{"id":13529197,"url":"https://github.com/actions/setup-go","last_synced_at":"2026-01-16T14:48:04.191Z","repository":{"id":37334112,"uuid":"192624594","full_name":"actions/setup-go","owner":"actions","description":"Set up your GitHub Actions workflow with a specific version of Go","archived":false,"fork":false,"pushed_at":"2026-01-13T03:52:33.000Z","size":11963,"stargazers_count":1633,"open_issues_count":58,"forks_count":636,"subscribers_count":69,"default_branch":"main","last_synced_at":"2026-01-14T15:49:39.079Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/actions.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-06-18T23:19:02.000Z","updated_at":"2026-01-14T12:40:01.000Z","dependencies_parsed_at":"2024-01-29T18:14:28.089Z","dependency_job_id":"f15b5808-b8ec-473a-a4f0-3e7e7b3e1f12","html_url":"https://github.com/actions/setup-go","commit_stats":{"total_commits":256,"total_committers":55,"mean_commits":4.654545454545454,"dds":0.796875,"last_synced_commit":"3041bf56c941b39c61721a86cd11f3bb1338122a"},"previous_names":[],"tags_count":52,"template":false,"template_full_name":null,"purl":"pkg:github/actions/setup-go","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fsetup-go","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fsetup-go/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fsetup-go/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fsetup-go/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/actions","download_url":"https://codeload.github.com/actions/setup-go/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fsetup-go/sbom","scorecard":{"id":163793,"data":{"date":"2025-08-11","repo":{"name":"github.com/actions/setup-go","commit":"8e57b58e57be52ac95949151e2777ffda8501267"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.9,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":5,"reason":"6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish-immutable-actions.yml:11","Warn: jobLevel 'packages' permission set to 'write': .github/workflows/publish-immutable-actions.yml:13","Warn: no topLevel permission defined: .github/workflows/basic-validation.yml:1","Warn: no topLevel permission defined: .github/workflows/check-dist.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/licensed.yml:1","Warn: no topLevel permission defined: .github/workflows/publish-immutable-actions.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release-new-action-version.yml:15","Warn: no topLevel permission defined: .github/workflows/update-config-files.yml:1","Warn: no topLevel permission defined: .github/workflows/versions.yml:1","Warn: no topLevel permission defined: .github/workflows/windows-validation.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/basic-validation.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/basic-validation.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-dist.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/check-dist.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/licensed.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/licensed.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-immutable-actions.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/publish-immutable-actions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-immutable-actions.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/publish-immutable-actions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-new-action-version.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/release-new-action-version.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-config-files.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/update-config-files.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/versions.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/versions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/versions.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/versions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/versions.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/versions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/versions.yml:174: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/versions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/versions.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/versions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/versions.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/versions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/versions.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/versions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/versions.