Bump astral-sh/setup-uv from 5 to 6

[dependabot]

Bumps astral-sh/setup-uv from 5 to 6.

Release notes

Sourced from astral-sh/setup-uv's releases.

v6.0.0 🌈 activate-environment and working-directory

Changes

This version contains some breaking changes which have been gathering up for a while. Lets dive into them:

• Activate environment
• Working Directory
• Default cache-dependency-glob
• Use default cache dir on self hosted runners

Activate environment

In previous versions using the input python-version automatically activated a venv at the repository root. This led to some unwanted side-effects, was sometimes unexpected and not flexible enough.

The venv activation is now explicitly controlled with the new input activate-environment (false by default):

- name: Install the latest version of uv and activate the environment
  uses: astral-sh/setup-uv@v6
  with:
    activate-environment: true
- run: uv pip install pip

The venv gets created by the uv venv command so the python version is controlled by the python-version input or the files pyproject.toml, uv.toml, .python-version in the working-directory.

Working Directory

The new input working-directory controls where we look for pyproject.toml, uv.toml and .python-version files which are used to determine the version of uv and python to install.

It can also be used to control where the venv gets created.

- name: Install uv based on the config files in the working-directory
  uses: astral-sh/setup-uv@v6
  with:
    working-directory: my/subproject/dir

[!CAUTION]

The inputs pyproject-file and uv-file have been removed.

Default cache-dependency-glob

@​ssbarnea found out that the default cache-dependency-glob was not suitable for a lot of users.

The old default

... (truncated)

Commits

• c7f87aa bump to v6 in README (#382)
• aadfaf0 Change default cache-dependency-glob (#352)
• a0f9da6 No default UV_CACHE_DIR on selfhosted runners (#380)
• ec4c691 new inputs activate-environment and working-directory (#381)
• aa12905 chore: update known checksums for 0.6.16 (#378)
• fcaddda chore: update known checksums for 0.6.15 (#377)
• fb3a0a9 log info on venv activation (#375)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)