2.8.2

Bumps the prd-minor group with 1 update: [smol-toml](https://github.com/squirrelchat/smol-toml).


Updates `smol-toml` from 1.4.2 to 1.5.2
- [Release notes](https://github.com/squirrelchat/smol-toml/releases)
- [Commits](https://github.com/squirrelchat/smol-toml/compare/v1.4.2...v1.5.2)

---
updated-dependencies:
- dependency-name: smol-toml
  dependency-version: 1.5.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prd-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/dependabot.yaml

@@ -0,0 +1,50 @@
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/optimizing-pr-creation-version-updates#setting-up-a-cooldown-period-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: cargo
+    directories:
+      - tests
+      - tests/wasm-workspace
+    schedule:
+      interval: weekly
+    # https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#groups--
+    # 1 PR per week and group
+    groups:
+      cargo-major:
+        update-types: ["major"]
+      cargo-minor:
+        update-types: ["minor"]
+      cargo-patch:
+        update-types: ["patch"]
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+    groups:
+      actions:
+        # Combine all images of the last week
+        patterns: ["*"]
+  - package-ecosystem: npm
+    directory: /
+    schedule:
+      interval: weekly
+    groups:
+      prd-major:
+        dependency-type: "production"
+        update-types: ["major"]
+      prd-minor:
+        dependency-type: "production"
+        update-types: ["minor"]
+      prd-patch:
+        dependency-type: "production"
+        update-types: ["patch"]
+      dev-major:
+        dependency-type: "development"
+        update-types: ["major"]
+      dev-minor:
+        dependency-type: "development"
+        update-types: ["minor"]
+      dev-patch:
+        dependency-type: "development"
+        update-types: ["patch"]

.github/workflows/buildjet.yml

@@ -2,8 +2,11 @@ name: buildjet
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   buildjet:
+    if: github.repository == 'Swatinem/rust-cache'
     strategy:
       fail-fast: false
       matrix:
@@ -16,7 +19,9 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --no-self-update
 

.github/workflows/check-dist.yml

@@ -1,24 +1,29 @@
 name: check dist/
 
 on:
-   push:
-     branches:
-       - master
-     paths-ignore:
-       - '**.md'
-   pull_request:
-     paths-ignore:
-       - '**.md'
-   workflow_dispatch:
+  push:
+    branches:
+      - master
+    paths-ignore:
+      - "**.md"
+  pull_request:
+    paths-ignore:
+      - "**.md"
+  workflow_dispatch:
+
+permissions: {}
 
 jobs:
   check-dist:
+    if: github.repository == 'Swatinem/rust-cache'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - name: Setup Node.js 20.x
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
           node-version: 20.x
           cache: npm
@@ -38,7 +43,7 @@ jobs:
           fi
         id: diff
 
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         if: ${{ failure() && steps.diff.conclusion == 'failure' }}
         with:
           name: dist

.github/workflows/coverage.yml

@@ -2,8 +2,11 @@ name: coverage
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   coverage:
+    if: github.repository == 'Swatinem/rust-cache'
     strategy:
       fail-fast: false
       matrix:
@@ -16,11 +19,15 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --component llvm-tools-preview --no-self-update
 
-      - uses: taiki-e/install-action@cargo-llvm-cov
+      - uses: taiki-e/install-action@763e3324d4fd026c9bd284c504378585777a87d5 # v2.62.57
+        with:
+          tool: cargo-llvm-cov
 
       - uses: ./
         with:

