build(deps-dev): bump eslint-config-prettier from 9.1.2 to 10.1.8

Bumps [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) from 9.1.2 to 10.1.8.
- [Release notes](https://github.com/prettier/eslint-config-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-config-prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/eslint-config-prettier/commits/v10.1.8)

---
updated-dependencies:
- dependency-name: eslint-config-prettier
  dependency-version: 10.1.8
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/check-dist.yml

@@ -1,4 +1,4 @@
-name: Check dist/
+name: Check dist content
 
 on:
   push:
@@ -11,9 +11,12 @@ on:
       - '**.md'
   workflow_dispatch:
 
+permissions:
+  contents: read
+
 jobs:
   call-check-dist:
     name: Check dist/
     uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main
     with:
-      node-version: "20.x"
+      node-version: "24.x"

.github/workflows/close-inactive-issues.yml

@@ -1,4 +1,5 @@
 name: Close inactive issues
+
 on:
   schedule:
     - cron: "30 8 * * *"

.github/workflows/codeql.yml

@@ -1,4 +1,4 @@
-name: "Code scanning - action"
+name: Code scanning
 
 on:
   push:
@@ -6,18 +6,17 @@ on:
   schedule:
     - cron: '0 19 * * 0'
 
+permissions:
+  contents: read
+  security-events: write
+
 jobs:
   CodeQL-Build:
     # CodeQL runs on ubuntu-latest, windows-latest, and macos-latest
     runs-on: ubuntu-latest
-
-    permissions:
-      # required for all workflows
-      security-events: write
-
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

.github/workflows/issue-opened-workflow.yml

@@ -1,16 +1,21 @@
 name: Assign issue
+
 on:
   issues:
     types: [opened]
+
+permissions:
+  issues: write
+
 jobs:
   run-action:
     runs-on: ubuntu-latest
     steps:
-    - name: Get current oncall
-      id: oncall
-      run: |
-        echo "CURRENT=$(curl --request GET 'https://api.pagerduty.com/oncalls?include[]=users&schedule_ids[]=P5VG2BX&earliest=true' --header 'Authorization: Token token=${{ secrets.PAGERDUTY_TOKEN }}' --header 'Accept: application/vnd.pagerduty+json;version=2' --header 'Content-Type: application/json' | jq -r '.oncalls[].user.name')" >> $GITHUB_OUTPUT
-    
-    - name: add_assignees
-      run: |
-        curl -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN}}" https://api.github.com/repos/${{github.repository}}/issues/${{ github.event.issue.number}}/assignees -d '{"assignees":["${{steps.oncall.outputs.CURRENT}}"]}'
+      - name: Get current oncall
+        id: oncall
+        run: |
+          echo "CURRENT=$(curl --request GET 'https://api.pagerduty.com/oncalls?include[]=users&schedule_ids[]=P5VG2BX&earliest=true' --header 'Authorization: Token token=${{ secrets.PAGERDUTY_TOKEN }}' --header 'Accept: application/vnd.pagerduty+json;version=2' --header 'Content-Type: application/json' | jq -r '.oncalls[].user.name')" >> $GITHUB_OUTPUT
+
+      - name: add_assignees
+        run: |
+          curl -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN}}" https://api.github.com/repos/${{github.repository}}/issues/${{ github.event.issue.number}}/assignees -d '{"assignees":["${{steps.oncall.outputs.CURRENT}}"]}'

.github/workflows/licensed.yml

@@ -1,4 +1,4 @@
-name: Licensed
+name: License check
 
 on:
   push:
@@ -9,7 +9,35 @@ on:
       - main
   workflow_dispatch:
 
+permissions:
+  contents: read
+
 jobs:
-  call-licensed:
-    name: Licensed
-    uses: actions/reusable-workflows/.github/workflows/licensed.yml@main
+  validate-cached-dependency-records:
+    runs-on: ubuntu-latest
+    name: Check licenses
+    steps:
+
+      - name: Checkout
+        uses: actions/checkout@v5
+
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: '3.1.7'
+
+      - name: Install licensed tool
+        run: |
+          cd "$RUNNER_TEMP"
+          curl -Lfs -o licensed.tar.gz https://github.com/licensee/licensed/archive/refs/tags/v5.0.4.tar.gz
+          tar -xzf licensed.tar.gz
+          cd licensed-5.0.4
+          bundle install
+
+      - name: Check cached dependency records
+        run: |
+          cd ${{ github.workspace }}
+          BUNDLE_GEMFILE=$RUNNER_TEMP/licensed-5.0.4/Gemfile bundle exec $RUNNER_TEMP/licensed-5.0.4/exe/licensed status