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/versions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/versions.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/versions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/versions.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/versions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/windows-validation.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/windows-validation.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/windows-validation.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/windows-validation.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/windows-validation.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/actions/setup-go/windows-validation.yml/main?enable=pin","Info:   0 out of  21 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":9,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/actions/.github/SECURITY.md:1","Info: Found linked content: github.com/actions/.github/SECURITY.md:1","Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy","Info: Found text in security policy: github.com/actions/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'restore-v4-release'","Warn: branch protection not enabled for branch 'restore-v3-release'","Warn: branch protection not enabled for branch 'releases/v1'","Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'","Info: 'stale review dismissal' is required to merge on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Info: codeowner review is required on branch 'main'","Info: 'last push approval' is required to merge on branch 'main'","Warn: no status checks found to merge onto branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":9,"reason":"SAST tool is not run on all commits -- score normalized to 9","details":["Warn: 27 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T14:18:11.500Z","repository_id":37334112,"created_at":"2025-08-16T14:18:11.500Z","updated_at":"2025-08-16T14:18:11.500Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28479402,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T11:59:17.896Z","status":"ssl_error","status_checked_at":"2026-01-16T11:55:55.838Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T07:00:34.246Z","updated_at":"2026-01-16T14:48:04.180Z","avatar_url":"https://github.com/actions.png","language":"TypeScript","funding_links":[],"categories":["TypeScript","Official Resources","二、核心官方Action（工作流必备）"],"sub_categories":["Official Actions","3. 编程语言环境配置"],"readme":"# setup-go\n\n[![Basic validation](https://github.com/actions/setup-go/actions/workflows/basic-validation.yml/badge.svg)](https://github.com/actions/setup-go/actions/workflows/basic-validation.yml)\n[![Validate 'setup-go'](https://github.com/actions/setup-go/actions/workflows/versions.yml/badge.svg)](https://github.com/actions/setup-go/actions/workflows/versions.yml)\n\nThis action sets up a Go environment for use in GitHub Actions by:\n\n- Optionally downloading and caching a version of Go by version and adding to PATH\n- Registering problem matchers for error output\n- Providing intelligent caching for Go modules and build outputs\n\n## Quick Start\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: '1.23'\n  - run: go version\n```\n\n## Breaking Changes\n\n### V6 Changes\n\n#### Node Runtime Upgrade\n- **Upgraded from Node 20 to Node 24**\n- ⚠️ **Action Required**: Ensure your runner is on version v2.327.1 or later for compatibility\n- See [Release Notes](https://github.com/actions/runner/releases/tag/v2.327.1) for more details\n\n#### Enhanced Go Toolchain Management\n\nV6 introduces significant improvements for reliable and consistent Go version selection:\n\n**Toolchain Directive Support**\nNow correctly interprets both `go` and `toolchain` directives from `go.mod`:\n```go\ngo 1.23.0           // Minimum required version\ntoolchain go1.23.2  // V6 uses this exact version\n```\n\n**Intelligent Caching**\nCache keys now incorporate the `toolchain` directive version from `go.mod`, eliminating cache conflicts when switching between different toolchain versions within the same Go minor release.\n\nFor more details, see the [full release notes](https://github.com/actions/setup-go/releases/tag/v6.0.0).