.github/workflows/dependabot.yml

@@ -0,0 +1,65 @@
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#enabling-automerge-on-a-pull-request
+
+name: Dependabot Automation
+on: pull_request
+
+permissions: {}
+
+jobs:
+  automerge:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write # for pushing commits
+      pull-requests: write # for merging PRs
+    if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'Swatinem/rust-cache'
+    steps:
+      - name: Fetch metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@08eff52bf64351f401fb50d4972fa95b9f2c2d1b # v2.4.0
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          fetch-depth: 2
+          persist-credentials: false
+        if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
+      - name: Check if package-lock.json has been changed
+        if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
+        id: npm
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+        run: |
+          if ! git diff --quiet HEAD~1.. -- package-lock.json; then
+            echo "changed=true" >> $GITHUB_OUTPUT
+            echo "changed=true, checking out $PR_URL to allow amend"
+            gh pr checkout "$PR_URL"
+          fi
+      - name: Setup node if necessary
+        if: steps.npm.outputs.changed != ''
+        uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
+        with:
+          node-version: 20.x
+          cache: npm
+      - name: Re-generate and commit dist/ if changed
+        id: amend
+        if: steps.npm.outputs.changed != ''
+        run: |
+          npm ci
+          npm run prepare
+          if ! git diff --quiet dist/*/index.js; then
+            echo "dist/ changed, amending last commit"
+            export $(git log -1 --pretty=format:'GIT_COMMITTER_NAME=%cn GIT_COMMITTER_EMAIL=%ce GIT_AUTHOR_NAME=%an GIT_AUTHOR_EMAIL=%ae')
+            git fetch --unshallow
+            echo "Before amend:" && git show --name-only --pretty=
+            git commit --amend --no-edit --no-reset-author -- dist/*/index.js
+            echo "After amend:" && git show --name-only --pretty=
+            git push --force-with-lease origin HEAD
+            echo "changed=true" >> $GITHUB_OUTPUT
+          fi
+      - name: Auto-merge Patch PRs
+        if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}

.github/workflows/git-registry.yml

@@ -2,8 +2,11 @@ name: git-registry
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   git-registry:
+    if: github.repository == 'Swatinem/rust-cache'
     strategy:
       fail-fast: false
       matrix:
@@ -17,7 +20,9 @@ jobs:
       CARGO_REGISTRIES_CRATES_IO_PROTOCOL: git
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --no-self-update
 

.github/workflows/install.yml

@@ -2,8 +2,11 @@ name: install
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   install:
+    if: github.repository == 'Swatinem/rust-cache'
     strategy:
       fail-fast: false
       matrix:
@@ -16,7 +19,9 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --no-self-update
 

.github/workflows/multi-job-cache.yml

@@ -0,0 +1,74 @@
+name: multi-job-cache
+
+on: [push, pull_request]
+
+permissions: {}
+
+jobs:
+  multi-job-cache-1:
+    if: github.repository == 'Swatinem/rust-cache'
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+
+    name: Test multi-job cache (1) on ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+
+    env:
+      CARGO_TERM_COLOR: always
+
+    steps:
+      - name: checkout
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
+
+      - name: install rust toolchain
+        run: rustup toolchain install stable --profile minimal --target wasm32-unknown-unknown --no-self-update
+
+      - name: cache
+        uses: ./
+        with:
+          workspaces: |
+            tests
+          add-job-id-key: "false"
+          add-rust-environment-hash-key: "false"
+
+      - name: cargo check (tests)
+        working-directory: tests
+        run: cargo check
+
+  multi-job-cache-2:
+    if: github.repository == 'Swatinem/rust-cache'
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+
+    name: Test multi-job cache (2) on ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+
+    env:
+      CARGO_TERM_COLOR: always
+
+    steps:
+      - name: checkout
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
+
+      - name: install rust toolchain
+        run: rustup toolchain install stable --profile minimal --target wasm32-unknown-unknown --no-self-update
+
+      - name: cache
+        uses: ./
+        with:
+          workspaces: |
+            tests/wasm-workspace
+          add-job-id-key: "false"
+          add-rust-environment-hash-key: "false"
+
+      - name: cargo check (tests/wasm-workspace)
+        working-directory: tests/wasm-workspace
+        run: cargo check

.github/workflows/simple.yml

@@ -2,8 +2,11 @@ name: simple
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   simple:
+    if: github.repository == 'Swatinem/rust-cache'
     strategy:
       fail-fast: false
       matrix:
@@ -16,7 +19,9 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --no-self-update
 