.github/workflows/pr-opened-workflow.yml

@@ -1,20 +1,25 @@
-name: Add Reviewer PR
+name: Assign pull request reviewer
+
 on:
   pull_request_target:
     types: [opened]
+
+permissions:
+  pull-requests: write
+
 jobs:
   run-action:
     runs-on: ubuntu-latest
     steps:
-    - name: Get current oncall
-      id: oncall
-      run: |
-        echo "CURRENT=$(curl --request GET 'https://api.pagerduty.com/oncalls?include[]=users&schedule_ids[]=P5VG2BX&earliest=true' --header 'Authorization: Token token=${{ secrets.PAGERDUTY_TOKEN }}' --header 'Accept: application/vnd.pagerduty+json;version=2' --header 'Content-Type: application/json' | jq -r '.oncalls[].user.name')" >> $GITHUB_OUTPUT
-    
-    - name: Request Review
-      run: |
-        curl -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN}}" https://api.github.com/repos/${{github.repository}}/pulls/${{ github.event.pull_request.number}}/requested_reviewers -d '{"reviewers":["${{steps.oncall.outputs.CURRENT}}"]}'
-        
-    - name: Add Assignee
-      run: |
-        curl -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN}}" https://api.github.com/repos/${{github.repository}}/issues/${{ github.event.pull_request.number}}/assignees -d '{"assignees":["${{steps.oncall.outputs.CURRENT}}"]}'    
+      - name: Get current oncall
+        id: oncall
+        run: |
+          echo "CURRENT=$(curl --request GET 'https://api.pagerduty.com/oncalls?include[]=users&schedule_ids[]=P5VG2BX&earliest=true' --header 'Authorization: Token token=${{ secrets.PAGERDUTY_TOKEN }}' --header 'Accept: application/vnd.pagerduty+json;version=2' --header 'Content-Type: application/json' | jq -r '.oncalls[].user.name')" >> $GITHUB_OUTPUT
+
+      - name: Request Review
+        run: |
+          curl -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN}}" https://api.github.com/repos/${{github.repository}}/pulls/${{ github.event.pull_request.number}}/requested_reviewers -d '{"reviewers":["${{steps.oncall.outputs.CURRENT}}"]}'
+
+      - name: Add Assignee
+        run: |
+          curl -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN}}" https://api.github.com/repos/${{github.repository}}/issues/${{ github.event.pull_request.number}}/assignees -d '{"assignees":["${{steps.oncall.outputs.CURRENT}}"]}'

.github/workflows/publish-immutable-actions.yml

@@ -1,20 +1,20 @@
-name: 'Publish Immutable Action Version'
+name: Publish immutable action
 
 on:
   release:
-    types: [published]
+    types: [released]
+
+permissions:
+  contents: read
+  id-token: write
+  packages: write
 
 jobs:
   publish:
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
-      packages: write
-
     steps:
       - name: Checking out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Publish
         id: publish
         uses: actions/publish-immutable-action@0.0.3

.github/workflows/release-new-action-version.yml

@@ -1,4 +1,5 @@
 name: Release new action version
+
 on:
   release:
     types: [released]
@@ -10,6 +11,7 @@ on:
 
 env:
   TAG_NAME: ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }}
+
 permissions:
   contents: write
 