\n\n### V5 Changes\n\n- **Upgraded Node.js runtime from node16 to node20**\n- See [full release notes](https://github.com/actions/setup-go/releases) for complete details\n\n## Version Resolution Behavior\n\nThe action follows this resolution order:\n1. **Local cache** - Checks for a cached version match\n2. **go-versions repository** - Pulls from the main branch of the [go-versions repository](https://github.com/actions/go-versions/blob/main/versions-manifest.json)\n3. **Direct download** - Falls back to downloading directly from [go.dev](https://go.dev/dl)\n\nTo change the default behavior, use the `check-latest` input.\n\n\u003e **Note**: The setup-go action uses executable binaries built by the Golang team. The action does not build golang from source code.\n\n## Usage\n\n### Basic Setup\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: '1.23'\n  - run: go run hello.go\n```\n\n### Version Specifications\n\n#### Semantic Versioning\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: '^1.23.1' # The Go version to download (if necessary) and use.\n  - run: go version\n```\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: '\u003e=1.22.0'\n  - run: go version\n```\n\n\u003e **Important**: Due to YAML parsing behavior, always wrap version numbers in single quotes:\n\u003e ```yaml\n\u003e go-version: '1.22'  # Correct\n\u003e go-version: 1.22    # Incorrect - YAML parser interprets as 1.2\n\u003e ```\n\n#### Pre-release Versions\n\n```yaml\n# RC version\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n       go-version: '1.24.0-rc.1' # The Go version to download (if necessary) and use\n  - run: go version\n```\n\n```yaml\n# Beta version\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: '1.23.0-beta.1' # The Go version to download (if necessary) and use\n  - run: go version\n```\n\n#### Version Aliases\n\n**Stable Release**\n\nIf `stable` is provided, action will get the latest stable version from the [go-versions](https://github.com/actions/go-versions/blob/main/versions-manifest.json) repository manifest.\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: 'stable' # Latest stable version\n  - run: go version\n```\n\n**Previous Stable Release**\n\nIf `oldstable` is provided, when the current release is 1.23.x, the action will resolve version as 1.22.x, where x is the latest patch release.\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: 'oldstable' # Previous stable version\n  - run: go version\n```\n\n\u003e **Note**: Using aliases is equivalent to using the corresponding minor release with `check-latest: true`\n\n### go-version-file\n\nThe action can automatically detect the Go version from various project files using the `go-version-file` input. This parameter supports `go.mod`, `go.work`, `.go-version`, and `.tool-versions` files.\n\n\u003e **Note**: If both `go-version` and `go-version-file` are provided, `go-version` takes precedence.\n\n#### go.mod File\n\nAutomatically detect the Go version from your project's `go.mod` file:\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version-file: 'go.mod'\n  - run: go version\n```\n\n**Version Resolution from go.mod:**\n1. Uses the `toolchain` directive version if present\n2. Falls back to the `go` directive version\n3. If no patch version is specified, uses the latest available patch\n\n#### go.work File\n\nUse the Go version specified in your `go.work` file:\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version-file: 'go.work'\n  - run: go version\n```\n\n#### .go-version File\n\nRead the Go version from a `.go-version` file:\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version-file: '.go-version'\n  - run: go version\n```\n\n#### .tool-versions File\n\nUse the Go version from an [`.tool-versions`](https://asdf-vm.com/manage/configuration.html#tool-versions) file:\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version-file: '.tool-versions'\n  - run: go version\n```\n\n#### Custom File Paths\n\nThe action searches for version files relative to the repository root by default. You can specify a custom path:\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version-file: 'path/to/.go-version'\n  - run: go version\n```\n\n**Supported Version Formats:**\n- Major and minor only: `1.25` (action will use the latest patch version, e.g., `1.25.4`)\n- Major, minor, and patch: `1.25.4` (exact version)\n\n### Check Latest Version\n\nThe check-latest flag defaults to false for stability. This ensures your workflow uses a specific, predictable Go version.\nWhen `check-latest: true`, the action verifies if your cached Go version is the latest available. If not, it downloads and uses the newest version.