Update CI workflow for Node.js and caching

.github/workflows/check-dist.yml

@@ -16,4 +16,4 @@ jobs:
     name: Check dist/
     uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main
     with:
-      node-version: '24.x'
+      node-version: '20.x'

.github/workflows/e2e-cache.yml

@@ -6,7 +6,7 @@ on:
       - '**.md'
   push:
     branches:
-      - main
+      - macos-15-x64-runner-test
       - releases/*
     paths-ignore:
       - '**.md'

.github/workflows/proxy.yml

@@ -28,12 +28,12 @@ jobs:
       - uses: actions/checkout@v5
       - name: Clear tool cache
         run: rm -rf $RUNNER_TOOL_CACHE/*
-      - name: Setup node 24
+      - name: Setup node 14
         uses: ./
         with:
-          node-version: 24.x
+          node-version: 14.x
       - name: Verify node and npm
-        run: __tests__/verify-node.sh 24
+        run: __tests__/verify-node.sh 14
 
   test-bypass-proxy:
     runs-on: ubuntu-latest
@@ -44,9 +44,9 @@ jobs:
       - uses: actions/checkout@v5
       - name: Clear tool cache
         run: rm -rf $RUNNER_TOOL_CACHE/*
-      - name: Setup node 24
+      - name: Setup node 11
         uses: ./
         with:
-          node-version: 24
+          node-version: 11
       - name: Verify node and npm
-        run: __tests__/verify-node.sh 24
+        run: __tests__/verify-node.sh 11

.github/workflows/release-new-action-version.yml

@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Update the ${{ env.TAG_NAME }} tag
-        uses: actions/publish-action@v0.4.0
+        uses: actions/publish-action@v0.3.0
         with:
           source-tag: ${{ env.TAG_NAME }}
           slack-webhook: ${{ secrets.SLACK_WEBHOOK }}

.github/workflows/versions.yml

@@ -6,7 +6,7 @@ on:
       - '**.md'
   push:
     branches:
-      - main
+      - macos-15-x64-runner-test
       - releases/*
     paths-ignore:
       - '**.md'

README.md

@@ -12,10 +12,6 @@ This action provides the following functionality for GitHub Actions users:
 - Registering problem matchers for error output
 - Configuring authentication for GPR or npm
 
-## Breaking changes in V6
-
-- Caching is now automatically enabled for npm projects when either the `devEngines.packageManager` field or the top-level `packageManager` field in `package.json` is set to `npm`. For other package managers, such as Yarn and pnpm, caching is disabled by default and must be configured manually using the `cache` input.
-
 ## Breaking changes in V5 
 
 - Enabled caching by default with package manager detection if no cache input is provided.
@@ -32,7 +28,7 @@ See [action.yml](action.yml)
 
 <!-- start usage -->
 ```yaml
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
     # Version Spec of the version to use in SemVer notation.
     # It also admits such aliases as lts/*, latest, nightly and canary builds
@@ -71,8 +67,7 @@ See [action.yml](action.yml)
     # Default: ''
     cache: ''
 
-    # Controls automatic caching for npm. By default, caching for npm is enabled if either the devEngines.packageManager field or the top-level packageManager field in package.json specifies npm and no explicit cache input is provided.
+    # Used to disable automatic caching based on the package manager field in package.json. By default, caching is enabled if the package manager field is present and no cache input is provided'
-    # To disable automatic caching for npm, set package-manager-cache to false.
     # default: true
     package-manager-cache: true
 
@@ -118,9 +113,9 @@ See [action.yml](action.yml)
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: 24
+    node-version: 18
 - run: npm ci
 - run: npm test
 ```
@@ -137,9 +132,9 @@ The `node-version` input supports the Semantic Versioning Specification, for mor
 
 Examples:
 
- - Major versions: `22`, `24`
+ - Major versions: `18`, `20`
- - More specific versions: `20.19`, `22.17.1` , `24.8.0`
+ - More specific versions: `10.15`, `16.15.1` , `18.4.0`
- - NVM LTS syntax: `lts/iron`, `lts/jod`, `lts/*`, `lts/-n`
+ - NVM LTS syntax: `lts/erbium`, `lts/fermium`, `lts/*`, `lts/-n`
  - Latest release: `*` or `latest`/`current`/`node`
 
 **Note:** Like the other values, `*` will get the latest [locally-cached Node.js version](https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2204-Readme.md#nodejs), or the latest version from [actions/node-versions](https://github.com/actions/node-versions/blob/main/versions-manifest.json), depending on the [`check-latest`](docs/advanced-usage.md#check-latest-version) input.
@@ -156,6 +151,18 @@ It's **always** recommended to commit the lockfile of your package manager for s
 
 The action has a built-in functionality for caching and restoring dependencies. It uses [actions/cache](https://github.com/actions/cache) under the hood for caching global packages data but requires less configuration settings. Supported package managers are `npm`, `yarn`, `pnpm` (v6.10+). The `cache` input is optional.
 
