chore(deps): update oven-sh/setup-bun action to v2

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
oven-sh/setup-bun	action	major	v1 → v2

---

Release Notes

oven-sh/setup-bun (oven-sh/setup-bun)

v2.2.0

Compare Source

oven-sh/setup-bun is the github action for setting up Bun.

What's Changed

• build: update action runtime to Node.js 24 by @​adam0white in #​176
• ci: use actions/checkout@v6.0.2 in the test workflow by @​tcely in #​173
• ci: update actions for the autofix.ci workflow by @​tcely in #​174
• ci: update actions for the Release new action version workflow by @​tcely in #​175
• release: v2.2.0 by @​xhyrom in #​177

New Contributors

• @​adam0white made their first contribution in #​176
• @​tcely made their first contribution in #​173

Full Changelog: oven-sh/setup-bun@v2...v2.2.0

v2.1.3

Compare Source

oven-sh/setup-bun is the github action for setting up Bun.

What's Changed

• perf: avoid unnecessary api calls by @​xhyrom in #​161
• feat: add bun- prefix to cache keys by @​maschwenk in #​160
• fix: use native Windows ARM64 binary for Bun >= 1.3.10 by @​oddrationale in #​165
• feat: add AVX2 support detection for x64 Linux systems by @​GoForceX in #​167
• fix: validate cached binary version matches requested version (#​146) by @​wyMinLwin in #​169
• release: v2.1.3 by @​xhyrom in #​170

New Contributors

• @​oddrationale made their first contribution in #​165
• @​GoForceX made their first contribution in #​167
• @​wyMinLwin made their first contribution in #​169

Full Changelog: oven-sh/setup-bun@v2...v2.1.3

v2.1.2

Compare Source

oven-sh/setup-bun is the github action for setting up Bun.

What's Changed

• fix: default token only on public github instance by @​xhyrom in #​157

Full Changelog: oven-sh/setup-bun@v2...v2.1.2

v2.1.1

Compare Source

oven-sh/setup-bun is the github action for setting up Bun.

What's Changed

• feat: implement wildcard resolution into the action by @​xhyrom in #​93
• feat: fallback arm64 to x64 architecture for win32 platform by @​xhyrom in #​131
• feat: use packageManager from package.json as default bun version by @​xhyrom in #​152
• bump the form-data dependency to version v4.0.5 due to GHSA-fjxv-7rqg-78g4 by @​Jarred-Sumner

Full Changelog: oven-sh/setup-bun@v2.1.0...v2.1.1

v2.1.0

Compare Source

oven-sh/setup-bun is the github action for setting up Bun.

What's Changed

• chore: add settings for vscode by @​okineadev in #​120
• feat: support for multiple registries by @​xhyrom in #​109
• feat: read engines from package json by @​xhyrom in #​132
• ci: disable tests with version selectors by @​xhyrom in #​133
• chore(ci): Pin GitHub Actions to SHA-1s by @​dgilmanuni in #​140
• feat: Check for existing bun before downloading by @​erikaxel in #​138
• docs: restore missing no-cache input by @​bashonly in #​149
• release: v2.1.0 by @​xhyrom in #​151

New Contributors

• @​dgilmanuni made their first contribution in #​140
• @​erikaxel made their first contribution in #​138
• @​bashonly made their first contribution in #​149

Full Changelog: oven-sh/setup-bun@v2...v2.1.0

v2.0.2

Compare Source

oven-sh/setup-bun is the github action for setting up Bun.

What's Changed

• fix: allow more spaces for .tool-versions by @​ronnnnn in #​94
• chore(docs): missing version on examples by @​Marukome0743 in #​96
• fix: use hash instead of url for primary cache key (#​102) by @​xhyrom in #​103
• ci: add setup bun download url by @​xhyrom in #​105
• Make bun resolve to given file path when an absolute path is given by @​fbarbare in #​114
• build: use text-based Bun lockfile by @​okineadev in #​116
• ci: remove unnecessary steps & cleanup by @​okineadev in #​118
• build: bump @​actions/cache version by @​rmichalak in #​128
• fix(docs): remove wildcard in version by @​afonsojramos in #​124

New Contributors

• @​ronnnnn made their first contribution in #​94
• @​Marukome0743 made their first contribution in #​96
• @​fbarbare made their first contribution in #​114
• @​okineadev made their first contribution in #​116
• @​rmichalak made their first contribution in #​128
• @​afonsojramos made their first contribution in #​124

Full Changelog: oven-sh/setup-bun@v2...v2.0.2

v2.0.1

Compare Source

oven-sh/setup-bun is the github action for setting up Bun.

