x64, x32]
         exclude:
           - os: macos-latest
             architecture: x32
-          - os: macos-13
+          - os: macos-latest-large
             architecture: x32
     steps:
       - uses: actions/checkout@v5
@@ -72,7 +72,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [macos-latest, windows-latest, ubuntu-latest, macos-13]
+        os: [macos-latest, windows-latest, ubuntu-latest, macos-latest-large]
         go: [1.21.13, 1.22.8, 1.23.2]
         include:
           - os: windows-latest
@@ -98,7 +98,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
         go-version: ['1.20', '1.21', '1.22', '1.23']
     steps:
       - uses: actions/checkout@v5
@@ -115,7 +115,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
     steps:
       - uses: actions/checkout@v5
       - name: Setup Go and check latest
@@ -131,7 +131,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
     steps:
       - uses: actions/checkout@v5
       - name: Setup Go and check latest
@@ -142,12 +142,44 @@ jobs:
         run: __tests__/verify-go.sh 1.21
         shell: bash
 
+  go-version-file-with-tool-versions:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
+    steps:
+      - uses: actions/checkout@v5
+      - name: Setup Go and check latest
+        uses: ./
+        with:
+          go-version-file: __tests__/data/.tool-versions
+      - name: verify go
+        run: __tests__/verify-go.sh 1.23.2
+        shell: bash
+
+  go-version-file-with-go-version:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
+    steps:
+      - uses: actions/checkout@v5
+      - name: Setup Go from .go-version file
+        uses: ./
+        with:
+          go-version-file: __tests__/data/.go-version
+      - name: verify go
+        run: __tests__/verify-go.sh 1.22.4
+        shell: bash
+
   setup-versions-from-manifest:
     runs-on: ${{ matrix.os }}
     strategy:
       fail-fast: false
       matrix:
-        os: [macos-latest, windows-latest, ubuntu-latest, macos-13]
+        os: [macos-latest, windows-latest, ubuntu-latest, macos-latest-large]
         go: [1.20.14, 1.21.10, 1.22.8, 1.23.2]
     steps:
       - name: Checkout
@@ -167,7 +199,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [windows-latest, ubuntu-latest, macos-13]
+        os: [windows-latest, ubuntu-latest, macos-latest-large]
         go: [1.11.12]
     steps:
       - name: Checkout
@@ -187,7 +219,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
         go-version: [1.20.14, 1.21, 1.22, 1.23]
         include:
           - os: macos-latest
@@ -196,7 +228,7 @@ jobs:
             architecture: x64
           - os: windows-latest
             architecture: x64
-          - os: macos-13
+          - os: macos-latest-large
             architecture: x64
     steps:
       - uses: actions/checkout@v5

.licenses/npm/semver-7.7.3.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: semver
-version: 7.7.1
+version: 7.7.3
 type: npm
 summary: The semantic version parser used by npm.
 homepage:

README.md

@@ -3,44 +3,87 @@
 [![Basic validation](https://github.com/actions/setup-go/actions/workflows/basic-validation.yml/badge.svg)](https://github.com/actions/setup-go/actions/workflows/basic-validation.yml)
 [![Validate 'setup-go'](https://github.com/actions/setup-go/actions/workflows/versions.yml/badge.svg)](https://github.com/actions/setup-go/actions/workflows/versions.yml)
 
-This action sets up a go environment for use in actions by:
+This action sets up a Go environment for use in GitHub Actions by:
 
-- Optionally downloading and caching a version of Go by version and adding to `PATH`.
-- Registering problem matchers for error output.
+- Optionally downloading and caching a version of Go by version and adding to PATH
+- Registering problem matchers for error output
+- Providing intelligent caching for Go modules and build outputs
 
-# Breaking changes in V6
-
-- Improve toolchain handling to ensure more reliable and consistent toolchain selection and management.
-- Upgraded the action from node20 to node24.
-  > Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. [See Release Notes](https://github.com/actions/runner/releases/tag/v2.327.1)
-
-For more details,  see the full release notes on the [releases page](https://github.com/actions/setup-go/releases/tag/v6.0.0)
-
-# V5
-
-The V5 edition of the action offers:
-
-- Upgraded Node.js runtime from node16 to node20
-
-See full release notes on the [releases page](https://github.com/actions/setup-go/releases).
-
-The action will first check the local cache for a version match. If a version is not found locally, it will pull it from
-the `main` branch of the [go-versions](https://github.com/actions/go-versions/blob/main/versions-manifest.json)
-repository. On miss or failure, it will fall back to downloading directly
-from [go dist](https://storage.googleapis.com/golang). To change the default behavior, please use
-the [check-latest input](#check-latest-version).
-
-**Note:** The `setup-go` action uses executable binaries which are built by Golang side. The action does not build
-golang from source code.
-
-Matching by [semver spec](https://github.com/npm/node-semver):
+## Quick Start
 
 ```yaml
 steps:
   - uses: actions/checkout@v5
   - uses: actions/setup-go@v6
     with:
-      go-version: '^1.13.1' # The Go version to download (if necessary) and use.
+      go-version: '1.23'
+  - run: go version
+```
+
+## Breaking Changes
+
+### V6 Changes
+
+#### Node Runtime Upgrade
+- **Upgraded from Node 20 to Node 24**
+- ⚠️ **Action Required**: Ensure your runner is on version v2.327.1 or later for compatibility
+- See [Release Notes](https://github.com/actions/runner/releases/tag/v2.327.1) for more details
+
+#### Enhanced Go Toolchain Management
+
+V6 introduces significant improvements for reliable and consistent Go version selection:
+
+**Toolchain Directive Support**
+Now correctly interprets both `go` and `toolchain` directives from `go.mod`:
+```go
+go 1.23.0           // Minimum required version
+toolchain go1.23.2  // V6 uses this exact version
+```
+
+**Intelligent Caching**
+Cache keys now incorporate the `toolchain` directive version from `go.mod`, eliminating cache conflicts when switching between different toolchain versions within the same Go minor release.
+
+For more details, see the [full release notes](https://github.com/actions/setup-go/releases/tag/v6.0.0).
+
+### V5 Changes
+
+- **Upgraded Node.js runtime from node16 to node20**
+- See [full release notes](https://github.com/actions/setup-go/releases) for complete details
+
+## Version Resolution Behavior
+
+The action follows this resolution order:
+1. **Local cache** - Checks for a cached version match
+2. **go-versions repository** - Pulls from the main branch of the [go-versions repository](https://github.com/actions/go-versions/blob/main/versions-manifest.json)
+3. **Direct download** - Falls back to downloading directly from [go.dev](https://go.dev/dl)
+
+To change the default behavior, use the `check-latest` input.
+
+> **Note**: The setup-go action uses executable binaries built by the Golang team. The action does not build golang from source code.
+
+## Usage
+
+### Basic Setup
+
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version: '1.23'
+  - run: go run hello.go
+```
+
+### Version Specifications
+
+#### Semantic Versioning
+
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version: '^1.23.1' # The Go version to download (if necessary) and use.
   - run: go version
 ```
 