.github/workflows/workflow.yml

@@ -10,6 +10,9 @@ on:
       - main
       - releases/**
 
+permissions:
+  contents: read
+
 jobs:
   # Build and unit test
   build:
@@ -20,11 +23,11 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
-    - name: Setup Node.js 20.x
+      uses: actions/checkout@v5
+    - name: Setup Node.js 24.x
       uses: actions/setup-node@v4
       with:
-        node-version: 20.x
+        node-version: 24.x
         cache: npm
     - run: npm ci
     - name: Prettier Format Check
@@ -43,7 +46,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
     - name: Generate files in working directory
       shell: bash
       run: __tests__/create-cache-files.sh ${{ runner.os }} test-cache
@@ -57,6 +60,7 @@ jobs:
         path: |
           test-cache
           ~/test-cache
+
   test-restore:
     needs: test-save
     strategy:
@@ -66,7 +70,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
     - name: Restore cache
       uses: ./
       with:
@@ -86,17 +90,88 @@ jobs:
     runs-on: ubuntu-latest
     container:
       image: ubuntu:latest
-      options: --dns 127.0.0.1
+      options: --cap-add=NET_ADMIN
     services:
       squid-proxy:
         image: ubuntu/squid:latest
         ports:
           - 3128:3128
     env:
+      http_proxy: http://squid-proxy:3128
       https_proxy: http://squid-proxy:3128
     steps:
+    - name: Wait for proxy to be ready
+      shell: bash
+      run: |
+        echo "Waiting for squid proxy to be ready..."
+        echo "Resolving squid-proxy hostname:"
+        getent hosts squid-proxy || echo "DNS resolution failed"
+        for i in $(seq 1 30); do
+          if (echo > /dev/tcp/squid-proxy/3128) 2>/dev/null; then
+            echo "Proxy is ready!"
+            exit 0
+          fi
+          echo "Attempt $i: Proxy not ready, waiting..."
+          sleep 2
+        done
+        echo "Proxy failed to become ready"
+        exit 1
+      env:
+        http_proxy: ""
+        https_proxy: ""
+    - name: Install dependencies
+      run: |
+        apt-get update
+        apt-get install -y iptables curl
+    - name: Verify proxy is working
+      run: |
+        echo "Testing proxy connectivity..."
+        curl -s -o /dev/null -w "%{http_code}" --proxy http://squid-proxy:3128 http://github.com || true
+        echo "Proxy verification complete"
+    - name: Block direct traffic (enforce proxy usage)
+      run: |
+        # Get the squid-proxy container IP
+        PROXY_IP=$(getent hosts squid-proxy | awk '{ print $1 }')
+        echo "Proxy IP: $PROXY_IP"
+        
+        # Allow loopback traffic
+        iptables -A OUTPUT -o lo -j ACCEPT
+        
+        # Allow traffic to the proxy container
+        iptables -A OUTPUT -d $PROXY_IP -j ACCEPT
+        
+        # Allow established connections
+        iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+        
+        # Allow DNS (needed for initial resolution)
+        iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
+        iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
+        
+        # Block all other outbound traffic (HTTP/HTTPS)
+        iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+        iptables -A OUTPUT -p tcp --dport 443 -j REJECT
+        
+        # Log the iptables rules for debugging
+        iptables -L -v -n
+    - name: Verify direct HTTPS is blocked
+      run: |
+        echo "Testing that direct HTTPS requests fail..."
+        if curl --noproxy '*' -s --connect-timeout 5 https://github.com > /dev/null 2>&1; then
+          echo "ERROR: Direct HTTPS request succeeded - blocking is not working!"
+          exit 1
+        else
+          echo "SUCCESS: Direct HTTPS request was blocked as expected"
+        fi
+        
+        echo "Testing that HTTPS through proxy succeeds..."
+        if curl --proxy http://squid-proxy:3128 -s --connect-timeout 10 https://github.com > /dev/null 2>&1; then
+          echo "SUCCESS: HTTPS request through proxy succeeded"
+        else
+          echo "ERROR: HTTPS request through proxy failed!"
+          exit 1
+        fi
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
     - name: Generate files
       run: __tests__/create-cache-files.sh proxy test-cache
     - name: Save cache
@@ -104,22 +179,94 @@ jobs:
       with:
         key: test-proxy-${{ github.run_id }}
         path: test-cache
+
   test-proxy-restore:
     needs: test-proxy-save
     runs-on: ubuntu-latest
     container:
       image: ubuntu:latest
-      options: --dns 127.0.0.1
+      options: --cap-add=NET_ADMIN
     services:
       squid-proxy:
         image: ubuntu/squid:latest
         ports:
           - 3128:3128
     env:
+      http_proxy: http://squid-proxy:3128
       https_proxy: http://squid-proxy:3128
     steps:
+    - name: Wait for proxy to be ready
+      shell: bash
+      run: |
+        echo "Waiting for squid proxy to be ready..."
+        echo "Resolving squid-proxy hostname:"
+        getent hosts squid-proxy || echo "DNS resolution failed"
+        for i in $(seq 1 30); do
+          if (echo > /dev/tcp/squid-proxy/3128) 2>/dev/null; then
+            echo "Proxy is ready!"
+            exit 0
+          fi
+          echo "Attempt $i: Proxy not ready, waiting..."
+          sleep 2
+        done
+        echo "Proxy failed to become ready"
+        exit 1
+      env:
+        http_proxy: ""
+        https_proxy: ""
+    - name: Install dependencies
+      run: |
+        apt-get update
+        apt-get install -y iptables curl
+    - name: Verify proxy is working
+      run: |
+        echo "Testing proxy connectivity..."
+        curl -s -o /dev/null -w "%{http_code}" --proxy http://squid-proxy:3128 http://github.com || true
+        echo "Proxy verification complete"
+    - name: Block direct traffic (enforce proxy usage)
+      run: |
+        # Get the squid-proxy container IP
+        PROXY_IP=$(getent hosts squid-proxy | awk '{ print $1 }')
+        echo "Proxy IP: $PROXY_IP"
+        
+        # Allow loopback traffic
+        iptables -A OUTPUT -o lo -j ACCEPT
+        
+        # Allow traffic to the proxy container
+        iptables -A OUTPUT -d $PROXY_IP -j ACCEPT
+        
+        # Allow established connections
+        iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+        
+        # Allow DNS (needed for initial resolution)
+        iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
+        iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
+        
+        # Block all other outbound traffic (HTTP/HTTPS)
+        iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+        iptables -A OUTPUT -p tcp --dport 443 -j REJECT
+        
+        # Log the iptables rules for debugging
+        iptables -L -v -n
+    - name: Verify direct HTTPS is blocked
+      run: |
+        echo "Testing that direct HTTPS requests fail..."
+        if curl --noproxy '*' -s --connect-timeout 5 https://github.com > /dev/null 2>&1; then
+          echo "ERROR: Direct HTTPS request succeeded - blocking is not working!"
+          exit 1
+        else
+          echo "SUCCESS: Direct HTTPS request was blocked as expected"
+        fi
+        
+        echo "Testing that HTTPS through proxy succeeds..."
+        if curl --proxy http://squid-proxy:3128 -s --connect-timeout 10 https://github.com > /dev/null 2>&1; then
+          echo "SUCCESS: HTTPS request through proxy succeeded"
+        else
+          echo "ERROR: HTTPS request through proxy failed!"
+          exit 1
+        fi
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
     - name: Restore cache
       uses: ./
       with:

.licensed.yml

@@ -1,6 +1,14 @@
 sources:
   npm: true
 
+# Force UTF-8 encoding
+encoding: 'utf-8'
+
+# Ignore problematic packages with encoding issues
+ignored:
+  npm:
+    - form-data
+
 allowed:
   - apache-2.0
   - bsd-2-clause
@@ -19,4 +27,5 @@ reviewed:
   - fs.realpath # ISC
   - glob # ISC
   - prettier # MIT
-  - lodash # MIT
+  - lodash # MIT
+  - "@actions/http-client" # MIT

CONTRIBUTING.md

@@ -16,7 +16,7 @@ Please note that this project is released with a [Contributor Code of Conduct][c
 1. [Fork][fork] and clone the repository
 2. Configure and install the dependencies: `npm install`
 3. Make sure the tests pass on your machine: `npm run test`
-4. Create a new branch: `git checkout -b my-branch-name`
+4. Create a new branch: `git switch -c my-branch-name`
 5. Make your change, add tests, and make sure the tests still pass
 6. Push to your fork and [submit a pull request][pr]
 7. Pat your self on the back and wait for your pull request to be reviewed and merged.

README.md

@@ -17,20 +17,32 @@ See ["Caching dependencies to speed up workflows"](https://docs.github.com/en/ac
 
 ### ⚠️ Important changes
 
+> [!IMPORTANT]
+> `actions/cache@v5` runs on the Node.js 24 runtime and requires a minimum Actions Runner version of `2.327.1`.
+> If you are using self-hosted runners, ensure they are updated before upgrading.
+
 The cache backend service has been rewritten from the ground up for improved performance and reliability. [actions/cache](https://github.com/actions/cache) now integrates with the new cache service (v2) APIs.
 
-The new service will gradually roll out as of **February 1st, 2025**. The legacy service will also be sunset on the same date. Changes in these release are **fully backward compatible**.
+The new service will gradually roll out as of **February 1st, 2025**. The legacy service will also be sunset on the same date. Changes in these releases are **fully backward compatible**.
 