This releases fixes false warning when you don't have any parameters in action (#​90) thanks to @​Araxeus

What's Changed

• docs: show correct bun-version-file examples by @​xHyroM in #​86
• fix: bun-version-file default value by @​Araxeus in #​90

New Contributors

• @​Araxeus made their first contribution in #​90

Full Changelog: oven-sh/setup-bun@v1...v2

v2

Compare Source

oven-sh/setup-bun is the github action for setting up Bun.

This release introduces support for the bun-version-file option, fixes #​79, and adds bun paths & urls to the output (#​81)

For more information, see #​76 by @​adeherysh and #​80 by @​xHyroM 🎉

Full Changelog: oven-sh/setup-bun@v1...v2

v1.2.2

Compare Source

oven-sh/setup-bun is the github action for setting up Bun.

This release introduces support for the bun-download-url input, which lets you override the URL used to download the .zip file for Bun.

Here's an example:

- name: Setup Bun
  uses: oven-sh/setup-bun@v1.2.2
  with:
    bun-version: latest
    bun-download-url: "https://github.com/oven-sh/bun/releases/latest/download/bun-${{runner.os == 'macOS' && 'darwin' || runner.os}}-${{ runner.arch == 'X64' && 'x64' || 'arm64' }}.zip"

v1.2.1

Compare Source

setup-bun v1.2.1

Download, install, and setup Bun in GitHub Actions.

Usage

- uses: oven-sh/setup-bun@v1
  with:
    bun-version: latest

Using a custom NPM registry

- uses: oven-sh/setup-bun@v1
  with:
    registry-url: "https://npm.pkg.github.com/"
    scope: "@​foo"

If you need to authenticate with a private registry, you can set the BUN_AUTH_TOKEN environment variable.

- name: Install Dependencies
  env:
    BUN_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  run: bun install --frozen-lockfile

Node.js not needed

In most cases, you shouldn't need to use the setup-node GitHub Action.

Inputs

Name	Description	Default	Examples
bun-version	The version of Bun to download and install.	latest	canary, 1.0.0, 1.0.x
registry-url	Registry URL where some private package is stored.	undefined	"https://npm.pkg.github.com/"
scope	Scope for private packages.	undefined	"@​foo", "@​orgname"
no-cache	Disable caching of the downloaded executable.	false	true, false

Outputs

Name	Description	Example
cache-hit	If the Bun executable was read from cache.	true
bun-version	The output from bun --version.	1.0.0
bun-revision	The output from bun --revision.	1.0.0+822a00c4

What's Changed

• build: bump ci actions by @​xHyroM in #​66
• feat: support .tool-versions by @​xHyroM in #​68
• fix: retry installing three times, add windows for testing by @​xHyroM in #​72
• fix: close immediately by @​xHyroM in #​75

Full Changelog: oven-sh/setup-bun@v1.2.0...v1.2.1

v1.2.0

Compare Source

setup-bun v1.2.0

Download, install, and setup Bun in GitHub Actions.

Usage

- uses: oven-sh/setup-bun@v1
  with:
    bun-version: latest

Using a custom NPM registry

- uses: oven-sh/setup-bun@v1
  with:
    registry-url: "https://npm.pkg.github.com/"
    scope: "@​foo"

If you need to authenticate with a private registry, you can set the BUN_AUTH_TOKEN environment variable.

- name: Install Dependencies
  env:
    BUN_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  run: bun install --frozen-lockfile

Node.js not needed

In most cases, you shouldn't need to use the setup-node GitHub Action.