@@ -49,229 +92,333 @@ steps:
   - uses: actions/checkout@v5
   - uses: actions/setup-go@v6
     with:
-      go-version: '>=1.17.0'
+      go-version: '>=1.22.0'
   - run: go version
 ```
 
-> **Note**: Due to the peculiarities of YAML parsing, it is recommended to wrap the version in single quotation marks:
->
+> **Important**: Due to YAML parsing behavior, always wrap version numbers in single quotes:
 > ```yaml
->   go-version: '1.20'
+> go-version: '1.22'  # Correct
+> go-version: 1.22    # Incorrect - YAML parser interprets as 1.2
 > ```
->
-> The recommendation is based on the YAML parser's behavior, which interprets non-wrapped values as numbers and, in the case of version 1.20, trims it down to 1.2, which may not be very obvious.
 
-Matching an unstable pre-release:
+#### Pre-release Versions
 
 ```yaml
+# RC version
 steps:
   - uses: actions/checkout@v5
   - uses: actions/setup-go@v6
     with:
-      go-version: '1.18.0-rc.1' # The Go version to download (if necessary) and use.
+       go-version: '1.24.0-rc.1' # The Go version to download (if necessary) and use
   - run: go version
 ```
 
 ```yaml
+# Beta version
 steps:
   - uses: actions/checkout@v5
   - uses: actions/setup-go@v6
     with:
-      go-version: '1.16.0-beta.1' # The Go version to download (if necessary) and use.
+      go-version: '1.23.0-beta.1' # The Go version to download (if necessary) and use
   - run: go version
 ```
 
-# Usage
+#### Version Aliases
 
-See [action.yml](action.yml)
+**Stable Release**
 
-## Basic
+If `stable` is provided, action will get the latest stable version from the [go-versions](https://github.com/actions/go-versions/blob/main/versions-manifest.json) repository manifest.
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version: 'stable' # Latest stable version
+  - run: go version
+```
+
+**Previous Stable Release**
+
+If `oldstable` is provided, when the current release is 1.23.x, the action will resolve version as 1.22.x, where x is the latest patch release.
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version: 'oldstable' # Previous stable version
+  - run: go version
+```
+
+> **Note**: Using aliases is equivalent to using the corresponding minor release with `check-latest: true`
+
+### go-version-file
+
+The action can automatically detect the Go version from various project files using the `go-version-file` input. This parameter supports `go.mod`, `go.work`, `.go-version`, and `.tool-versions` files.
+
+> **Note**: If both `go-version` and `go-version-file` are provided, `go-version` takes precedence.
+
+#### go.mod File
+
+Automatically detect the Go version from your project's `go.mod` file:
 