+Caching is turned on by default when a `packageManager` field is detected in the `package.json` file and no `cache` input is provided. The `package-manager-cache` input provides control over this automatic caching behavior. By default, `package-manager-cache` is set to `true`, which enables caching when a valid package manager field is detected in the `package.json` file. To disable this automatic caching, set the `package-manager-cache` input to `false`.
+
+```yaml
+steps:
+- uses: actions/checkout@v5
+- uses: actions/setup-node@v5
+  with:
+    package-manager-cache: false
+- run: npm ci
+```
+> If no valid `packageManager` field is detected in the `package.json` file, caching will remain disabled unless explicitly configured. For workflows with elevated privileges or access to sensitive information, we recommend disabling automatic caching by setting `package-manager-cache: false` when caching is not needed for secure operation.
+
 The action defaults to search for the dependency file (`package-lock.json`, `npm-shrinkwrap.json` or `yarn.lock`) in the repository root, and uses its hash as a part of the cache key. Use `cache-dependency-path` for cases when multiple dependency files are used, or they are located in different subdirectories.
 
 **Note:** The action does not cache `node_modules`
@@ -167,9 +174,9 @@ See the examples of using cache for `yarn`/`pnpm` and `cache-dependency-path` in
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: 24
+    node-version: 20
     cache: 'npm'
 - run: npm ci
 - run: npm test
@@ -180,29 +187,15 @@ steps:
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: 24
+    node-version: 20
     cache: 'npm'
     cache-dependency-path: subdir/package-lock.json
 - run: npm ci
 - run: npm test
 ```
 
-Caching for npm dependencies is automatically enabled when your `package.json` contains either `devEngines.packageManager` field or top-level `packageManager` field set to `npm`, and no explicit cache input is provided.
-
-This behavior is controlled by the `package-manager-cache` input, which defaults to `true`. To turn off automatic caching, set `package-manager-cache` to `false`.
-
-```yaml
-steps:
-- uses: actions/checkout@v5
-- uses: actions/setup-node@v6
-  with:
-    package-manager-cache: false
-- run: npm ci
-```
-> If your `package.json` file does not include a `packageManager` field set to `npm`, caching will be disabled unless you explicitly enable it. For workflows with elevated privileges or access to sensitive information, we recommend disabling automatic caching for npm by setting `package-manager-cache: false` when caching is not required for secure operation.
-
 ## Matrix Testing
 
 ```yaml
@@ -211,12 +204,12 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node: [ 20, 22, 24 ]
+        node: [ 14, 16, 18 ]
     name: Node ${{ matrix.node }} sample
     steps:
       - uses: actions/checkout@v5
       - name: Setup node
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v5
         with:
           node-version: ${{ matrix.node }}
       - run: npm ci
@@ -230,10 +223,10 @@ jobs:
 To get a higher rate limit, you can [generate a personal access token on github.com](https://github.com/settings/tokens/new) and pass it as the `token` input for the action:
 
 ```yaml
-uses: actions/setup-node@v6
+uses: actions/setup-node@v5
 with:
   token: ${{ secrets.GH_DOTCOM_TOKEN }}
-  node-version: 24
+  node-version: 20
 ```
 
 If the runner is not able to access github.com, any Nodejs versions requested during a workflow run must come from the runner's tool cache. See "[Setting up the tool cache on self-hosted runners without internet access](https://docs.github.com/en/enterprise-server@3.2/admin/github-actions/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access)" for more information.

__tests__/main.test.ts

@@ -285,124 +285,34 @@ describe('main tests', () => {
   });
 
   describe('cache feature tests', () => {
-    it('Should enable caching when packageManager is npm and cache input is not provided', async () => {
+    it('Should enable caching with the resolved package manager from packageManager field in package.json when the cache input is not provided', async () => {
       inputs['package-manager-cache'] = 'true';
-      inputs['cache'] = '';
+      inputs['cache'] = ''; // No cache input is provided
-      isCacheActionAvailable.mockImplementation(() => true);
 
       inSpy.mockImplementation(name => inputs[name]);
+
       const readFileSpy = jest.spyOn(fs, 'readFileSync');
       readFileSpy.mockImplementation(() =>
         JSON.stringify({
-          packageManager: 'npm@10.8.2'
+          packageManager: 'yarn@3.2.0'
         })
       );
 
       await main.run();
 
-      expect(saveStateSpy).toHaveBeenCalledWith(expect.anything(), 'npm');
+      expect(saveStateSpy).toHaveBeenCalledWith(expect.anything(), 'yarn');
     });
 