Inputs

Name	Description	Default	Examples
bun-version	The version of Bun to download and install.	latest	canary, 1.0.0, 1.0.x
registry-url	Registry URL where some private package is stored.	undefined	"https://npm.pkg.github.com/"
scope	Scope for private packages.	undefined	"@​foo", "@​orgname"
no-cache	Disable caching of the downloaded executable.	false	true, false

Outputs

Name	Description	Example
cache-hit	If the Bun executable was read from cache.	true
bun-version	The output from bun --version.	1.0.0
bun-revision	The output from bun --revision.	1.0.0+822a00c4

What's Changed

• docs: add explanatory note about setup-node by @​PaulRBerg in #​47
• Add GitHub action to auto-update the v1 tag by @​jcbhmr in #​53
• docs: add --frozen-lockfile to README by @​blimmer in #​52
• Fix typo in README.md by @​starsep in #​57
• Move cache save to runs.post and exit early by @​andyexeter in #​60
• Add no-cache option by @​maschwenk in #​58

New Contributors

• @​PaulRBerg made their first contribution in #​47
• @​jcbhmr made their first contribution in #​53
• @​blimmer made their first contribution in #​52
• @​starsep made their first contribution in #​57
• @​andyexeter made their first contribution in #​60
• @​maschwenk made their first contribution in #​58

Full Changelog: oven-sh/setup-bun@v1...v1.2.0

v1.1.1

Compare Source

setup-bun v1.1.0

Download, install, and setup Bun in GitHub Actions.

Usage

- uses: oven-sh/setup-bun@v1
  with:
    bun-version: latest

Using a custom NPM registry

- uses: oven-sh/setup-bun@v1
  with:
    registry-url: "https://npm.pkg.github.com/"
    scope: "@​foo"

If you need to authenticate with a private registry, you can set the BUN_AUTH_TOKEN environment variable.

- name: Install Dependencies
  env:
    BUN_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  run: bun install

Inputs

Name	Description	Default	Examples
bun-version	The version of Bun to download and install.	latest	canary, 1.0.0, 1.0.x
registry-url	Registry URL where some private package is stored.	undefined	"https://npm.pkg.github.com/"
scope	Scope for private pacakages.	undefined	"@​foo", "@​orgname"

Outputs

Name	Description	Example
cache-hit	If the Bun executable was read from cache.	true
bun-version	The output from bun --version.	1.0.0
bun-revision	The output from bun --revision.	1.0.0+822a00c4

What's Changed

• fix: package manager by @​xHyroM in #​42

Full Changelog: oven-sh/setup-bun@v1.1.0...v1.1.1

v1.1.0

Compare Source

setup-bun v1.1.0

Download, install, and setup Bun in GitHub Actions.

Usage

- uses: oven-sh/setup-bun@v1
  with:
    bun-version: latest

Using a custom NPM registry

- uses: oven-sh/setup-bun@v1
  with:
    registry-url: "https://npm.pkg.github.com/"
    scope: "@​foo"

If you need to authenticate with a private registry, you can set the BUN_AUTH_TOKEN environment variable.

- name: Install Dependencies
  env:
    BUN_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  run: bun install

Inputs

Name	Description	Default	Examples
bun-version	The version of Bun to download and install.	latest	canary, 1.0.0, 1.0.x
registry-url	Registry URL where some private package is stored.	undefined	"https://npm.pkg.github.com/"
scope	Scope for private pacakages.	undefined	"@​foo", "@​orgname"

Outputs

Name	Description	Example
cache-hit	If the Bun executable was read from cache.	true
bun-version	The output from bun --version.	1.0.0
bun-revision	The output from bun --revision.	1.0.0+822a00c4

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[claude]

⚠️ Code review skipped — your organization's overage spend limit has been reached.

Code review is billed via overage credits. To resume reviews, an organization admin can raise the monthly limit in Settings → Usage.

Once credits are available, reopen this pull request to trigger a review.

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
mdcms	Error		May 13, 2026 3:25am
mdcms-studio-review	Ready	Preview, Comment	May 13, 2026 3:25am

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Free

Run ID: 2d8b3e74-996e-4cdb-899b-2884c752fc18

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}