 ```yaml
 steps:
   - uses: actions/checkout@v5
   - uses: actions/setup-go@v6
     with:
-      go-version: '1.16.1' # The Go version to download (if necessary) and use.
+      go-version-file: 'go.mod'
+  - run: go version
+```
+
+**Version Resolution from go.mod:**
+1. Uses the `toolchain` directive version if present
+2. Falls back to the `go` directive version
+3. If no patch version is specified, uses the latest available patch
+
+#### go.work File
+
+Use the Go version specified in your `go.work` file:
+
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version-file: 'go.work'
+  - run: go version
+```
+
+#### .go-version File
+
+Read the Go version from a `.go-version` file:
+
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version-file: '.go-version'
+  - run: go version
+```
+
+#### .tool-versions File
+
+Use the Go version from an [`.tool-versions`](https://asdf-vm.com/manage/configuration.html#tool-versions) file:
+
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version-file: '.tool-versions'
+  - run: go version
+```
+
+#### Custom File Paths
+
+The action searches for version files relative to the repository root by default. You can specify a custom path:
+
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version-file: 'path/to/.go-version'
+  - run: go version
+```
+
+**Supported Version Formats:**
+- Major and minor only: `1.25` (action will use the latest patch version, e.g., `1.25.4`)
+- Major, minor, and patch: `1.25.4` (exact version)
+
+### Check Latest Version
+
+The check-latest flag defaults to false for stability. This ensures your workflow uses a specific, predictable Go version.
+When `check-latest: true`, the action verifies if your cached Go version is the latest available. If not, it downloads and uses the newest version.
+
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version: '1.23'
+      check-latest: true # Always check for the latest patch release
+  - run: go version
+```
+
+**Performance Considerations:**
+- `check-latest: false` (default) - Uses cached versions for faster builds
+- `check-latest: true` - Downloads the latest version, slower but ensures up-to-date releases
+
+### Caching
+
+The action features integrated caching for Go modules and build outputs. Built on [toolkit/cache](https://github.com/actions/toolkit/tree/main/packages/cache), it simplifies the caching process by requiring fewer configuration options. The cache input is optional, and caching is turned on by default.
+
+#### Automatic Caching
+
+Default behavior: Searches for `go.sum` in the repository root and uses its hash for the cache key.
+
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version: '1.23'
+      # cache: true (default)
   - run: go run hello.go
 ```
 
-## Check latest version
+#### Advanced Caching Scenarios
 
-The `check-latest` flag defaults to `false`. Use the default or set `check-latest` to `false` if you prefer stability
-and if you want to ensure a specific Go version is always used.
-
-If `check-latest` is set to `true`, the action first checks if the cached version is the latest one. If the locally
-cached version is not the most up-to-date, a Go version will then be downloaded. Set `check-latest` to `true` if you
-want the most up-to-date Go version to always be used.
-
-> Setting `check-latest` to `true` has performance implications as downloading Go versions is slower than using cached
-> versions.
+For advanced scenarios, use `cache-dependency-path` to specify:
+- **Multiple dependency files**: When your project has dependencies in different directories
+- **Custom locations**: When your `go.sum` files are not in the repository root
+- **Monorepos**: When managing multiple Go modules in a single repository
+- **Glob patterns**: For flexible file matching
 
 ```yaml
+# Example: Monorepo with multiple go.sum files
 steps:
   - uses: actions/checkout@v5
   - uses: actions/setup-go@v6
     with:
-      go-version: '1.14'
-      check-latest: true
-  - run: go run hello.go
-```
-
-## Using stable/oldstable aliases
-
-If `stable` is provided, action will get the latest stable version from
-the [`go-versions`](https://github.com/actions/go-versions/blob/main/versions-manifest.json) repository manifest.
-
-If `oldstable` is provided, when current release is 1.19.x, action will resolve version as 1.18.x, where x is the latest
-patch release.
-
-**Note:** using these aliases will result in same version as using corresponding minor release with `check-latest` input
-set to `true`
-
-```yaml
-steps:
-  - uses: actions/checkout@v5
-  - uses: actions/setup-go@v6
-    with:
-      go-version: 'stable'
-  - run: go run hello.go
-```
-
-```yaml
-steps:
-  - uses: actions/checkout@v5
-  - uses: actions/setup-go@v6
-    with:
-      go-version: 'oldstable'
-  - run: go run hello.go
-```
-
-## Caching dependency files and build outputs:
-
-The action has a built-in functionality for caching and restoring go modules and build outputs. It
-uses [toolkit/cache](https://github.com/actions/toolkit/tree/main/packages/cache) under the hood but requires less configuration settings.
-The `cache` input is optional, and caching is turned on by default.
-
-The action defaults to search for the dependency file - go.sum in the repository root, and uses its hash as a part of
-the cache key. Use `cache-dependency-path` input for cases when multiple dependency files are used, or they are located
-in different subdirectories. The input supports glob patterns.
-
-If some problem that prevents success caching happens then the action issues the warning in the log and continues the execution of the pipeline.
-
-**Caching in monorepos**
-
-```yaml
-steps:
-  - uses: actions/checkout@v5
-  - uses: actions/setup-go@v6
-    with:
-      go-version: '1.17'
+      go-version: '1.23'
       check-latest: true
       cache-dependency-path: |
-             subdir/go.sum
-             tools/go.sum
-    # cache-dependency-path: "**/*.sum"
-
+        subdir/go.sum
+        tools/go.sum
   - run: go run hello.go
-  ```
+```
 
-## Getting go version from the go.mod file
+```yaml
+# Example: Using glob patterns to match all go.sum files
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version: '1.23'
+      cache-dependency-path: "**/*.sum"
+  - run: go run hello.go
+```
 
-The `go-version-file` input accepts a path to a `go.mod` file or a `go.work`
-file that contains the version of Go to be used by a project. The version taken
-from thils file will be:
-
-  - The version from the `toolchain` directive, if there is one, otherwise
-  - The version from the `go` directive
-
-The version can specify a patch version or omit it altogether (e.g., `go 1.22.0` or `go 1.22`).
-
-If a patch version is specified, that specific patch version will be used.  
-If no patch version is specified, it will search for the latest available patch version in the cache,
-[versions-manifest.json](https://github.com/actions/go-versions/blob/main/versions-manifest.json), and the
-[official Go language website](https://golang.org/dl/?mode=json&include=all), in that order.
-
-If both the `go-version` and the `go-version-file` inputs are provided then the `go-version` input is used.
-> The action will search for the `go.mod` file relative to the repository root
+#### Disable Caching
 
 ```yaml
 steps:
   - uses: actions/checkout@v5
   - uses: actions/setup-go@v6
     with:
-      go-version-file: 'path/to/go.mod'
-  - run: go version
+      go-version: '1.23'
+      cache: false
+  - run: go run hello.go
 ```
 
-## Matrix testing
+> **Note**: If caching fails, the action logs a warning but continues execution without interrupting your workflow.
+
+### Matrix Testing
+
+Test across multiple Go versions:
 