\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: '1.23'\n      check-latest: true # Always check for the latest patch release\n  - run: go version\n```\n\n**Performance Considerations:**\n- `check-latest: false` (default) - Uses cached versions for faster builds\n- `check-latest: true` - Downloads the latest version, slower but ensures up-to-date releases\n\n### Caching\n\nThe action features integrated caching for Go modules and build outputs. Built on [toolkit/cache](https://github.com/actions/toolkit/tree/main/packages/cache), it simplifies the caching process by requiring fewer configuration options. The cache input is optional, and caching is turned on by default.\n\n#### Automatic Caching\n\nDefault behavior: Searches for `go.sum` in the repository root and uses its hash for the cache key.\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: '1.23'\n      # cache: true (default)\n  - run: go run hello.go\n```\n\n#### Advanced Caching Scenarios\n\nFor advanced scenarios, use `cache-dependency-path` to specify:\n- **Multiple dependency files**: When your project has dependencies in different directories\n- **Custom locations**: When your `go.sum` files are not in the repository root\n- **Monorepos**: When managing multiple Go modules in a single repository\n- **Glob patterns**: For flexible file matching\n\n```yaml\n# Example: Monorepo with multiple go.sum files\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: '1.23'\n      check-latest: true\n      cache-dependency-path: |\n        subdir/go.sum\n        tools/go.sum\n  - run: go run hello.go\n```\n\n```yaml\n# Example: Using glob patterns to match all go.sum files\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: '1.23'\n      cache-dependency-path: \"**/*.sum\"\n  - run: go run hello.go\n```\n\n#### Disable Caching\n\n```yaml\nsteps:\n  - uses: actions/checkout@v5\n  - uses: actions/setup-go@v6\n    with:\n      go-version: '1.23'\n      cache: false\n  - run: go run hello.go\n```\n\n\u003e **Note**: If caching fails, the action logs a warning but continues execution without interrupting your workflow.\n\n**Restore-Only Cache**\n\n```yaml\n# In some workflows, you may want to restore a cache without saving it. This can help reduce cache writes and storage usage in workflows that only need to read from cache\njobs:\n    build:\n      runs-on: ${{ matrix.os }}\n      strategy:\n        matrix:\n          os: [ubuntu-latest, macos-latest, windows-latest]\n      steps:\n        - uses: actions/checkout@v6\n        - name: Setup Go\n          id: setup-go\n          uses: actions/setup-go@v6\n          with:\n            go-version: '1.24.10'\n            cache: false\n        # Capture Go cache locations\n        - name: Set Go cache variables (Linux/macOS)\n          if: runner.os != 'Windows'\n          run: |\n            echo \"GO_MOD_CACHE=$(go env GOMODCACHE)\" \u003e\u003e $GITHUB_ENV\n            echo \"GO_BUILD_CACHE=$(go env GOCACHE)\" \u003e\u003e $GITHUB_ENV\n        - name: Set Go cache variables (Windows)\n          if: runner.os == 'Windows'\n          shell: pwsh\n          run: |\n            echo \"GO_MOD_CACHE=$(go env GOMODCACHE)\" | Out-File $env:GITHUB_ENV -Append\n            echo \"GO_BUILD_CACHE=$(go env GOCACHE)\"   | Out-File $env:GITHUB_ENV -Append\n        # Normalize runner.arch to lowercase to ensure consistent cache keys\n        - name: Normalize runner architecture (Linux/macOS)\n          if: runner.os != 'Windows'\n          shell: bash\n          run: echo \"ARCH=$(echo '${{ runner.arch }}' | tr '[:upper:]' '[:lower:]')\" \u003e\u003e $GITHUB_ENV\n        - name: Normalize runner architecture (Windows)\n          if: runner.os == 'Windows'\n          shell: pwsh\n          run: |\n            $arch = \"${{ runner.arch }}\".ToLower()\n            echo \"ARCH=$arch\" | Out-File $env:GITHUB_ENV -Append\n        - name: Set cache OS suffix for Linux\n          if: runner.os == 'Linux'\n          shell: bash\n          run: echo \"CACHE_OS_SUFFIX=$ImageOS-\" \u003e\u003e $GITHUB_ENV    \n        - name: Restore Go cache\n          id: go-cache\n          uses: actions/cache/restore@v5\n          with:\n            path: |\n              ${{ env.GO_MOD_CACHE }}\n              ${{ env.GO_BUILD_CACHE }}\n            key: setup-go-${{ runner.os }}-${{ env.ARCH }}-${{ env.CACHE_OS_SUFFIX }}go-${{ steps.setup-go.outputs.go-version }}-${{ hashFiles('**/go.sum') }}\n        - name: Download modules\n          run: go mod download\n        - name: Build\n          run: go build ./...\n```\n\u003e If there are several builds on the same repo it might make sense to create a cache in one build and use it in the\nothers. The action [actions/cache/restore](https://github.com/actions/cache/tree/main/restore#only-restore-cache)\nshould be used in this case.