.github/workflows/target-dir.yml

@@ -2,8 +2,11 @@ name: target-dir
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   target-dir:
+    if: github.repository == 'Swatinem/rust-cache'
     strategy:
       fail-fast: false
       matrix:
@@ -16,7 +19,9 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --no-self-update
 

.github/workflows/workspaces.yml

@@ -2,8 +2,11 @@ name: workspaces
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   workspaces:
+    if: github.repository == 'Swatinem/rust-cache'
     strategy:
       fail-fast: false
       matrix:
@@ -16,7 +19,9 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --target wasm32-unknown-unknown --no-self-update
 
@@ -26,8 +31,10 @@ jobs:
             tests
             tests/wasm-workspace
 
-      - run: cargo check
+      - name: cargo check (tests)
         working-directory: tests
+        run: cargo check
 
-      - run: cargo check
+      - name: cargo check (tests/wasm-workspace)
         working-directory: tests/wasm-workspace
+        run: cargo check

.github/workflows/zizmor.yml

@@ -0,0 +1,24 @@
+name: GitHub Actions Security Analysis with zizmor 🌈
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["**"]
+
+permissions: {}
+
+jobs:
+  zizmor:
+    name: Run zizmor 🌈
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write # for uploading results to the Security tab
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
+
+      - name: Run zizmor 🌈
+        uses: zizmorcore/zizmor-action@e639db99335bc9038abc0e066dfcd72e23d26fb4 # v0.3.0

.gitignore

@@ -1,5 +1,6 @@
 node_modules/
 target/
+src/*.js
 
 # Editors
 .idea/

CHANGELOG.md

@@ -1,5 +1,42 @@
 # Changelog
 
+## 2.8.2
+
+- Don't overwrite env for cargo-metadata call
+
+## 2.8.1
+
+- Set empty `CARGO_ENCODED_RUSTFLAGS` when retrieving metadata
+- Various dependency updates
+
+## 2.8.0
+
+- Add support for `warpbuild` cache provider
+- Add new `cache-workspace-crates` feature
+
+## 2.7.8
+
+- Include CPU arch in the cache key
+
+## 2.7.7
+
+- Also cache `cargo install` metadata
+
+## 2.7.6
+
+- Allow opting out of caching $CARGO_HOME/bin
+- Add runner OS in cache key
+- Adds an option to do lookup-only of the cache
+
+## 2.7.5
+
+- Support Cargo.lock format cargo-lock v4
+- Only run macOsWorkaround() on macOS
+
+## 2.7.3
+
+- Work around upstream problem that causes cache saving to hang for minutes.
+
 ## 2.7.2
 
 - Only key by `Cargo.toml` and `Cargo.lock` files of workspace members.

README.md

@@ -6,7 +6,7 @@ sensible defaults.
 ## Example usage
 
 ```yaml
-- uses: actions/checkout@v3
+- uses: actions/checkout@v5
 
 # selecting a toolchain either by action or manual `rustup` calls should happen
 # before the plugin, as the cache uses the current rustc version as its cache key
@@ -28,6 +28,16 @@ sensible defaults.
     # default: empty
     key: ""
 
+    # If the automatic `job`-based cache key should include the job id.
+    # default: "true"
+    add-job-id-key: ""
+
+    # Weather the a hash of the rust environment should be included in the cache key.
+    # This includes a hash of all Cargo.toml/Cargo.lock files, rust-toolchain files,
+    # and .cargo/config.toml files (if present), as well as the specified 'env-vars'.
+    # default: "true"
+    add-rust-environment-hash-key: ""
+
     # A whitespace separated list of env-var *prefixes* who's value contributes
     # to the environment cache key.
     # The env-vars are matched by *prefix*, so the default `RUST` var will
@@ -60,7 +70,13 @@ sensible defaults.
     # default: "false"
     cache-all-crates: ""
 
-    # Determiners whether the cache should be saved.
+    # Similar to cache-all-crates.
+    # If `true` the workspace crates will be cached.
+    # Useful if the workspace contains libraries that are only updated sporadically.
+    # default: "false"
+    cache-workspace-crates: ""
+
+    # Determines whether the cache should be saved.
     # If `false`, the cache is only restored.
     # Useful for jobs where the matrix is additive e.g. additional Cargo features,
     # or when only runs from `master` should be saved to the cache.
@@ -69,10 +85,20 @@ sensible defaults.
     # To only cache runs from `master`:
     save-if: ${{ github.ref == 'refs/heads/master' }}
 
+    # Determines whether the cache should be restored.
+    # If `true` the cache key will be checked and the `cache-hit` output will be set
+    # but the cache itself won't be restored
+    # default: "false"
+    lookup-only: ""
+
     # Specifies what to use as the backend providing cache
-    # Can be set to either "github" or "buildjet"
+    # Can be set to "github", "buildjet", or "warpbuild"
     # default: "github"
     cache-provider: ""
+
+    # Determines whether to cache the ~/.cargo/bin directory.
+    # default: "true"
+    cache-bin: ""
 ```
 