 ```yaml
 jobs:
-  build:
+  test:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        go: [ '1.14', '1.13' ]
-    name: Go ${{ matrix.go }} sample
+        go-version: ['1.21', '1.22', '1.23']
     steps:
       - uses: actions/checkout@v5
-      - name: Setup go
-        uses: actions/setup-go@v6
+      - uses: actions/setup-go@v6
         with:
-          go-version: ${{ matrix.go }}
-      - run: go run hello.go
+          go-version: ${{ matrix.go-version }}
+      - run: go test ./...
 ```
 
-### Supported version syntax
+## Advanced Configuration
+
+### Supported Version Syntax
 
 The `go-version` input supports the following syntax:
 
-- Specific versions: `1.15`, `1.16.1`, `1.17.0-rc.2`, `1.16.0-beta.1`
-- SemVer's version range syntax: `^1.13.1`, `>=1.18.0-rc.1`
+| Syntax Type | Example | Description |
+|-------------|---------|-------------|
+| Specific version | `1.23.2` | Installs this exact version |
+| Semantic range (caret) | `^1.23.0` | Allows newer minor/patch versions (1.24.x, 1.25.x, etc.) |
+| Semantic range (tilde) | `~1.23.0` | Allows newer patch versions only (1.23.1, 1.23.2, etc.) |
+| Comparison (gte) | `>=1.22.0` | Any version equal to or newer than specified |
+| Comparison (lt) | `<1.24.0` | Any version older than specified |
+| Comparison range | `>=1.22.0 <1.24.0` | Any version within the specified range |
+| Wildcard (patch) | `1.23.x` | Latest patch version of the specified minor release |
+| Wildcard (minor) | `1.*` | Latest available version in the major version |
+| Pre-release | `1.24.0-rc.1` | Beta/RC versions for testing upcoming releases |
+| Aliases | `stable`, `oldstable` | Latest stable or previous stable release |
 
-For more information about semantic versioning, please refer to [semver](https://github.com/npm/node-semver)
-documentation.
+For more information about semantic versioning, see the [semver documentation](https://semver.org/).
 
-## Using `setup-go` on GHES
+### Complete Input Reference
 
-`setup-go` comes pre-installed on the appliance with GHES if Actions is enabled.
-When dynamically downloading Go distributions, `setup-go` downloads distributions from [`actions/go-versions`](https://github.com/actions/go-versions) on github.com (outside of the appliance).
+```yaml
+- uses: actions/setup-go@v6
+  with:
+    # Version or version range of Go to use
+    go-version: '1.23'
+    
+    # Path to go.mod, go.work, .go-version, or .tool-versions file
+    go-version-file: 'go.mod'
+    
+    # Check for latest version
+    check-latest: false
+    
+    # GitHub token for authentication
+    token: ${{ github.token }}
+    
+    # Enable/disable caching
+    cache: true
+    
+    # Path to dependency files for caching
+    cache-dependency-path: 'go.sum'
+    
+    # Architecture to install (auto-detected if not specified)
+    architecture: 'x64'
+```
 
-These calls to `actions/go-versions` are made via unauthenticated requests, which are limited to [60 requests per hour per IP](https://docs.github.com/en/rest/overview/resources-in-the-rest-api#rate-limiting).
-If more requests are made within the time frame, then the action leverages the `raw API` to retrieve the version-manifest. This approach does not impose a rate limit and hence facilitates unrestricted consumption. This is particularly beneficial for GHES runners, which often share the same IP, to avoid the quick exhaustion of the unauthenticated rate limit.
-If that fails as well the action will try to download versions directly from https://storage.googleapis.com/golang.
+## Using setup-go on GHES
 
-If that fails as well you can get a higher rate limit with [generating a personal access token on github.com](https://github.com/settings/tokens/new) and passing it as the `token` input to the action:
+setup-go comes pre-installed on GHES when Actions is enabled. For dynamic Go version downloads, the action fetches distributions from the [go-versions repository](https://github.com/actions/go-versions/) on github.com (external to your appliance).
+
+These calls to `actions/go-versions` are made via unauthenticated requests, which are limited to 60 requests per hour per IP. If more requests are made within the time frame, then the action leverages the raw API to retrieve the version-manifest. This approach does not impose a rate limit and hence facilitates unrestricted consumption. This is particularly beneficial for GHES runners, which often share the same IP, to avoid the quick exhaustion of the unauthenticated rate limit. If that fails as well the action will try to download versions directly from [go.dev](https://go.dev/dl).
+
+If that fails as well you can get a higher rate limit with generating a personal access token on github.com and passing it as the token input to the action:
 
 ```yaml
 uses: actions/setup-go@v6
 with:
   token: ${{ secrets.GH_DOTCOM_TOKEN }}
-  go-version: '1.18'
+  go-version: '1.23'
 ```
 
-If the runner is not able to access github.com, any Go versions requested during a workflow run must come from the runner's tool cache.
-See "[Setting up the tool cache on self-hosted runners without internet access](https://docs.github.com/en/enterprise-server@3.2/admin/github-actions/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access)"
-for more information.
+### Offline Runners
 
-## Recommended permissions
+For runners without github.com access, Go versions must be pre-cached in the runner's tool cache. See "[Setting up the tool cache on self-hosted runners without internet access](https://docs.github.com/en/enterprise-server@3.2/admin/github-actions/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access)".
 
-When using the `setup-go` action in your GitHub Actions workflow, it is recommended to set the following permissions to ensure proper functionality:
+## Recommended Permissions
+
+When using the setup-go action in your GitHub Actions workflow, it is recommended to set the following permissions to ensure proper functionality:
 