-    it('Should enable caching when devEngines.packageManager.name is "npm" and cache input is not provided', async () => {
+    it('Should not enable caching if the packageManager field is missing in package.json and the cache input is not provided', async () => {
       inputs['package-manager-cache'] = 'true';
-      inputs['cache'] = '';
+      inputs['cache'] = ''; // No cache input is provided
-      isCacheActionAvailable.mockImplementation(() => true);
 
       inSpy.mockImplementation(name => inputs[name]);
+
       const readFileSpy = jest.spyOn(fs, 'readFileSync');
       readFileSpy.mockImplementation(() =>
         JSON.stringify({
-          devEngines: {
+          //packageManager field is not present
-            packageManager: {name: 'npm'}
-          }
-        })
-      );
-
-      await main.run();
-
-      expect(saveStateSpy).toHaveBeenCalledWith(expect.anything(), 'npm');
-    });
-
-    it('Should enable caching when devEngines.packageManager is array and one entry has name "npm"', async () => {
-      inputs['package-manager-cache'] = 'true';
-      inputs['cache'] = '';
-      isCacheActionAvailable.mockImplementation(() => true);
-
-      inSpy.mockImplementation(name => inputs[name]);
-      const readFileSpy = jest.spyOn(fs, 'readFileSync');
-      readFileSpy.mockImplementation(() =>
-        JSON.stringify({
-          devEngines: {
-            packageManager: [{name: 'pnpm'}, {name: 'npm'}]
-          }
-        })
-      );
-
-      await main.run();
-
-      expect(saveStateSpy).toHaveBeenCalledWith(expect.anything(), 'npm');
-    });
-
-    it('Should not enable caching if packageManager is "pnpm@8.0.0" and cache input is not provided', async () => {
-      inputs['package-manager-cache'] = 'true';
-      inputs['cache'] = '';
-      inSpy.mockImplementation(name => inputs[name]);
-      const readFileSpy = jest.spyOn(fs, 'readFileSync');
-      readFileSpy.mockImplementation(() =>
-        JSON.stringify({
-          packageManager: 'pnpm@8.0.0'
-        })
-      );
-
-      await main.run();
-
-      expect(saveStateSpy).not.toHaveBeenCalled();
-    });
-
-    it('Should not enable caching if devEngines.packageManager.name is "pnpm"', async () => {
-      inputs['package-manager-cache'] = 'true';
-      inputs['cache'] = '';
-      inSpy.mockImplementation(name => inputs[name]);
-      const readFileSpy = jest.spyOn(fs, 'readFileSync');
-      readFileSpy.mockImplementation(() =>
-        JSON.stringify({
-          devEngines: {
-            packageManager: {name: 'pnpm'}
-          }
-        })
-      );
-
-      await main.run();
-
-      expect(saveStateSpy).not.toHaveBeenCalled();
-    });
-
-    it('Should not enable caching if devEngines.packageManager is array without "npm"', async () => {
-      inputs['package-manager-cache'] = 'true';
-      inputs['cache'] = '';
-      inSpy.mockImplementation(name => inputs[name]);
-      const readFileSpy = jest.spyOn(fs, 'readFileSync');
-      readFileSpy.mockImplementation(() =>
-        JSON.stringify({
-          devEngines: {
-            packageManager: [{name: 'pnpm'}, {name: 'yarn'}]
-          }
-        })
-      );
-
-      await main.run();
-
-      expect(saveStateSpy).not.toHaveBeenCalled();
-    });
-
-    it('Should not enable caching if packageManager field is missing in package.json and cache input is not provided', async () => {
-      inputs['package-manager-cache'] = 'true';
-      inputs['cache'] = '';
-      inSpy.mockImplementation(name => inputs[name]);
-      const readFileSpy = jest.spyOn(fs, 'readFileSync');
-      readFileSpy.mockImplementation(() =>
-        JSON.stringify({
-          // packageManager field is not present
         })
       );
 
@@ -413,18 +323,24 @@ describe('main tests', () => {
 
     it('Should skip caching when package-manager-cache is false', async () => {
       inputs['package-manager-cache'] = 'false';
-      inputs['cache'] = '';
+      inputs['cache'] = ''; // No cache input is provided
+
       inSpy.mockImplementation(name => inputs[name]);
+
       await main.run();
+
       expect(saveStateSpy).not.toHaveBeenCalled();
     });
 
     it('Should enable caching with cache input explicitly provided', async () => {
       inputs['package-manager-cache'] = 'true';
-      inputs['cache'] = 'npm';
+      inputs['cache'] = 'npm'; // Explicit cache input provided
+
       inSpy.mockImplementation(name => inputs[name]);
-      isCacheActionAvailable.mockImplementation(() => true);
+      isCacheActionAvailable.mockReturnValue(true);
+
       await main.run();
+
       expect(saveStateSpy).toHaveBeenCalledWith(expect.anything(), 'npm');
     });
   });

