Add retry with backoff for GitHub API calls and binary downloads #777
Description
Problem
The action makes GitHub API calls to resolve the uv version and downloads binaries from GitHub Releases. If the API returns a transient error (5xx, timeout), the action fails immediately with no retry:
Getting latest version from GitHub API...
Error: Github API request failed while getting latest release.
Check the GitHub status page for outages. Try again later.
Even with github-token set (authenticated requests), there's no recovery path for transient failures.
Current behavior
A single failed API call or download causes the entire step to fail. The source in download-version.ts has no retry logic — only a fallback from authenticated to anonymous on Bad credentials errors.
Proposed behavior
Add retry with exponential backoff (e.g., 3 attempts, 1s/2s/4s delays) for transient errors (5xx, 408, 429) on both:
- GitHub API calls (version resolution via
octokit.rest.repos.listReleases/getLatestRelease) - Binary downloads (from GitHub Releases)
Precedent
GitHub's own @actions/tool-cache already implements this pattern — downloadTool() uses a RetryHelper that retries on HTTP 500+, 408, and 429. The same approach could be applied here, either by using @actions/tool-cache directly or by adding a similar retry wrapper around the Octokit calls.
Context
GitHub API has experienced frequent transient failures. Per the January 2026 availability report alone:
- Jan 13: API/Copilot outage, error rates peaking at 100%
- Jan 15: Infrastructure degradation, 1.8% avg failure rate across web and API (peaking at 10%)
- Jan 20: Actions workflow dispatch delays
- Jan 22: Authentication service failure, API error rates averaging 16.9% (peaking at 22.2%)
- Jan 24-25: Repository operations degraded, 25% avg error rate (peaking at 55%)
And this continued into February — uptime reportedly dropped below 90% at points during 2025, with multiple Actions/API outages in early 2026.
Most of these are short-lived transient errors where a simple retry after a few seconds would succeed. Without retry logic, every CI pipeline using setup-uv without a pinned version is vulnerable to these frequent, brief API hiccups.