 ```yaml
 permissions:
-  contents: read # access to check out code and install dependencies
+  contents: read # Required to checkout code and install dependencies
 ```
 
-# License
+## License
 
-The scripts and documentation in this project are released under the [MIT License](LICENSE)
+The scripts and documentation in this project are released under the [MIT License](LICENSE).
 
-# Contributions
+## Contributions
 
-Contributions are welcome! See [Contributor's Guide](docs/contributors.md)
+Contributions are welcome! See our [Contributor's Guide](docs/contributors.md) for details.
 
 ## Code of Conduct
 
-:wave: Be nice. See [our code of conduct](CODE_OF_CONDUCT.md)
+👋 Be nice. See our [Code of Conduct](CODE_OF_CONDUCT.md).

__tests__/data/.go-version

@@ -0,0 +1 @@
+1.22.4

__tests__/data/.tool-versions

@@ -0,0 +1 @@
+golang 1.23.2

__tests__/setup-go.test.ts

@@ -389,7 +389,7 @@ describe('setup-go', () => {
 
     const expPath = path.win32.join(toolPath, 'bin');
     expect(dlSpy).toHaveBeenCalledWith(
-      'https://storage.googleapis.com/golang/go1.13.1.windows-amd64.zip',
+      'https://go.dev/dl/go1.13.1.windows-amd64.zip',
       'C:\\temp\\go1.13.1.windows-amd64.zip',
       undefined
     );
@@ -866,6 +866,9 @@ exclude example.com/thismodule v1.3.0
 
 use .
 
+`;
+
+    const toolVersionsContents = `golang 1.23
 `;
 
     it('reads version from go.mod', async () => {
@@ -892,6 +895,18 @@ use .
       expect(logSpy).toHaveBeenCalledWith('matching 1.19...');
     });
 
+    it('reads version from .tool-versions', async () => {
+      inputs['go-version-file'] = '.tool-versions';
+      existsSpy.mockImplementation(() => true);
+      readFileSpy.mockImplementation(() => Buffer.from(toolVersionsContents));
+
+      await main.run();
+
+      expect(logSpy).toHaveBeenCalledWith('Setup go version spec 1.23');
+      expect(logSpy).toHaveBeenCalledWith('Attempting to download 1.23...');
+      expect(logSpy).toHaveBeenCalledWith('matching 1.23...');
+    });
+
     it('reads version from .go-version', async () => {
       inputs['go-version-file'] = '.go-version';
       existsSpy.mockImplementation(() => true);
@@ -946,7 +961,7 @@ use .
         const expectedUrl =
           platform === 'win32'
             ? `https://github.com/actions/go-versions/releases/download/${version}/go-${version}-${platform}-${arch}.${fileExtension}`
-            : `https://storage.googleapis.com/golang/go${version}.${osSpec}-${arch}.${fileExtension}`;
+            : `https://go.dev/dl/go${version}.${osSpec}-${arch}.${fileExtension}`;
 
         // ... but not in the local cache
         findSpy.mockImplementation(() => '');

action.yml

@@ -5,7 +5,7 @@ inputs:
   go-version:
     description: 'The Go version to download (if necessary) and use. Supports semver spec and ranges. Be sure to enclose this option in single quotation marks.'
   go-version-file:
-    description: 'Path to the go.mod or go.work file.'
+    description: 'Path to the go.mod, go.work, .go-version, or .tool-versions file.'
   check-latest:
     description: 'Set this option to true if you want the action to always check for the latest available version that satisfies the version spec'
     default: false

dist/setup/index.js

@@ -61424,6 +61424,9 @@ exports.AbortError = AbortError;
 /***/ 1532:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const ANY = Symbol('SemVer ANY')
 // hoisted class for cyclic dependency
 class Comparator {
@@ -61572,6 +61575,9 @@ const Range = __nccwpck_require__(9828)
 /***/ 9828:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SPACE_CHARACTERS = /\s+/g
 
 // hoisted class for cyclic dependency
@@ -61827,6 +61833,7 @@ const isSatisfiable = (comparators, options) => {
 // already replaced the hyphen ranges
 // turn into a set of JUST comparators.
 const parseComparator = (comp, options) => {
+  comp = comp.replace(re[t.BUILD], '')
   debug('comp', comp, options)
   comp = replaceCarets(comp, options)
   debug('caret', comp)
@@ -62133,9 +62140,12 @@ const testSet = (set, version, options) => {
 /***/ 8088:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const debug = __nccwpck_require__(427)
 const { MAX_LENGTH, MAX_SAFE_INTEGER } = __nccwpck_require__(2293)
-const { safeRe: re, safeSrc: src, t } = __nccwpck_require__(9523)
+const { safeRe: re, t } = __nccwpck_require__(9523)
 
 const parseOptions = __nccwpck_require__(785)
 const { compareIdentifiers } = __nccwpck_require__(2463)
@@ -62244,11 +62254,25 @@ class SemVer {
       other = new SemVer(other, this.options)
     }
 
-    return (
-      compareIdentifiers(this.major, other.major) ||
-      compareIdentifiers(this.minor, other.minor) ||
-      compareIdentifiers(this.patch, other.patch)
-    )
+    if (this.major < other.major) {
+      return -1
+    }
+    if (this.major > other.major) {
+      return 1
+    }
+    if (this.minor < other.minor) {
+      return -1
+    }
+    if (this.minor > other.minor) {
+      return 1
+    }
+    if (this.patch < other.patch) {
+      return -1
+    }
+    if (this.patch > other.patch) {
+      return 1
+    }