action.yml

@@ -24,7 +24,7 @@ inputs:
   cache:
     description: 'Used to specify a package manager for caching in the default directory. Supported values: npm, yarn, pnpm.'
   package-manager-cache:
-    description: 'Set to false to disable automatic caching. By default, caching is enabled when either devEngines.packageManager or the top-level packageManager field in package.json specifies npm as the package manager.'
+    description: 'Set to false to disable automatic caching based on the package manager field in package.json. By default, caching is enabled if the package manager field is present.'
     default: true
   cache-dependency-path:
     description: 'Used to specify the path to a dependency file: package-lock.json, yarn.lock, etc. Supports wildcards or a list of file names for caching multiple dependencies.'

dist/setup/index.js

@@ -99786,23 +99786,18 @@ function run() {
             if (registryUrl) {
                 auth.configAuthentication(registryUrl, alwaysAuth);
             }
+            const resolvedPackageManager = getNameFromPackageManagerField();
             const cacheDependencyPath = core.getInput('cache-dependency-path');
-            if ((0, cache_utils_1.isCacheFeatureAvailable)()) {
+            if (cache && (0, cache_utils_1.isCacheFeatureAvailable)()) {
-                // if the cache input is provided, use it for caching.
+                core.saveState(constants_1.State.CachePackageManager, cache);
-                if (cache) {
+                yield (0, cache_restore_1.restoreCache)(cache, cacheDependencyPath);
-                    core.saveState(constants_1.State.CachePackageManager, cache);
+            }
-                    yield (0, cache_restore_1.restoreCache)(cache, cacheDependencyPath);
+            else if (resolvedPackageManager && packagemanagercache) {
-                    // package manager npm is detected from package.json, enable auto-caching for npm.
+                core.info("Detected package manager from package.json's packageManager field: " +
-                }
+                    resolvedPackageManager +
-                else if (packagemanagercache) {
+                    '. Auto caching has been enabled for it. If you want to disable it, set package-manager-cache input to false');
-                    const resolvedPackageManager = getNameFromPackageManagerField();
+                core.saveState(constants_1.State.CachePackageManager, resolvedPackageManager);
-                    if (resolvedPackageManager) {
+                yield (0, cache_restore_1.restoreCache)(resolvedPackageManager, cacheDependencyPath);
-                        core.info("Detected npm as the package manager from package.json's packageManager field. " +
-                            'Auto caching has been enabled for npm. If you want to disable it, set package-manager-cache input to false');
-                        core.saveState(constants_1.State.CachePackageManager, resolvedPackageManager);
-                        yield (0, cache_restore_1.restoreCache)(resolvedPackageManager, cacheDependencyPath);
-                    }
-                }
             }
             const matchersPath = path.join(__dirname, '../..', '.github');
             core.info(`##[add-matcher]${path.join(matchersPath, 'tsc.json')}`);
@@ -99838,26 +99833,19 @@ function resolveVersionInput() {
     return version;
 }
 function getNameFromPackageManagerField() {
-    var _a;
+    // Check packageManager field in package.json
-    const npmRegex = /^(\^)?npm(@.*)?$/; // matches "npm", "npm@...", "^npm@..."
+    const SUPPORTED_PACKAGE_MANAGERS = ['npm', 'yarn', 'pnpm'];
     try {
         const packageJson = JSON.parse(fs_1.default.readFileSync(path.join(process.env.GITHUB_WORKSPACE, 'package.json'), 'utf-8'));
-        // Check devEngines.packageManager first (object or array)
+        const pm = packageJson.packageManager;
-        const devPM = (_a = packageJson === null || packageJson === void 0 ? void 0 : packageJson.devEngines) === null || _a === void 0 ? void 0 : _a.packageManager;
+        if (typeof pm === 'string') {
-        const devPMArray = devPM ? (Array.isArray(devPM) ? devPM : [devPM]) : [];
+            const regex = new RegExp(`^(?:\\^)?(${SUPPORTED_PACKAGE_MANAGERS.join('|')})@`);
-        for (const obj of devPMArray) {
+            const match = pm.match(regex);
-            if (typeof (obj === null || obj === void 0 ? void 0 : obj.name) === 'string' && npmRegex.test(obj.name)) {
+            return match ? match[1] : undefined;
-                return 'npm';
-            }
-        }
-        // Check top-level packageManager
-        const topLevelPM = packageJson === null || packageJson === void 0 ? void 0 : packageJson.packageManager;
-        if (typeof topLevelPM === 'string' && npmRegex.test(topLevelPM)) {
-            return 'npm';
         }
         return undefined;
     }
-    catch (_b) {
+    catch (err) {
         return undefined;
     }
 }