 **We are deprecating some versions of this action**. We recommend upgrading to version `v4` or `v3` as soon as possible before **February 1st, 2025.** (Upgrade instructions below).
 
-If you are using pinned SHAs, please use the SHAs of versions `v4.2.0` or `v3.4.0`
+If you are using pinned SHAs, please use the SHAs of versions `v4.2.0` or `v3.4.0`.
 
 If you do not upgrade, all workflow runs using any of the deprecated [actions/cache](https://github.com/actions/cache) will fail.
 
 Upgrading to the recommended versions will not break your workflows.
 
+> **Additionally, if you are managing your own GitHub runners, you must update your runner version to `2.231.0` or newer to ensure compatibility with the new cache service.**  
+> Failure to update both the action version and your runner version may result in workflow failures after the migration date.
+
 Read more about the change & access the migration guide: [reference to the announcement](https://github.com/actions/cache/discussions/1510).
 
+### v5
+
+* Updated to node 24
+* Requires a minimum Actions Runner version of `2.327.1`
+
 ### v4
 
 * Integrated with the new cache service (v2) APIs.
@@ -66,6 +78,8 @@ Create a workflow `.yml` file in your repository's `.github/workflows` directory
 
 If you are using this inside a container, a POSIX-compliant `tar` needs to be included and accessible from the execution path.
 
+Note: `actions/cache@v5` runs on Node.js 24 and requires a minimum Actions Runner version of `2.327.1`.
+
 If you are using a `self-hosted` Windows runner, `GNU tar` and `zstd` are required for [Cross-OS caching](https://github.com/actions/cache/blob/main/tips-and-workarounds.md#cross-os-cache) to work. They are also recommended to be installed in general so the performance is on par with `hosted` Windows runners.
 
 ### Inputs
@@ -109,11 +123,11 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
 
     - name: Cache Primes
       id: cache-primes
-      uses: actions/cache@v4
+      uses: actions/cache@v5
       with:
         path: prime-numbers
         key: ${{ runner.os }}-primes
@@ -140,11 +154,11 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
 
     - name: Restore cached Primes
       id: cache-primes-restore
-      uses: actions/cache/restore@v4
+      uses: actions/cache/restore@v5
       with:
         path: |
           path/to/dependencies
@@ -155,7 +169,7 @@ jobs:
     .
     - name: Save Primes
       id: cache-primes-save
-      uses: actions/cache/save@v4
+      uses: actions/cache/save@v5
       with:
         path: |
           path/to/dependencies
@@ -210,7 +224,7 @@ A cache key can include any of the contexts, functions, literals, and operators
 For example, using the [`hashFiles`](https://docs.github.com/en/actions/learn-github-actions/expressions#hashfiles) function allows you to create a new cache when dependencies change.
 
 ```yaml
-  - uses: actions/cache@v4
+  - uses: actions/cache@v5
     with:
       path: |
         path/to/dependencies
@@ -228,7 +242,7 @@ Additionally, you can use arbitrary command output in a cache key, such as a dat
       echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT
     shell: bash
 
-  - uses: actions/cache@v4
+  - uses: actions/cache@v5
     with:
       path: path/to/dependencies
       key: ${{ runner.os }}-${{ steps.get-date.outputs.date }}-${{ hashFiles('**/lockfiles') }}
@@ -248,9 +262,9 @@ Example:
 
 ```yaml
 steps:
-  - uses: actions/checkout@v4
+  - uses: actions/checkout@v6
 
-  - uses: actions/cache@v4
+  - uses: actions/cache@v5
     id: cache
     with:
       path: path/to/dependencies
@@ -278,11 +292,11 @@ jobs:
   build-linux:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Cache Primes
         id: cache-primes
-        uses: actions/cache@v4
+        uses: actions/cache@v5
         with:
           path: prime-numbers
           key: primes
@@ -293,7 +307,7 @@ jobs:
 
       - name: Cache Numbers
         id: cache-numbers
-        uses: actions/cache@v4
+        uses: actions/cache@v5
         with:
           path: numbers
           key: primes
@@ -305,11 +319,11 @@ jobs:
   build-windows:
     runs-on: windows-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Cache Primes
         id: cache-primes
-        uses: actions/cache@v4
+        uses: actions/cache@v5
         with:
           path: prime-numbers
           key: primes
@@ -335,10 +349,24 @@ There are a number of community practices/workarounds to fulfill specific requir
 
 Please note that Windows environment variables (like `%LocalAppData%`) will NOT be expanded by this action. Instead, prefer using `~` in your paths which will expand to the HOME directory. For example, instead of `%LocalAppData%`, use `~\AppData\Local`. For a list of supported default environment variables, see the [Learn GitHub Actions: Variables](https://docs.github.com/en/actions/learn-github-actions/variables#default-environment-variables) page.
 
-## Contributing
+## Note
 
-We would love for you to contribute to `actions/cache`. Pull requests are welcome! Please see the [CONTRIBUTING.md](CONTRIBUTING.md) for more information.
+Thank you for your interest in this GitHub repo, however, right now we are not taking contributions. 
+
+We continue to focus our resources on strategic areas that help our customers be successful while making developers' lives easier. While GitHub Actions remains a key part of this vision, we are allocating resources towards other areas of Actions and are not taking contributions to this repository at this time. The GitHub public roadmap is the best place to follow along for any updates on features we’re working on and what stage they’re in.
+
+We are taking the following steps to better direct requests related to GitHub Actions, including:
+
+1. We will be directing questions and support requests to our [Community Discussions area](https://github.com/orgs/community/discussions/categories/actions)
+
+2. High Priority bugs can be reported through Community Discussions or you can report these to our support team https://support.github.com/contact/bug-report.
+
+3. Security Issues should be handled as per our [security.md](SECURITY.md).
+
+We will still provide security updates for this project and fix major breaking changes during this time.
+
+You are welcome to still raise bugs in this repo.
 