+    return 0
   }
 
   comparePre (other) {
@@ -62317,8 +62341,7 @@ class SemVer {
       }
       // Avoid an invalid semver results
       if (identifier) {
-        const r = new RegExp(`^${this.options.loose ? src[t.PRERELEASELOOSE] : src[t.PRERELEASE]}$`)
-        const match = `-${identifier}`.match(r)
+        const match = `-${identifier}`.match(this.options.loose ? re[t.PRERELEASELOOSE] : re[t.PRERELEASE])
         if (!match || match[1] !== identifier) {
           throw new Error(`invalid identifier: ${identifier}`)
         }
@@ -62458,6 +62481,9 @@ module.exports = SemVer
 /***/ 8848:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const parse = __nccwpck_require__(5925)
 const clean = (version, options) => {
   const s = parse(version.trim().replace(/^[=v]+/, ''), options)
@@ -62471,6 +62497,9 @@ module.exports = clean
 /***/ 5098:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const eq = __nccwpck_require__(1898)
 const neq = __nccwpck_require__(6017)
 const gt = __nccwpck_require__(4123)
@@ -62530,6 +62559,9 @@ module.exports = cmp
 /***/ 3466:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const parse = __nccwpck_require__(5925)
 const { safeRe: re, t } = __nccwpck_require__(9523)
@@ -62597,6 +62629,9 @@ module.exports = coerce
 /***/ 2156:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const compareBuild = (a, b, loose) => {
   const versionA = new SemVer(a, loose)
@@ -62611,6 +62646,9 @@ module.exports = compareBuild
 /***/ 2804:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const compare = __nccwpck_require__(4309)
 const compareLoose = (a, b) => compare(a, b, true)
 module.exports = compareLoose
@@ -62621,6 +62659,9 @@ module.exports = compareLoose
 /***/ 4309:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const compare = (a, b, loose) =>
   new SemVer(a, loose).compare(new SemVer(b, loose))
@@ -62633,6 +62674,9 @@ module.exports = compare
 /***/ 4297:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const parse = __nccwpck_require__(5925)
 
 const diff = (version1, version2) => {
@@ -62698,6 +62742,9 @@ module.exports = diff
 /***/ 1898:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const compare = __nccwpck_require__(4309)
 const eq = (a, b, loose) => compare(a, b, loose) === 0
 module.exports = eq
@@ -62708,6 +62755,9 @@ module.exports = eq
 /***/ 4123:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const compare = __nccwpck_require__(4309)
 const gt = (a, b, loose) => compare(a, b, loose) > 0
 module.exports = gt
@@ -62718,6 +62768,9 @@ module.exports = gt
 /***/ 5522:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const compare = __nccwpck_require__(4309)
 const gte = (a, b, loose) => compare(a, b, loose) >= 0
 module.exports = gte
@@ -62728,6 +62781,9 @@ module.exports = gte
 /***/ 900:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 
 const inc = (version, release, options, identifier, identifierBase) => {
@@ -62754,6 +62810,9 @@ module.exports = inc
 /***/ 194:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const compare = __nccwpck_require__(4309)
 const lt = (a, b, loose) => compare(a, b, loose) < 0
 module.exports = lt
@@ -62764,6 +62823,9 @@ module.exports = lt
 /***/ 7520:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const compare = __nccwpck_require__(4309)
 const lte = (a, b, loose) => compare(a, b, loose) <= 0
 module.exports = lte
@@ -62774,6 +62836,9 @@ module.exports = lte
 /***/ 6688:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const major = (a, loose) => new SemVer(a, loose).major
 module.exports = major
@@ -62784,6 +62849,9 @@ module.exports = major
 /***/ 8447:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const minor = (a, loose) => new SemVer(a, loose).minor
 module.exports = minor
@@ -62794,6 +62862,9 @@ module.exports = minor
 /***/ 6017:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const compare = __nccwpck_require__(4309)
 const neq = (a, b, loose) => compare(a, b, loose) !== 0
 module.exports = neq
@@ -62804,6 +62875,9 @@ module.exports = neq
 /***/ 5925:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const parse = (version, options, throwErrors = false) => {
   if (version instanceof SemVer) {
@@ -62827,6 +62901,9 @@ module.exports = parse
 /***/ 2866:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const patch = (a, loose) => new SemVer(a, loose).patch
 module.exports = patch
@@ -62837,6 +62914,9 @@ module.exports = patch
 /***/ 4016:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const parse = __nccwpck_require__(5925)
 const prerelease = (version, options) => {
   const parsed = parse(version, options)
@@ -62850,6 +62930,9 @@ module.exports = prerelease
 /***/ 6417:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const compare = __nccwpck_require__(4309)
 const rcompare = (a, b, loose) => compare(b, a, loose)
 module.exports = rcompare
@@ -62860,6 +62943,9 @@ module.exports = rcompare
 /***/ 8701:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const compareBuild = __nccwpck_require__(2156)
 const rsort = (list, loose) => list.sort((a, b) => compareBuild(b, a, loose))