 Further examples are available in the [.github/workflows](./.github/workflows/) directory.
@@ -85,14 +111,14 @@ This is a boolean flag that will be set to `true` when there was an exact cache
 
 ## Cache Effectiveness
 
-This action only caches the _dependencies_ of a crate, so is more effective if
+This action only caches the _dependencies_ of a crate, so it is more effective if
 the dependency / own code ratio is higher.
 
-It is also most effective for repositories with a `Cargo.lock` file. Library
+It is also more effective for repositories with a `Cargo.lock` file. Library
 repositories with only a `Cargo.toml` file have limited benefits, as cargo will
 _always_ use the most up-to-date dependency versions, which may not be cached.
 
-Usage with Stable Rust is most effective, as a cache is tied to the Rust version.
+Usage with Stable Rust is the most effective, as a cache is tied to the Rust version.
 Using it with Nightly Rust is less effective as it will throw away the cache every day,
 unless a specific nightly build is being pinned.
 
@@ -105,12 +131,14 @@ This action currently caches the following files/directories:
 
 This cache is automatically keyed by:
 
-- the github [`job_id`](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_id),
+- the github [`job_id`](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_id)
+(if `add-job-id-key` is `"true"`),
 - the rustc release / host / hash,
-- the value of some compiler-specific environment variables (eg. RUSTFLAGS, etc), and
-- a hash of all `Cargo.lock` / `Cargo.toml` files found anywhere in the repository (if present).
-- a hash of all `rust-toolchain` / `rust-toolchain.toml` files in the root of the repository (if present).
-- a hash of all `.cargo/config.toml` files in the root of the repository (if present).
+- the following values, if `add-rust-environment-hash-key` is `"true"`:
+  - the value of some compiler-specific environment variables (eg. RUSTFLAGS, etc), and
+  - a hash of all `Cargo.lock` / `Cargo.toml` files found anywhere in the repository (if present).
+  - a hash of all `rust-toolchain` / `rust-toolchain.toml` files in the root of the repository (if present).
+  - a hash of all `.cargo/config.toml` files in the root of the repository (if present).
 
 An additional input `key` can be provided if the builtin keys are not sufficient.
 
@@ -169,4 +197,7 @@ to see those details as well as further details related to caching operations.
 ## Known issues
 
 - The cache cleaning process currently removes all the files from `~/.cargo/bin`
-  that were present before the action ran (for example `rustc`).
+  that were present before the action ran (for example `rustc`), by default.
+  This can be an issue on long-running self-hosted runners, where such state
+  is expected to be preserved across runs.  You can work around this by setting
+  `cache-bin: "false"`.