 ## License
 
-The scripts and documentation in this project are released under the [MIT License](LICENSE)
+The scripts and documentation in this project are released under the [MIT License](LICENSE)

RELEASES.md

@@ -1,5 +1,65 @@
 # Releases
 
+## How to prepare a release
+
+> [!NOTE]  
+> Relevant for maintainers with write access only.
+
+1. Switch to a new branch from `main`.
+1. Run `npm test` to ensure all tests are passing.
+1. Update the version in [`package.json`](package.json).
+1. Run `npm run build` to update the compiled files.
+1. Update this [`RELEASES.md`](RELEASES.md) with the new version and changes in the `## Changelog` section.
+1. Run `licensed cache` to update the license report.
+1. Run `licensed status` and resolve any warnings by updating the [`.licensed.yml`](.licensed.yml) file with the exceptions.
+1. Commit your changes and push your branch upstream.
+1. Open a pull request against `main` and get it reviewed and merged.
+1. Draft a new release https://github.com/actions/cache/releases use the same version number used in `package.json`
+    1. Create a new tag with the version number.
+    1. Auto generate release notes and update them to match the changes you made in `RELEASES.md`.
+    1. Toggle the set as the latest release option.
+    1. Publish the release.
+1. Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml
+    1. There should be a workflow run queued with the same version number.
+    1. Approve the run to publish the new version and update the major tags for this action. 
+
+## Changelog
+
+### 5.0.3
+
+- Bump `@actions/cache` to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)
+- Bump `@actions/core` to v2.0.3
+
+### 5.0.2
+
+- Bump `@actions/cache` to v5.0.3 [#1692](https://github.com/actions/cache/pull/1692)
+
+### 5.0.1
+
+- Update `@azure/storage-blob` to `^12.29.1` via `@actions/cache@5.0.1` [#1685](https://github.com/actions/cache/pull/1685)
+
+### 5.0.0
+
+> [!IMPORTANT]
+> `actions/cache@v5` runs on the Node.js 24 runtime and requires a minimum Actions Runner version of `2.327.1`.
+> If you are using self-hosted runners, ensure they are updated before upgrading.
+
+### 4.3.0
+
+- Bump `@actions/cache` to [v4.1.0](https://github.com/actions/toolkit/pull/2132)
+
+### 4.2.4
+
+- Bump `@actions/cache` to v4.0.5
+
+### 4.2.3
+
+- Bump `@actions/cache` to v4.0.3 (obfuscates SAS token in debug logs for cache entries)
+
+### 4.2.2
+
+- Bump `@actions/cache` to v4.0.2
+
 ### 4.2.1
 
 - Bump `@actions/cache` to v4.0.1

action.yml

@@ -38,7 +38,7 @@ outputs:
   cache-hit:
     description: 'A boolean value to indicate an exact match was found for the primary key'
 runs:
-  using: 'node20'
+  using: 'node24'
   main: 'dist/restore/index.js'
   post: 'dist/save/index.js'
   post-if: "success()"

caching-strategies.md

@@ -12,7 +12,7 @@ This document lists some of the strategies (and example workflows if possible) w
 jobs:
   build:
     runs-on: ubuntu-latest
-    - uses: actions/cache@v4
+    - uses: actions/cache@v5
       with:
         key: ${{ some-metadata }}-cache
 ```
@@ -24,7 +24,7 @@ In your workflows, you can use different strategies to name your key depending o
 One of the most common use case is to use hash for lockfile as key. This way, same cache will be restored for a lockfile until there's a change in dependencies listed in lockfile.
 
 ```yaml
-  - uses: actions/cache@v4
+  - uses: actions/cache@v5
     with:
       path: |
         path/to/dependencies
@@ -37,7 +37,7 @@ One of the most common use case is to use hash for lockfile as key. This way, sa
 If cache is not found matching the primary key, restore keys can be used to download the closest matching cache that was recently created. This ensures that the build/install step will need to additionally fetch just a handful of newer dependencies, and hence saving build time.
 
 ```yaml
-  - uses: actions/cache@v4
+  - uses: actions/cache@v5
     with:
       path: |
         path/to/dependencies
@@ -54,7 +54,7 @@ The restore keys can be provided as a complete name, or a prefix, read more [her
 In case of workflows with matrix running for multiple Operating Systems, the caches can be stored separately for each of them. This can be used in combination with hashfiles in case multiple caches are being generated per OS.
 
 ```yaml
-  - uses: actions/cache@v4
+  - uses: actions/cache@v5
     with:
       path: |
         path/to/dependencies
@@ -73,7 +73,7 @@ Caches scoped to the particular workflow run id or run attempt can be stored and
 On similar lines, commit sha can be used to create a very specialized and short lived cache.
 
 ```yaml
-  - uses: actions/cache@v4
+  - uses: actions/cache@v5
     with:
       path: |
         path/to/dependencies
@@ -86,7 +86,7 @@ On similar lines, commit sha can be used to create a very specialized and short
 Cache key can be formed by combination of more than one metadata, evaluated info.
 