docs/advanced-usage.md

@@ -46,9 +46,9 @@ If `check-latest` is set to `true`, the action first checks if the cached versio
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: '24'
+    node-version: '16'
     check-latest: true
 - run: npm ci
 - run: npm test
@@ -64,7 +64,7 @@ See [supported version syntax](https://github.com/actions/setup-node#supported-v
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
     node-version-file: '.nvmrc'
 - run: npm ci
@@ -98,9 +98,9 @@ jobs:
     name: Node sample
     steps:
       - uses: actions/checkout@v5
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@v5
         with:
-          node-version: '24'
+          node-version: '14'
           architecture: 'x64' # optional, x64 or x86. If not specified, x64 will be used by default
       - run: npm ci
       - run: npm test
@@ -119,9 +119,9 @@ jobs:
     name: Node sample
     steps:
       - uses: actions/checkout@v5
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@v5
         with:
-          node-version: '24.0.0-v8-canary' # it will install the latest v8 canary release for node 24.0.0
+          node-version: '20.0.0-v8-canary' # it will install the latest v8 canary release for node 20.0.0
       - run: npm ci
       - run: npm test
 ```
@@ -134,9 +134,9 @@ jobs:
     name: Node sample
     steps:
       - uses: actions/checkout@v5
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@v5
         with:
-          node-version: '24-v8-canary' # it will install the latest v8 canary release for node 24
+          node-version: '20-v8-canary' # it will install the latest v8 canary release for node 20
       - run: npm ci
       - run: npm test
 ```
@@ -150,9 +150,9 @@ jobs:
     name: Node sample
     steps:
       - uses: actions/checkout@v5
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@v5
         with:
-          node-version: 'v24.0.0-v8-canary2025030537242e55ac'
+          node-version: 'v20.1.1-v8-canary20221103f7e2421e91'
       - run: npm ci
       - run: npm test
 ```
@@ -170,9 +170,9 @@ jobs:
     name: Node sample
     steps:
       - uses: actions/checkout@v5
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@v5
         with:
-          node-version: '24-nightly' # it will install the latest nightly release for node 24
+          node-version: '16-nightly' # it will install the latest nightly release for node 16
       - run: npm ci
       - run: npm test
 ```
@@ -186,9 +186,9 @@ jobs:
     name: Node sample
     steps:
       - uses: actions/checkout@v5
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@v5
         with:
-          node-version: '24.0.0-nightly' # it will install the latest nightly release for node 24.0.0
+          node-version: '16.0.0-nightly' # it will install the latest nightly release for node 16.0.0
       - run: npm ci
       - run: npm test
 ```
@@ -202,9 +202,9 @@ jobs:
     name: Node sample
     steps:
       - uses: actions/checkout@v5
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@v5
         with:
-          node-version: '24.0.0-nightly202505066102159fa1'
+          node-version: '16.0.0-nightly20210420a0261d231c'
       - run: npm ci
       - run: npm test
 ```
@@ -220,27 +220,26 @@ jobs:
     name: Node sample
     steps:
       - uses: actions/checkout@v5
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@v5
         with:
-          node-version: '24.0.0-rc.4'
+          node-version: '16.0.0-rc.1'
       - run: npm ci
       - run: npm test
 ```
 
-**Note:** Unlike nightly versions, which support version range specifiers, you must specify the exact version for a release candidate: `24.0.0-rc.4`.
+**Note:** Unlike nightly versions, which support version range specifiers, you must specify the exact version for a release candidate: `16.0.0-rc.1`.
 
 ## Caching packages data
 The action follows [actions/cache](https://github.com/actions/cache/blob/main/examples.md#node---npm) guidelines, and caches global cache on the machine instead of `node_modules`, so cache can be reused between different Node.js versions.
 
 **Caching yarn dependencies:**
-Yarn caching handles both Yarn Classic (v1) and Yarn Berry (v2, v3, v4+).
+Yarn caching handles both yarn versions: 1 or 2.
-
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: '24'
+    node-version: '14'
     cache: 'yarn'
 - run: yarn install --frozen-lockfile # optional, --immutable
 - run: yarn test
@@ -257,12 +256,12 @@ steps:
 
 steps:
 - uses: actions/checkout@v5
-- uses: pnpm/action-setup@v4
+- uses: pnpm/action-setup@v2
   with:
-    version: 10
+    version: 6.32.9
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: '24'
+    node-version: '14'
     cache: 'pnpm'
 - run: pnpm install
 - run: pnpm test
@@ -276,9 +275,9 @@ steps:
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: '24'
+    node-version: '14'
     cache: 'npm'
     cache-dependency-path: '**/package-lock.json'
 - run: npm ci
@@ -289,9 +288,9 @@ steps:
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: '24'
+    node-version: '14'
     cache: 'npm'
     cache-dependency-path: |
       server/app/package-lock.json
@@ -313,21 +312,21 @@ jobs:
           - macos-latest
           - windows-latest
         node_version:
-          - 20
+          - 12
-          - 22
+          - 14
-          - 24
+          - 16
         architecture:
           - x64
         # an extra windows-x86 run:
         include:
-          - os: windows-latest
+          - os: windows-2016
-            node_version: 24
+            node_version: 12
             architecture: x86
     name: Node ${{ matrix.node_version }} - ${{ matrix.architecture }} on ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v5
       - name: Setup node
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v5
         with:
           node-version: ${{ matrix.node_version }}
           architecture: ${{ matrix.architecture }}
@@ -339,15 +338,15 @@ jobs:
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: '24.x'
+    node-version: '14.x'
     registry-url: 'https://registry.npmjs.org'
 - run: npm ci
 - run: npm publish
   env:
     NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
     registry-url: 'https://npm.pkg.github.com'
 - run: npm publish
@@ -359,15 +358,15 @@ steps:
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: '24.x'
+    node-version: '14.x'
     registry-url: <registry url>
 - run: yarn install --frozen-lockfile
 - run: yarn publish
   env:
     NODE_AUTH_TOKEN: ${{ secrets.YARN_TOKEN }}
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
     registry-url: 'https://npm.pkg.github.com'
 - run: yarn publish
@@ -379,9 +378,9 @@ steps:
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: '24.x'
+    node-version: '14.x'
     registry-url: 'https://registry.npmjs.org'
 # Skip post-install scripts here, as a malicious
 # script could steal NODE_AUTH_TOKEN.
@@ -399,9 +398,9 @@ Below you can find a sample "Setup .yarnrc.yml" step, that is going to allow you
 ```yaml
 steps:
 - uses: actions/checkout@v5
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: '24.x'
+    node-version: '14.x'
 - name: Setup .yarnrc.yml
   run: |
     yarn config set npmScopes.my-org.npmRegistryServer "https://npm.pkg.github.com"
@@ -428,9 +427,9 @@ It is possible to specify a token to authenticate with the mirror using the `mir
 The token will be passed as a bearer token in the `Authorization` header.
 
 ```yaml
-- uses: actions/setup-node@v6
+- uses: actions/setup-node@v5
   with:
-    node-version: '24.x'
+    node-version: '14.x'
     mirror: 'https://nodejs.org/dist'
     mirror-token: 'your-mirror-token'
 ```