\n\n### Matrix Testing\n\nTest across multiple Go versions:\n\n```yaml\njobs:\n  test:\n    runs-on: ubuntu-latest\n    strategy:\n      matrix:\n        go-version: ['1.21', '1.22', '1.23']\n    steps:\n      - uses: actions/checkout@v5\n      - uses: actions/setup-go@v6\n        with:\n          go-version: ${{ matrix.go-version }}\n      - run: go test ./...\n```\n\n## Advanced Configuration\n\n### Supported Version Syntax\n\nThe `go-version` input supports the following syntax:\n\n| Syntax Type | Example | Description |\n|-------------|---------|-------------|\n| Specific version | `1.23.2` | Installs this exact version |\n| Semantic range (caret) | `^1.23.0` | Allows newer minor/patch versions (1.24.x, 1.25.x, etc.) |\n| Semantic range (tilde) | `~1.23.0` | Allows newer patch versions only (1.23.1, 1.23.2, etc.) |\n| Comparison (gte) | `\u003e=1.22.0` | Any version equal to or newer than specified |\n| Comparison (lt) | `\u003c1.24.0` | Any version older than specified |\n| Comparison range | `\u003e=1.22.0 \u003c1.24.0` | Any version within the specified range |\n| Wildcard (patch) | `1.23.x` | Latest patch version of the specified minor release |\n| Wildcard (minor) | `1.*` | Latest available version in the major version |\n| Pre-release | `1.24.0-rc.1` | Beta/RC versions for testing upcoming releases |\n| Aliases | `stable`, `oldstable` | Latest stable or previous stable release |\n\nFor more information about semantic versioning, see the [semver documentation](https://semver.org/).\n\n### Complete Input Reference\n\n```yaml\n- uses: actions/setup-go@v6\n  with:\n    # Version or version range of Go to use\n    go-version: '1.23'\n    \n    # Path to go.mod, go.work, .go-version, or .tool-versions file\n    go-version-file: 'go.mod'\n    \n    # Check for latest version\n    check-latest: false\n    \n    # GitHub token for authentication\n    token: ${{ github.token }}\n    \n    # Enable/disable caching\n    cache: true\n    \n    # Path to dependency files for caching\n    cache-dependency-path: 'go.sum'\n    \n    # Architecture to install (auto-detected if not specified)\n    architecture: 'x64'\n```\n\n## Using setup-go on GHES\n\nsetup-go comes pre-installed on GHES when Actions is enabled. For dynamic Go version downloads, the action fetches distributions from the [go-versions repository](https://github.com/actions/go-versions/) on github.com (external to your appliance).\n\nThese calls to `actions/go-versions` are made via unauthenticated requests, which are limited to 60 requests per hour per IP. If more requests are made within the time frame, then the action leverages the raw API to retrieve the version-manifest. This approach does not impose a rate limit and hence facilitates unrestricted consumption. This is particularly beneficial for GHES runners, which often share the same IP, to avoid the quick exhaustion of the unauthenticated rate limit. If that fails as well the action will try to download versions directly from [go.dev](https://go.dev/dl).\n\nIf that fails as well you can get a higher rate limit with generating a personal access token on github.com and passing it as the token input to the action:\n\n```yaml\nuses: actions/setup-go@v6\nwith:\n  token: ${{ secrets.GH_DOTCOM_TOKEN }}\n  go-version: '1.23'\n```\n\n### Offline Runners\n\nFor runners without github.com access, Go versions must be pre-cached in the runner's tool cache. See \"[Setting up the tool cache on self-hosted runners without internet access](https://docs.github.com/en/enterprise-server@3.2/admin/github-actions/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access)\".\n\n## Recommended Permissions\n\nWhen using the setup-go action in your GitHub Actions workflow, it is recommended to set the following permissions to ensure proper functionality:\n\n```yaml\npermissions:\n  contents: read # Required to checkout code and install dependencies\n```\n\n## License\n\nThe scripts and documentation in this project are released under the [MIT License](LICENSE).\n\n## Contributions\n\nContributions are welcome! See our [Contributor's Guide](docs/contributors.md) for details.\n\n## Code of Conduct\n\n👋 Be nice. See our [Code of Conduct](CODE_OF_CONDUCT.md).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Factions%2Fsetup-go","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Factions%2Fsetup-go","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Factions%2Fsetup-go/lists"}