 ```yaml
-  - uses: actions/cache@v4
+  - uses: actions/cache@v5
     with:
       path: |
         path/to/dependencies
@@ -146,9 +146,9 @@ In case you are using a centralized job to create and save your cache that can b
 
 ```yaml
 steps:
-  - uses: actions/checkout@v4
+  - uses: actions/checkout@v6
 
-  - uses: actions/cache/restore@v4
+  - uses: actions/cache/restore@v5
     id: cache
     with:
       path: path/to/dependencies
@@ -171,9 +171,9 @@ You can use the output of this action to exit the workflow on cache miss. This w
 
 ```yaml
 steps:
-  - uses: actions/checkout@v4
+  - uses: actions/checkout@v6
 
-  - uses: actions/cache/restore@v4
+  - uses: actions/cache/restore@v5
     id: cache
     with:
       path: path/to/dependencies
@@ -194,7 +194,7 @@ steps:
 If you want to avoid re-computing the cache key again in `save` action, the outputs from `restore` action can be used as input to the `save` action.
 
 ```yaml
-  - uses: actions/cache/restore@v4
+  - uses: actions/cache/restore@v5
     id: restore-cache
     with:
       path: |
@@ -204,7 +204,7 @@ If you want to avoid re-computing the cache key again in `save` action, the outp
   .
   .
   .
-  - uses: actions/cache/save@v4
+  - uses: actions/cache/save@v5
     with:
       path: |
         path/to/dependencies
@@ -219,7 +219,7 @@ On the other hand, the key can also be explicitly re-computed while executing th
 Let's say we have a restore step that computes key at runtime
 
 ```yaml
-uses: actions/cache/restore@v4
+uses: actions/cache/restore@v5
 id: restore-cache
 with:
     key: cache-${{ hashFiles('**/lockfiles') }}
@@ -228,7 +228,7 @@ with:
 Case 1: Where an user would want to reuse the key as it is
 
 ```yaml
-uses: actions/cache/save@v4
+uses: actions/cache/save@v5
 with:
     key: ${{ steps.restore-cache.outputs.cache-primary-key }}
 ```
@@ -236,7 +236,7 @@ with:
 Case 2: Where the user would want to re-evaluate the key
 
 ```yaml
-uses: actions/cache/save@v4
+uses: actions/cache/save@v5
 with:
     key: npm-cache-${{hashfiles(package-lock.json)}}
 ```
@@ -253,12 +253,12 @@ In case of multi-module projects, where the built artifact of one project needs
 
 ```yaml
 steps:
-  - uses: actions/checkout@v4
+  - uses: actions/checkout@v6
 
   - name: Build
     run: ./build-parent-module.sh
 
-  - uses: actions/cache/save@v4
+  - uses: actions/cache/save@v5
     id: cache
     with:
       path: path/to/dependencies
@@ -269,9 +269,9 @@ steps:
 
 ```yaml
 steps:
-  - uses: actions/checkout@v4
+  - uses: actions/checkout@v6
 
-  - uses: actions/cache/restore@v4
+  - uses: actions/cache/restore@v5
     id: cache
     with:
       path: path/to/dependencies
@@ -280,7 +280,7 @@ steps:
   - name: Install Dependencies
     if: steps.cache.outputs.cache-hit != 'true'
     run: ./install.sh
-      
+
   - name: Build
     run: ./build-child-module.sh
 

examples.md

@@ -45,7 +45,7 @@
 ## Bun
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~/.bun/install/cache
@@ -55,7 +55,7 @@
 ### Windows
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~\.bun
@@ -67,7 +67,7 @@
 Using [NuGet lock files](https://docs.microsoft.com/nuget/consume-packages/package-references-in-project-files#locking-dependencies):
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: ~/.nuget/packages
     key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
@@ -76,10 +76,10 @@ Using [NuGet lock files](https://docs.microsoft.com/nuget/consume-packages/packa
 ```
 
 Depending on the environment, huge packages might be pre-installed in the global cache folder.
-With `actions/cache@v4` you can now exclude unwanted packages with [exclude pattern](https://github.com/actions/toolkit/tree/main/packages/glob#exclude-patterns)
+From `actions/cache@v3` onwards, you can now exclude unwanted packages with [exclude pattern](https://github.com/actions/toolkit/tree/main/packages/glob#exclude-patterns)
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~/.nuget/packages
@@ -96,7 +96,7 @@ Or you could move the cache folder like below.
 env:
   NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages
 steps:
-  - uses: actions/cache@v4
+  - uses: actions/cache@v5
     with:
       path: ${{ github.workspace }}/.nuget/packages
       key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
@@ -108,7 +108,7 @@ steps:
 
 ```yaml
 - name: Cache lein project dependencies
-  uses: actions/cache@v4
+  uses: actions/cache@v5
   with:
     path: ~/.m2/repository
     key: ${{ runner.os }}-clojure-${{ hashFiles('**/project.clj') }}
@@ -122,7 +122,7 @@ steps:
 ### POSIX
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: ~/.dub
     key: ${{ runner.os }}-dub-${{ hashFiles('**/dub.selections.json') }}
@@ -133,7 +133,7 @@ steps:
 ### Windows
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: ~\AppData\Local\dub
     key: ${{ runner.os }}-dub-${{ hashFiles('**/dub.selections.json') }}
@@ -146,7 +146,7 @@ steps:
 ### Linux
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~/.deno
@@ -157,7 +157,7 @@ steps:
 ### macOS
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~/.deno
@@ -168,7 +168,7 @@ steps:
 ### Windows
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~\.deno
@@ -179,7 +179,7 @@ steps:
 ## Elixir - Mix
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       deps
@@ -191,7 +191,7 @@ steps:
 