 module.exports = rsort
@@ -62870,6 +62956,9 @@ module.exports = rsort
 /***/ 6055:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const Range = __nccwpck_require__(9828)
 const satisfies = (version, range, options) => {
   try {
@@ -62887,6 +62976,9 @@ module.exports = satisfies
 /***/ 1426:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const compareBuild = __nccwpck_require__(2156)
 const sort = (list, loose) => list.sort((a, b) => compareBuild(a, b, loose))
 module.exports = sort
@@ -62897,6 +62989,9 @@ module.exports = sort
 /***/ 9601:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const parse = __nccwpck_require__(5925)
 const valid = (version, options) => {
   const v = parse(version, options)
@@ -62910,6 +63005,9 @@ module.exports = valid
 /***/ 1383:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 // just pre-load all the stuff that index.js lazily exports
 const internalRe = __nccwpck_require__(9523)
 const constants = __nccwpck_require__(2293)
@@ -63006,6 +63104,9 @@ module.exports = {
 /***/ 2293:
 /***/ ((module) => {
 
+"use strict";
+
+
 // Note: this is the semver.org version of the spec that it implements
 // Not necessarily the package version of this code.
 const SEMVER_SPEC_VERSION = '2.0.0'
@@ -63048,6 +63149,9 @@ module.exports = {
 /***/ 427:
 /***/ ((module) => {
 
+"use strict";
+
+
 const debug = (
   typeof process === 'object' &&
   process.env &&
@@ -63064,8 +63168,15 @@ module.exports = debug
 /***/ 2463:
 /***/ ((module) => {
 
+"use strict";
+
+
 const numeric = /^[0-9]+$/
 const compareIdentifiers = (a, b) => {
+  if (typeof a === 'number' && typeof b === 'number') {
+    return a === b ? 0 : a < b ? -1 : 1
+  }
+
   const anum = numeric.test(a)
   const bnum = numeric.test(b)
 
@@ -63094,6 +63205,9 @@ module.exports = {
 /***/ 5339:
 /***/ ((module) => {
 
+"use strict";
+
+
 class LRUCache {
   constructor () {
     this.max = 1000
@@ -63141,6 +63255,9 @@ module.exports = LRUCache
 /***/ 785:
 /***/ ((module) => {
 
+"use strict";
+
+
 // parse out just the options we care about
 const looseOption = Object.freeze({ loose: true })
 const emptyOpts = Object.freeze({ })
@@ -63163,6 +63280,9 @@ module.exports = parseOptions
 /***/ 9523:
 /***/ ((module, exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const {
   MAX_SAFE_COMPONENT_LENGTH,
   MAX_SAFE_BUILD_LENGTH,
@@ -63241,12 +63361,14 @@ createToken('MAINVERSIONLOOSE', `(${src[t.NUMERICIDENTIFIERLOOSE]})\\.` +
 
 // ## Pre-release Version Identifier
 // A numeric identifier, or a non-numeric identifier.
+// Non-numberic identifiers include numberic identifiers but can be longer.
+// Therefore non-numberic identifiers must go first.
 
-createToken('PRERELEASEIDENTIFIER', `(?:${src[t.NUMERICIDENTIFIER]
-}|${src[t.NONNUMERICIDENTIFIER]})`)
+createToken('PRERELEASEIDENTIFIER', `(?:${src[t.NONNUMERICIDENTIFIER]
+}|${src[t.NUMERICIDENTIFIER]})`)
 
-createToken('PRERELEASEIDENTIFIERLOOSE', `(?:${src[t.NUMERICIDENTIFIERLOOSE]
-}|${src[t.NONNUMERICIDENTIFIER]})`)
+createToken('PRERELEASEIDENTIFIERLOOSE', `(?:${src[t.NONNUMERICIDENTIFIER]
+}|${src[t.NUMERICIDENTIFIERLOOSE]})`)
 
 // ## Pre-release Version
 // Hyphen, followed by one or more dot-separated pre-release version
@@ -63389,6 +63511,9 @@ createToken('GTE0PRE', '^\\s*>=\\s*0\\.0\\.0-0\\s*$')
 /***/ 9380:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 // Determine if version is greater than all the versions possible in the range.
 const outside = __nccwpck_require__(420)
 const gtr = (version, range, options) => outside(version, range, '>', options)
@@ -63400,6 +63525,9 @@ module.exports = gtr
 /***/ 7008:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const Range = __nccwpck_require__(9828)
 const intersects = (r1, r2, options) => {
   r1 = new Range(r1, options)
@@ -63414,6 +63542,9 @@ module.exports = intersects
 /***/ 3323:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const outside = __nccwpck_require__(420)
 // Determine if version is less than all the versions possible in the range
 const ltr = (version, range, options) => outside(version, range, '<', options)
@@ -63425,6 +63556,9 @@ module.exports = ltr
 /***/ 579:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const Range = __nccwpck_require__(9828)
 
@@ -63457,6 +63591,9 @@ module.exports = maxSatisfying
 /***/ 832:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const Range = __nccwpck_require__(9828)
 const minSatisfying = (versions, range, options) => {
@@ -63488,6 +63625,9 @@ module.exports = minSatisfying
 /***/ 4179:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const Range = __nccwpck_require__(9828)
 const gt = __nccwpck_require__(4123)
@@ -63556,6 +63696,9 @@ module.exports = minVersion
 /***/ 420:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const SemVer = __nccwpck_require__(8088)
 const Comparator = __nccwpck_require__(1532)
 const { ANY } = Comparator
@@ -63643,6 +63786,9 @@ module.exports = outside
 /***/ 5297:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 // given a set of versions and a range, create a "simplified" range
