When no explicit version is provided, Setup Mago automatically determines the correct Mago CLI version to install by inspecting your project’s Composer files. This means the version running in CI always reflects the version your project actually depends on — without any manual version management in your workflow file. The resolution follows a strict priority chain, moving from the most precise signal to the most permissive fallback.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/nhedger/setup-mago/llms.txt
Use this file to discover all available pages before exploring further.
Resolution Priority Chain
Explicit version input
If the Passing
version input is set to a non-empty string, that value is used immediately and no Composer files are read. This takes precedence over everything else.version: latest also qualifies as an explicit value and skips file detection, instructing the action to fetch and install the newest stable GitHub release.Version from composer.lock
If no If
version input is given, the action reads composer.lock from the working directory and searches the packages-dev array for an entry whose name field equals carthage-software/mago. When found, the version field of that entry is used.Only
packages-dev is searched in composer.lock. If carthage-software/mago appears only in packages (the non-dev section), it will not be found at this step and resolution continues to the next step.composer.lock does not exist, is not valid JSON, or does not contain a matching entry, this step returns nothing and resolution moves on.Version from composer.json
When no version can be resolved from Exact versions — if the value is a valid semver string (e.g. If
composer.lock, the action falls back to reading composer.json from the working directory. It checks the require-dev field first, then require, looking for the key carthage-software/mago."0.6.2"), it is used directly.Version ranges — if the value is a valid semver range expression (e.g. "^0.6.0", ">=0.5.0 <1.0.0"), the action fetches all stable releases of carthage-software/mago from the GitHub API and selects the highest version that satisfies the range using semver.maxSatisfying.Draft releases and pre-releases are excluded when fetching available versions from the GitHub API. Only stable, published releases are considered when resolving a range.
composer.json does not exist, contains no carthage-software/mago entry, or the range cannot be satisfied by any known release, this step returns nothing.Fallback to latest
If none of the previous steps produce a version, the action installs the latest stable release of the Mago CLI. This is equivalent to passing
version: latest explicitly.The fallback ensures the action never fails due to a missing version specifier, but it means builds may install different Mago versions over time as new releases are published. Pinning the version via
composer.lock is the recommended approach for reproducible CI.The working-directory Input
By default the action searches for composer.lock and composer.json in the current working directory of the runner, which is typically the root of the checked-out repository. You can point the action at a different directory using the working-directory input.
composer.lock and composer.json will be looked for inside the specified directory.
If the specified
working-directory does not exist on the runner, the action logs a warning and falls back to the current working directory rather than failing the step.Summary Table
| Condition | Version used |
|---|---|
version input is set | Value of version input |
packages-dev in composer.lock contains carthage-software/mago | Exact version from lockfile |
require-dev or require in composer.json contains carthage-software/mago (exact) | Exact version from manifest |
require-dev or require in composer.json contains carthage-software/mago (range) | Highest satisfying stable release |
| None of the above | Latest stable release |