 ## Erlang - Rebar3
 ```yaml
-- uses: actions/cache@v2
+- uses: actions/cache@v5
   with:
     path: |
       ~/.cache/rebar3
@@ -206,7 +206,7 @@ steps:
 ### Linux
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~/.cache/go-build
@@ -219,7 +219,7 @@ steps:
 ### macOS
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~/Library/Caches/go-build
@@ -232,7 +232,7 @@ steps:
 ### Windows
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~\AppData\Local\go-build
@@ -248,7 +248,7 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 
 ```yaml
 - name: Cache ~/.cabal/packages, ~/.cabal/store and dist-newstyle
-  uses: actions/cache@v4
+  uses: actions/cache@v5
   with:
     path: |
       ~/.cabal/packages
@@ -263,14 +263,14 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 ### Linux or macOS
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   name: Cache ~/.stack
   with:
     path: ~/.stack
     key: ${{ runner.os }}-stack-global-${{ hashFiles('stack.yaml') }}-${{ hashFiles('package.yaml') }}
     restore-keys: |
       ${{ runner.os }}-stack-global-
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   name: Cache .stack-work
   with:
     path: .stack-work
@@ -282,16 +282,16 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 ### Windows
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   name: Cache %APPDATA%\stack %LOCALAPPDATA%\Programs\stack
   with:
     path: |
       ~\AppData\Roaming\stack
-      ~\AppData\Local\Programs\stack    
+      ~\AppData\Local\Programs\stack
     key: ${{ runner.os }}-stack-global-${{ hashFiles('stack.yaml') }}-${{ hashFiles('package.yaml') }}
     restore-keys: |
       ${{ runner.os }}-stack-global-
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   name: Cache .stack-work
   with:
     path: .stack-work
@@ -305,7 +305,7 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 > **Note** Ensure no Gradle daemons are running anymore when your workflow completes. Creating the cache package might fail due to locks being held by Gradle. Refer to the [Gradle Daemon documentation](https://docs.gradle.org/current/userguide/gradle_daemon.html) on how to disable or stop the Gradle Daemons.
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~/.gradle/caches
@@ -319,7 +319,7 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 
 ```yaml
 - name: Cache local Maven repository
-  uses: actions/cache@v4
+  uses: actions/cache@v5
   with:
     path: ~/.m2/repository
     key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
@@ -355,7 +355,7 @@ After [deprecation](https://github.blog/changelog/2022-10-11-github-actions-depr
 `Get npm cache directory` step can then be used with `actions/cache` as shown below
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   id: npm-cache # use this to check for `cache-hit` ==> if: steps.npm-cache.outputs.cache-hit != 'true'
   with:
     path: ${{ steps.npm-cache-dir.outputs.dir }}
@@ -368,7 +368,7 @@ After [deprecation](https://github.blog/changelog/2022-10-11-github-actions-depr
 
 ```yaml
 - name: restore lerna
-  uses: actions/cache@v4
+  uses: actions/cache@v5
   with:
     path: '**/node_modules'
     key: ${{ runner.os }}-${{ hashFiles('**/yarn.lock') }}
@@ -382,7 +382,7 @@ The yarn cache directory will depend on your operating system and version of `ya
   id: yarn-cache-dir-path
   run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
 
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
   with:
     path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
@@ -400,7 +400,7 @@ The yarn 2 cache directory will depend on your config. See https://yarnpkg.com/c
   id: yarn-cache-dir-path
   run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
 
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
   with:
     path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
@@ -415,7 +415,7 @@ Esy allows you to export built dependencies and import pre-built dependencies.
 ```yaml
     - name: Restore Cache
       id: restore-cache
-      uses: actions/cache@v4
+      uses: actions/cache@v5
       with:
         path: _export
         key:  ${{ runner.os }}-esy-${{ hashFiles('esy.lock/index.json') }}
@@ -444,7 +444,7 @@ Esy allows you to export built dependencies and import pre-built dependencies.
   id: composer-cache
   run: |
     echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: ${{ steps.composer-cache.outputs.dir }}
     key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
@@ -465,7 +465,7 @@ Locations:
 ### Simple example
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: ~/.cache/pip
     key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
@@ -478,7 +478,7 @@ Replace `~/.cache/pip` with the correct `path` if not using Ubuntu.
 ### Multiple OS's in a workflow
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   if: startsWith(runner.os, 'Linux')
   with:
     path: ~/.cache/pip
@@ -486,7 +486,7 @@ Replace `~/.cache/pip` with the correct `path` if not using Ubuntu.
     restore-keys: |
       ${{ runner.os }}-pip-
 
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   if: startsWith(runner.os, 'macOS')
   with:
     path: ~/Library/Caches/pip
@@ -494,7 +494,7 @@ Replace `~/.cache/pip` with the correct `path` if not using Ubuntu.
     restore-keys: |
       ${{ runner.os }}-pip-
 
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   if: startsWith(runner.os, 'Windows')
   with:
     path: ~\AppData\Local\pip\Cache
@@ -520,7 +520,7 @@ jobs:
         - os: windows-latest
           path: ~\AppData\Local\pip\Cache
     steps:
-    - uses: actions/cache@v4
+    - uses: actions/cache@v5
       with:
         path: ${{ matrix.path }}
         key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
@@ -539,7 +539,7 @@ jobs:
     echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT
 
 - name: pip cache
-  uses: actions/cache@v4
+  uses: actions/cache@v5
   with:
     path: ${{ steps.pip-cache.outputs.dir }}
     key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
@@ -553,11 +553,11 @@ jobs:
 - name: Set up Python
   # The actions/cache step below uses this id to get the exact python version
   id: setup-python
-  uses: actions/setup-python@v2
+  uses: actions/setup-python@v6
 
   ⋮
 
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: ~/.local/share/virtualenvs
     key: ${{ runner.os }}-python-${{ steps.setup-python.outputs.python-version }}-pipenv-${{ hashFiles('Pipfile.lock') }}
@@ -584,7 +584,7 @@ For renv, the cache directory will vary by OS. The `RENV_PATHS_ROOT` environment
     cat("##[set-output name=r-version;]", R.Version()$version.string, sep = "")
   shell: Rscript {0}
 - name: Restore Renv package cache
-  uses: actions/cache@v4
+  uses: actions/cache@v5
   with:
     path: ${{ env.RENV_PATHS_ROOT }}
     key: ${{ steps.get-version.outputs.os-version }}-${{ steps.get-version.outputs.r-version }}-${{ inputs.cache-version }}-${{ hashFiles('renv.lock') }}
@@ -610,7 +610,7 @@ whenever possible:
 ## Rust - Cargo
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: |
       ~/.cargo/bin/
@@ -625,7 +625,7 @@ whenever possible:
 