 // that includes the same versions that the original range does
 // If the original range is shorter than the simplified one, return that.
@@ -63697,6 +63843,9 @@ module.exports = (versions, range, options) => {
 /***/ 7863:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const Range = __nccwpck_require__(9828)
 const Comparator = __nccwpck_require__(1532)
 const { ANY } = Comparator
@@ -63951,6 +64100,9 @@ module.exports = subset
 /***/ 2706:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const Range = __nccwpck_require__(9828)
 
 // Mostly just for testing and legacy API reasons
@@ -63966,6 +64118,9 @@ module.exports = toComparators
 /***/ 2098:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
+"use strict";
+
+
 const Range = __nccwpck_require__(9828)
 const validRange = (range, options) => {
   try {
@@ -94583,7 +94738,7 @@ function getInfoFromDist(versionSpec, arch) {
         if (!version) {
             return null;
         }
-        const downloadUrl = `https://storage.googleapis.com/golang/${version.files[0].filename}`;
+        const downloadUrl = `https://go.dev/dl/${version.files[0].filename}`;
         return {
             type: 'dist',
             downloadUrl: downloadUrl,
@@ -94679,6 +94834,10 @@ function parseGoVersionFile(versionFilePath) {
         const matchGo = contents.match(/^go (\d+(\.\d+)*)/m);
         return matchGo ? matchGo[1] : '';
     }
+    else if (path.basename(versionFilePath) === '.tool-versions') {
+        const match = contents.match(/^golang\s+([^\n#]+)/m);
+        return match ? match[1].trim() : '';
+    }
     return contents.trim();
 }
 function resolveStableVersionDist(versionSpec, arch) {

package-lock.json

@@ -16,12 +16,12 @@
         "@actions/http-client": "^2.2.1",
         "@actions/io": "^1.0.2",
         "@actions/tool-cache": "^2.0.2",
-        "semver": "^7.6.3"
+        "semver": "^7.7.3"
       },
       "devDependencies": {
         "@types/jest": "^29.5.14",
         "@types/node": "^24.1.0",
-        "@types/semver": "^7.5.8",
+        "@types/semver": "^7.7.1",
         "@typescript-eslint/eslint-plugin": "^8.31.1",
         "@typescript-eslint/parser": "^8.35.1",
         "@vercel/ncc": "^0.38.1",
@@ -1636,10 +1636,11 @@
       }
     },
     "node_modules/@types/semver": {
-      "version": "7.5.8",
-      "resolved": "https://registry.npmjs.org/@types/semver/-/semver-7.5.8.tgz",
-      "integrity": "sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==",
-      "dev": true
+      "version": "7.7.1",
+      "resolved": "https://registry.npmjs.org/@types/semver/-/semver-7.7.1.tgz",
+      "integrity": "sha512-FmgJfu+MOcQ370SD0ev7EI8TlCAfKYU+B4m5T3yXc1CiRN94g/SZPtsCkk506aUDtlMnFZvasDwHHUcZUEaYuA==",
+      "dev": true,
+      "license": "MIT"
     },
     "node_modules/@types/stack-utils": {
       "version": "2.0.3",
@@ -5555,9 +5556,9 @@
       "integrity": "sha512-0s+oAmw9zLl1V1cS9BtZN7JAd0cW5e0QH4W3LWEK6a4LaLEA2OTpGYWDY+6XasBLtz6wkm3u1xRw95mRuJ59WA=="
     },
     "node_modules/semver": {
-      "version": "7.7.1",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.1.tgz",
-      "integrity": "sha512-hlq8tAfn0m/61p4BVRcPzIGr6LKiMwo4VM6dGi6pt4qcRkmNzTcWq6eCEjEh+qXjkMDvPlOFFSGwQjoEa6gyMA==",
+      "version": "7.7.3",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.3.tgz",
+      "integrity": "sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q==",
       "license": "ISC",
       "bin": {
         "semver": "bin/semver.js"

package.json

@@ -35,12 +35,12 @@
     "@actions/http-client": "^2.2.1",
     "@actions/io": "^1.0.2",
     "@actions/tool-cache": "^2.0.2",
-    "semver": "^7.6.3"
+    "semver": "^7.7.3"
   },
   "devDependencies": {
     "@types/jest": "^29.5.14",
     "@types/node": "^24.1.0",
-    "@types/semver": "^7.5.8",
+    "@types/semver": "^7.7.1",
     "@typescript-eslint/eslint-plugin": "^8.31.1",
     "@typescript-eslint/parser": "^8.35.1",
     "@vercel/ncc": "^0.38.1",

src/cache-save.ts

@@ -15,6 +15,7 @@ process.on('uncaughtException', e => {
 // Added early exit to resolve issue with slow post action step:
 // - https://github.com/actions/setup-node/issues/878
 // https://github.com/actions/cache/pull/1217
+
 export async function run(earlyExit?: boolean) {
   try {
     const cacheInput = core.getBooleanInput('cache');

src/installer.ts

@@ -389,7 +389,7 @@ async function getInfoFromDist(
     return null;
   }
 
-  const downloadUrl = `https://storage.googleapis.com/golang/${version.files[0].filename}`;
+  const downloadUrl = `https://go.dev/dl/${version.files[0].filename}`;
 
   return <IGoVersionInfo>{
     type: 'dist',
@@ -513,6 +513,9 @@ export function parseGoVersionFile(versionFilePath: string): string {
     // go directive: https://go.dev/ref/mod#go-mod-file-go
     const matchGo = contents.match(/^go (\d+(\.\d+)*)/m);
     return matchGo ? matchGo[1] : '';
+  } else if (path.basename(versionFilePath) === '.tool-versions') {
+    const match = contents.match(/^golang\s+([^\n#]+)/m);
+    return match ? match[1].trim() : '';
   }
 
   return contents.trim();