package-lock.json

@@ -1,15 +1,15 @@
 {
   "name": "setup-node",
-  "version": "6.0.0",
+  "version": "5.0.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "setup-node",
-      "version": "6.0.0",
+      "version": "5.0.0",
       "license": "MIT",
       "dependencies": {
-        "@actions/cache": "^4.1.0",
+        "@actions/cache": "^4.0.3",
         "@actions/core": "^1.11.1",
         "@actions/exec": "^1.1.1",
         "@actions/github": "^6.0.1",
@@ -52,9 +52,9 @@
       }
     },
     "node_modules/@actions/cache": {
-      "version": "4.1.0",
+      "version": "4.0.3",
-      "resolved": "https://registry.npmjs.org/@actions/cache/-/cache-4.1.0.tgz",
+      "resolved": "https://registry.npmjs.org/@actions/cache/-/cache-4.0.3.tgz",
-      "integrity": "sha512-z3Opg+P4Y7baq+g1dODXgdtsvPLSewr3ZKpp3U0HQR1A/vWCoJFS52XSezjdngo4SIOdR5oHtyK3a3Arar+X9A==",
+      "integrity": "sha512-SvrqFtYJ7I48A/uXNkoJrnukx5weQv1fGquhs3+4nkByZThBH109KTIqj5x/cGV7JGNvb8dLPVywUOqX1fjiXg==",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^1.11.1",
@@ -65,7 +65,7 @@
         "@azure/abort-controller": "^1.1.0",
         "@azure/ms-rest-js": "^2.6.0",
         "@azure/storage-blob": "^12.13.0",
-        "@protobuf-ts/runtime-rpc": "^2.11.1",
+        "@protobuf-ts/plugin": "^2.9.4",
         "semver": "^6.3.1"
       }
     },
@@ -1590,19 +1590,81 @@
         "node": ">=8.0.0"
       }
     },
+    "node_modules/@protobuf-ts/plugin": {
+      "version": "2.9.5",
+      "resolved": "https://registry.npmjs.org/@protobuf-ts/plugin/-/plugin-2.9.5.tgz",
+      "integrity": "sha512-KCzNRTFye837XdfPjS85gGzxgPGVDR3W8Px2G3etXuouNog9W+Cr+U0IBTFADrRWXC2x+OSNjXxrdZEiw+H5Cw==",
+      "license": "Apache-2.0",
+      "dependencies": {
+        "@protobuf-ts/plugin-framework": "^2.9.5",
+        "@protobuf-ts/protoc": "^2.9.5",
+        "@protobuf-ts/runtime": "^2.9.5",
+        "@protobuf-ts/runtime-rpc": "^2.9.5",
+        "typescript": "^3.9"
+      },
+      "bin": {
+        "protoc-gen-dump": "bin/protoc-gen-dump",
+        "protoc-gen-ts": "bin/protoc-gen-ts"
+      }
+    },
+    "node_modules/@protobuf-ts/plugin-framework": {
+      "version": "2.9.5",
+      "resolved": "https://registry.npmjs.org/@protobuf-ts/plugin-framework/-/plugin-framework-2.9.5.tgz",
+      "integrity": "sha512-DYNQ8Ga3xwPZMfaZGRCnDOcEdQZK9MorTXngVoFLnHWEE8zLhUjFVtdkChZtTih6rl8Z6akyA7hRgj/GrJF58Q==",
+      "license": "(Apache-2.0 AND BSD-3-Clause)",
+      "dependencies": {
+        "@protobuf-ts/runtime": "^2.9.5",
+        "typescript": "^3.9"
+      }
+    },
+    "node_modules/@protobuf-ts/plugin-framework/node_modules/typescript": {
+      "version": "3.9.10",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.9.10.tgz",
+      "integrity": "sha512-w6fIxVE/H1PkLKcCPsFqKE7Kv7QUwhU8qQY2MueZXWx5cPZdwFupLgKK3vntcK98BtNHZtAF4LA/yl2a7k8R6Q==",