 ```yaml
 - name: Cache SBT
-  uses: actions/cache@v4
+  uses: actions/cache@v5
   with:
     path: |
       ~/.ivy2/cache
@@ -636,7 +636,7 @@ whenever possible:
 ## Swift, Objective-C - Carthage
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: Carthage
     key: ${{ runner.os }}-carthage-${{ hashFiles('**/Cartfile.resolved') }}
@@ -647,7 +647,7 @@ whenever possible:
 ## Swift, Objective-C - CocoaPods
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: Pods
     key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }}
@@ -658,7 +658,7 @@ whenever possible:
 ## Swift - Swift Package Manager
 
 ```yaml
-- uses: actions/cache@v4
+- uses: actions/cache@v5
   with:
     path: .build
     key: ${{ runner.os }}-spm-${{ hashFiles('**/Package.resolved') }}
@@ -673,7 +673,7 @@ env:
   MINT_PATH: .mint/lib
   MINT_LINK_PATH: .mint/bin
 steps:
-  - uses: actions/cache@v4
+  - uses: actions/cache@v5
     with:
       path: .mint
       key: ${{ runner.os }}-mint-${{ hashFiles('**/Mintfile') }}
@@ -689,7 +689,7 @@ steps:
 
 ```yaml
 - name: Cache Bazel
-  uses: actions/cache@v4
+  uses: actions/cache@v5
   with:
     path: |
       ~/.cache/bazel
@@ -703,7 +703,7 @@ steps:
 
 ```yaml
 - name: Cache Bazel
-  uses: actions/cache@v4
+  uses: actions/cache@v5
   with:
     path: |
       /private/var/tmp/_bazel_runner/

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cache",
-  "version": "4.2.1",
+  "version": "5.0.3",
   "private": true,
   "description": "Cache dependencies and build outputs",
   "main": "dist/restore/index.js",
@@ -23,29 +23,32 @@
   "author": "GitHub",
   "license": "MIT",
   "dependencies": {
-    "@actions/cache": "^4.0.1",
-    "@actions/core": "^1.11.1",
-    "@actions/exec": "^1.1.1",
-    "@actions/io": "^1.1.3"
+    "@actions/cache": "^5.0.5",
+    "@actions/core": "^2.0.3",
+    "@actions/exec": "^2.0.0",
+    "@actions/io": "^2.0.0"
   },
   "devDependencies": {
-    "@types/jest": "^27.5.2",
+    "@types/jest": "^29.5.14",
     "@types/nock": "^11.1.0",
-    "@types/node": "^16.18.3",
-    "@typescript-eslint/eslint-plugin": "^5.45.0",
-    "@typescript-eslint/parser": "^5.45.0",
+    "@types/node": "^24.1.0",
+    "@typescript-eslint/eslint-plugin": "^7.2.0",
+    "@typescript-eslint/parser": "^7.2.0",
     "@vercel/ncc": "^0.38.3",
     "eslint": "^8.28.0",
-    "eslint-config-prettier": "^8.5.0",
-    "eslint-plugin-import": "^2.26.0",
-    "eslint-plugin-jest": "^26.9.0",
-    "eslint-plugin-prettier": "^4.2.1",
-    "eslint-plugin-simple-import-sort": "^7.0.0",
-    "jest": "^28.1.3",
-    "jest-circus": "^27.5.1",
+    "eslint-config-prettier": "^10.1.8",
+    "eslint-plugin-import": "^2.32.0",
+    "eslint-plugin-jest": "^27.9.0",
+    "eslint-plugin-prettier": "^5.5.3",
+    "eslint-plugin-simple-import-sort": "^12.1.1",
+    "jest": "^29.7.0",
+    "jest-circus": "^29.7.0",
     "nock": "^13.2.9",
-    "prettier": "^2.8.0",
-    "ts-jest": "^28.0.8",
-    "typescript": "^4.9.3"
+    "prettier": "^3.6.2",
+    "ts-jest": "^29.4.0",
+    "typescript": "^5.8.3"
+  },
+  "engines": {
+    "node": ">=24"
   }
-}
+}

restore/README.md

@@ -35,9 +35,9 @@ If you are using separate jobs to create and save your cache(s) to be reused by
 
 ```yaml
 steps:
-  - uses: actions/checkout@v4
+  - uses: actions/checkout@v6
 
-  - uses: actions/cache/restore@v4
+  - uses: actions/cache/restore@v5
     id: cache
     with:
       path: path/to/dependencies
@@ -64,12 +64,12 @@ In case of multi-module projects, where the built artifact of one project needs
 
 ```yaml
 steps:
-  - uses: actions/checkout@v4
+  - uses: actions/checkout@v6
 
   - name: Build
     run: /build-parent-module.sh
 
-  - uses: actions/cache/save@v4
+  - uses: actions/cache/save@v5
     id: cache
     with:
       path: path/to/dependencies
@@ -80,9 +80,9 @@ steps:
 
 ```yaml
 steps:
-  - uses: actions/checkout@v4
+  - uses: actions/checkout@v6
 
-  - uses: actions/cache/restore@v4
+  - uses: actions/cache/restore@v5
     id: cache
     with:
       path: path/to/dependencies
@@ -107,9 +107,9 @@ To fail if there is no cache hit for the primary key, leave `restore-keys` empty
 
 ```yaml
 steps:
-  - uses: actions/checkout@v4
+  - uses: actions/checkout@v6
 
-  - uses: actions/cache/restore@v4
+  - uses: actions/cache/restore@v5
     id: cache
     with:
       path: path/to/dependencies