prefix-dev · ruben-arts · Feb 3, 2026 · Jan 27, 2026 · Jan 28, 2026 · Feb 2, 2026
diff --git a/docs/integration/ci/github_actions.md b/docs/integration/ci/github_actions.md
@@ -8,7 +8,7 @@ We created [prefix-dev/setup-pixi](https://github.com/prefix-dev/setup-pixi) to
 ## Usage
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     pixi-version: v0.63.2
     cache: true
@@ -19,7 +19,7 @@ We created [prefix-dev/setup-pixi](https://github.com/prefix-dev/setup-pixi) to
 
 !!!warning "Pin your action versions"
     Since pixi is not yet stable, the API of this action may change between minor versions.
-    Please pin the versions of this action to a specific version (i.e., `prefix-dev/[email protected].2`) to avoid breaking changes.
+    Please pin the versions of this action to a specific version (i.e., `prefix-dev/[email protected].4`) to avoid breaking changes.
     You can automatically update the version of this action by using [Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot).
 
     Put the following in your `.github/dependabot.yml` file to enable Dependabot for your GitHub Actions:
@@ -35,6 +35,8 @@ We created [prefix-dev/setup-pixi](https://github.com/prefix-dev/setup-pixi) to
           dependencies:
             patterns:
               - "*"
+        cooldown:
+          default-days: 7
     ```
 
     1.  or `daily`, `weekly`
@@ -64,7 +66,7 @@ As there is no lockfile for global environments, the cache will expire at the en
     This can be done by setting the `cache-write` argument.
 
     ```yaml
-    - uses: prefix-dev/[email protected].2
+    - uses: prefix-dev/[email protected].4
       with:
         cache: true
         cache-write: ${{ github.event_name == 'push' && github.ref_name == 'main' }}
@@ -109,7 +111,7 @@ test:
       environment: [py311, py312]
   steps:
   - uses: actions/checkout@v4
-  - uses: prefix-dev/[email protected].2
+  - uses: prefix-dev/[email protected].4
     with:
       environments: ${{ matrix.environment }}
 ```
@@ -119,7 +121,7 @@ test:
 The following example will install both the `py311` and the `py312` environment on the runner.
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     environments: >- # (1)!
       py311
@@ -147,7 +149,7 @@ For instance, the `keyring`, or `gcloud` executables. The following example show
 By default, global environments are not cached. You can enable caching by setting the `global-cache` input to `true`.
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     global-environments: |
       google-cloud-sdk
@@ -180,7 +182,7 @@ Specify the token using the `auth-token` input argument.
 This form of authentication (bearer token in the request headers) is mainly used at [prefix.dev](https://prefix.dev).
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     auth-host: prefix.dev
     auth-token: ${{ secrets.PREFIX_DEV_TOKEN }}
@@ -192,7 +194,7 @@ Specify the username and password using the `auth-username` and `auth-password`
 This form of authentication (HTTP Basic Auth) is used in some enterprise environments with [artifactory](https://jfrog.com/artifactory) for example.
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     auth-host: custom-artifactory.com
     auth-username: ${{ secrets.PIXI_USERNAME }}
@@ -205,7 +207,7 @@ Specify the conda-token using the `conda-token` input argument.
 This form of authentication (token is encoded in URL: `https://my-quetz-instance.com/t/<token>/get/custom-channel`) is used at [anaconda.org](https://anaconda.org) or with [quetz instances](https://github.com/mamba-org/quetz).
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     auth-host: anaconda.org # (1)!
     auth-conda-token: ${{ secrets.CONDA_TOKEN }}
@@ -219,7 +221,7 @@ Specify the S3 key pair using the `auth-access-key-id` and `auth-secret-access-k
 You can also specify the session token using the `auth-session-token` input argument.
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     auth-host: s3://my-s3-bucket
     auth-s3-access-key-id: ${{ secrets.ACCESS_KEY_ID }}
@@ -236,7 +238,7 @@ See the [S3 section](../../deployment/s3.md) for more information about S3 authe
 You can specify whether to use keyring to look up credentials for PyPI.
 
 ```yml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     pypi-keyring-provider: subprocess # one of 'subprocess', 'disabled'
 ```
@@ -312,15 +314,15 @@ To this end, `setup-pixi` adds all environment variables set when executing `pix
 As a result, all installed binaries can be accessed without having to call `pixi run`.
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     activate-environment: true
 ```
 
 If you are installing multiple environments, you will need to specify the name of the environment that you want to be activated.
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     environments: >-
       py311
@@ -337,7 +339,7 @@ You can specify whether `setup-pixi` should run `pixi install --frozen` or `pixi
 See the [official documentation](../../reference/cli/pixi/install.md#update-options) for more information about the `--frozen` and `--locked` flags.
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     locked: true
     # or
@@ -367,7 +369,7 @@ The second type is the debug logging of the pixi executable.
 This can be specified by setting the `log-level` input.
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     log-level: vvv # (1)!
 ```
@@ -394,7 +396,7 @@ If nothing is specified, `post-cleanup` will default to `true`.
 On self-hosted runners, you also might want to alter the default pixi install location to a temporary location. You can use `pixi-bin-path: ${{ runner.temp }}/bin/pixi` to do this.
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     post-cleanup: true
     pixi-bin-path: ${{ runner.temp }}/bin/pixi # (1)!
@@ -410,17 +412,47 @@ You can also use a preinstalled local version of pixi on the runner by not setti
 This can be overwritten by setting the `manifest-path` input argument.
 
 ```yaml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     manifest-path: pyproject.toml
 ```
 
+### Working directory for monorepos
+
+If you're working with a monorepo where your pixi project is in a subdirectory, you can use the `working-directory` input to specify where pixi should look for manifest files (`pixi.toml` or `pyproject.toml`).
+
+```yml
+- uses: prefix-dev/[email protected]
+  with:
+    working-directory: ./packages/my-project
+```
+
+This will make pixi look for `pixi.toml` or `pyproject.toml` in the `./packages/my-project` directory instead of the repository root. All pixi commands will be executed from this working directory.
+
+!!!note "Also in other steps"
+    The `working-directory` input only affects commands run by `setup-pixi` itself.
+    For subsequent `run:` steps, you need to set the working directory separately:
+
+    ```yml
+    - run: pixi run test
+      working-directory: ./packages/my-project
+    ```
+
+You can combine `working-directory` with `manifest-path` if needed:
+
+```yml
+- uses: prefix-dev/[email protected]
+  with:
+    working-directory: ./packages/my-project
+    manifest-path: custom-pixi.toml
+```
+
 ### Only install pixi
 
 If you only want to install pixi and not install the current workspace, you can use the `run-install` option.
 
 ```yml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     run-install: false
 ```
@@ -431,7 +463,7 @@ You can also download pixi from a custom URL by setting the `pixi-url` input arg
 Optionally, you can combine this with the `pixi-url-headers` input argument to supply additional headers for the download request, such as a bearer token.
 
 ```yml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     pixi-url: https://pixi-mirror.example.com/releases/download/v0.48.0/pixi-x86_64-unknown-linux-musl
     pixi-url-headers: '{"Authorization": "Bearer ${{ secrets.PIXI_MIRROR_BEARER_TOKEN }}"}'
@@ -447,7 +479,7 @@ It will be rendered with the following variables:
 By default, `pixi-url` is equivalent to the following template:
 
 ```yml
-- uses: prefix-dev/[email protected].2
+- uses: prefix-dev/[email protected].4
   with:
     pixi-url: |
       {{#if latest~}}