+      "license": "Apache-2.0",
+      "bin": {
+        "tsc": "bin/tsc",
+        "tsserver": "bin/tsserver"
+      },
+      "engines": {
+        "node": ">=4.2.0"
+      }
+    },
+    "node_modules/@protobuf-ts/plugin/node_modules/typescript": {
+      "version": "3.9.10",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.9.10.tgz",
+      "integrity": "sha512-w6fIxVE/H1PkLKcCPsFqKE7Kv7QUwhU8qQY2MueZXWx5cPZdwFupLgKK3vntcK98BtNHZtAF4LA/yl2a7k8R6Q==",
+      "license": "Apache-2.0",
+      "bin": {
+        "tsc": "bin/tsc",
+        "tsserver": "bin/tsserver"
+      },
+      "engines": {
+        "node": ">=4.2.0"
+      }
+    },
+    "node_modules/@protobuf-ts/protoc": {
+      "version": "2.9.5",
+      "resolved": "https://registry.npmjs.org/@protobuf-ts/protoc/-/protoc-2.9.5.tgz",
+      "integrity": "sha512-n6a7OHfr/Ubw483L6kNJB0wBCe/Ops0A652zB6J6nR2x1o+pjVFrMCeeQQsqxkYpQwQ8FCIETSxrMpfOBKTIvQ==",
+      "license": "Apache-2.0",
+      "bin": {
+        "protoc": "protoc.js"
+      }
+    },
     "node_modules/@protobuf-ts/runtime": {
-      "version": "2.11.1",
+      "version": "2.9.5",
-      "resolved": "https://registry.npmjs.org/@protobuf-ts/runtime/-/runtime-2.11.1.tgz",
+      "resolved": "https://registry.npmjs.org/@protobuf-ts/runtime/-/runtime-2.9.5.tgz",
-      "integrity": "sha512-KuDaT1IfHkugM2pyz+FwiY80ejWrkH1pAtOBOZFuR6SXEFTsnb/jiQWQ1rCIrcKx2BtyxnxW6BWwsVSA/Ie+WQ==",
+      "integrity": "sha512-SsumigRe3IqNTCQvVZUqDQExsKF72eyAMiWlYb5Jwj3eU4z8UH7JLlSfb/Wjidz4b/chTN6zh5AXBSKl0Asm3A==",
       "license": "(Apache-2.0 AND BSD-3-Clause)"
     },
     "node_modules/@protobuf-ts/runtime-rpc": {
-      "version": "2.11.1",
+      "version": "2.9.5",
-      "resolved": "https://registry.npmjs.org/@protobuf-ts/runtime-rpc/-/runtime-rpc-2.11.1.tgz",
+      "resolved": "https://registry.npmjs.org/@protobuf-ts/runtime-rpc/-/runtime-rpc-2.9.5.tgz",
-      "integrity": "sha512-4CqqUmNA+/uMz00+d3CYKgElXO9VrEbucjnBFEjqI4GuDrEQ32MaI3q+9qPBvIGOlL4PmHXrzM32vBPWRhQKWQ==",
+      "integrity": "sha512-NWAb1TaV4CR+BknZr1WRVT5Ws2AupVwGgRNes4oPAFrgLNXQotDFl2E6pmsjPwME8sAgJVzeSr7bUqQVyoAK2A==",
       "license": "Apache-2.0",
       "dependencies": {
-        "@protobuf-ts/runtime": "^2.11.1"
+        "@protobuf-ts/runtime": "^2.9.5"
       }
     },
     "node_modules/@sinclair/typebox": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "setup-node",
-  "version": "6.0.0",
+  "version": "5.0.0",
   "private": true,
   "description": "setup node action",
   "main": "lib/setup-node.js",
@@ -28,7 +28,7 @@
   "author": "GitHub",
   "license": "MIT",
   "dependencies": {
-    "@actions/cache": "^4.1.0",
+    "@actions/cache": "^4.0.3",
     "@actions/core": "^1.11.1",
     "@actions/exec": "^1.1.1",
     "@actions/github": "^6.0.1",

src/main.ts

@@ -67,25 +67,19 @@ export async function run() {
       auth.configAuthentication(registryUrl, alwaysAuth);
     }
 
+    const resolvedPackageManager = getNameFromPackageManagerField();
     const cacheDependencyPath = core.getInput('cache-dependency-path');
-
+    if (cache && isCacheFeatureAvailable()) {
-    if (isCacheFeatureAvailable()) {
+      core.saveState(State.CachePackageManager, cache);
-      // if the cache input is provided, use it for caching.
+      await restoreCache(cache, cacheDependencyPath);
-      if (cache) {
+    } else if (resolvedPackageManager && packagemanagercache) {
-        core.saveState(State.CachePackageManager, cache);
+      core.info(
-        await restoreCache(cache, cacheDependencyPath);
+        "Detected package manager from package.json's packageManager field: " +
-        // package manager npm is detected from package.json, enable auto-caching for npm.
+          resolvedPackageManager +
-      } else if (packagemanagercache) {
+          '. Auto caching has been enabled for it. If you want to disable it, set package-manager-cache input to false'
-        const resolvedPackageManager = getNameFromPackageManagerField();
+      );
-        if (resolvedPackageManager) {
+      core.saveState(State.CachePackageManager, resolvedPackageManager);
-          core.info(
+      await restoreCache(resolvedPackageManager, cacheDependencyPath);
-            "Detected npm as the package manager from package.json's packageManager field. " +
-              'Auto caching has been enabled for npm. If you want to disable it, set package-manager-cache input to false'
-          );
-          core.saveState(State.CachePackageManager, resolvedPackageManager);
-          await restoreCache(resolvedPackageManager, cacheDependencyPath);
-        }
-      }
     }
 
     const matchersPath = path.join(__dirname, '../..', '.github');
@@ -138,7 +132,8 @@ function resolveVersionInput(): string {
 }
 
 export function getNameFromPackageManagerField(): string | undefined {
-  const npmRegex = /^(\^)?npm(@.*)?$/; // matches "npm", "npm@...", "^npm@..."
+  // Check packageManager field in package.json
+  const SUPPORTED_PACKAGE_MANAGERS = ['npm', 'yarn', 'pnpm'];
   try {
     const packageJson = JSON.parse(
       fs.readFileSync(
@@ -146,24 +141,16 @@ export function getNameFromPackageManagerField(): string | undefined {
         'utf-8'
       )
     );
-
+    const pm = packageJson.packageManager;
-    // Check devEngines.packageManager first (object or array)
+    if (typeof pm === 'string') {
-    const devPM = packageJson?.devEngines?.packageManager;
+      const regex = new RegExp(
-    const devPMArray = devPM ? (Array.isArray(devPM) ? devPM : [devPM]) : [];
+        `^(?:\\^)?(${SUPPORTED_PACKAGE_MANAGERS.join('|')})@`
-    for (const obj of devPMArray) {
+      );
-      if (typeof obj?.name === 'string' && npmRegex.test(obj.name)) {
+      const match = pm.match(regex);
-        return 'npm';
+      return match ? match[1] : undefined;
-      }
     }
-
-    // Check top-level packageManager
-    const topLevelPM = packageJson?.packageManager;
-    if (typeof topLevelPM === 'string' && npmRegex.test(topLevelPM)) {
-      return 'npm';
-    }
-
     return undefined;
-  } catch {
+  } catch (err) {
     return undefined;
   }
 }