action.yml

@@ -12,6 +12,14 @@ inputs:
   key:
     description: "An additional cache key that is added alongside the automatic `job`-based cache key and can be used to further differentiate jobs."
     required: false
+  add-job-id-key:
+    description: "If the automatic `job`-based cache key should include the job id. Defaults to true."
+    required: false
+    default: "true"
+  add-rust-environment-hash-key:
+    description: "Weather the a hash of the rust environment should be included in the cache key. This includes a hash of all Cargo.toml/Cargo.lock files, rust-toolchain files, and .cargo/config.toml files (if present), as well as the specified 'env-vars'. Defaults to true."
+    required: false
+    default: "true"
   env-vars:
     description: "Additional environment variables to include in the cache key, separated by spaces."
     required: false
@@ -32,14 +40,26 @@ inputs:
     description: "Determines which crates are cached. If `true` all crates will be cached, otherwise only dependent crates will be cached."
     required: false
     default: "false"
+  cache-workspace-crates:
+    description: "Similar to cache-all-crates. If `true` the workspace crates will be cached."
+    required: false
+    default: "false"
   save-if:
     description: "Determiners whether the cache should be saved. If `false`, the cache is only restored."
     required: false
     default: "true"
   cache-provider:
-    description: "Determines which provider to use for caching. Options are github or buildjet, defaults to github."
+    description: "Determines which provider to use for caching. Options are github, buildjet, or warpbuild. Defaults to github."
     required: false
     default: "github"
+  cache-bin:
+    description: "Determines whether to cache ${CARGO_HOME}/bin."
+    required: false
+    default: "true"
+  lookup-only:
+    description: "Check if a cache entry exists without downloading the cache"
+    required: false
+    default: "false"
 outputs:
   cache-hit:
     description: "A boolean value that indicates an exact match was found."

package.json

@@ -1,7 +1,7 @@
 {
   "private": true,
   "name": "rust-cache",
-  "version": "2.7.2",
+  "version": "2.8.2",
   "description": "A GitHub Action that implements smart caching for rust/cargo projects with sensible defaults.",
   "keywords": [
     "actions",
@@ -23,17 +23,19 @@
   "homepage": "https://github.com/Swatinem/rust-cache#readme",
   "dependencies": {
     "@actions/buildjet-cache": "npm:github-actions.cache-buildjet@0.2.0",
-    "@actions/cache": "^3.2.2",
-    "@actions/core": "^1.10.1",
+    "@actions/warpbuild-cache": "npm:github-actions.warp-cache@1.4.7",
+    "@actions/cache": "^4.1.0",
+    "@actions/core": "^1.11.1",
     "@actions/exec": "^1.1.1",
-    "@actions/glob": "^0.4.0",
-    "@actions/io": "^1.1.3",
-    "smol-toml": "1.1.3"
+    "@actions/glob": "^0.5.0",
+    "@actions/io": "^2.0.0",
+    "smol-toml": "^1.5.2"
   },
   "devDependencies": {
-    "@vercel/ncc": "^0.38.1",
+    "@types/node": "^24.10.1",
+    "@vercel/ncc": "^0.38.4",
     "linefix": "^0.1.1",
-    "typescript": "5.2.2"
+    "typescript": "5.9.3"
   },
   "scripts": {
     "prepare": "ncc build --target es2020 -o dist/restore src/restore.ts && ncc build --target es2020 -o dist/save src/save.ts && linefix dist"

src/cleanup.ts

@@ -43,16 +43,16 @@ async function cleanProfileTarget(profileDir: string, packages: Packages, checkT
       // https://github.com/vertexclique/kaos/blob/9876f6c890339741cc5be4b7cb9df72baa5a6d79/src/cargo.rs#L25
       // https://github.com/eupn/macrotest/blob/c4151a5f9f545942f4971980b5d264ebcd0b1d11/src/cargo.rs#L27
       cleanTargetDir(path.join(profileDir, "target"), packages, checkTimestamp);
-    } catch { }
+    } catch {}
     try {
       // https://github.com/dtolnay/trybuild/blob/eec8ca6cb9b8f53d0caf1aa499d99df52cae8b40/src/cargo.rs#L50
       cleanTargetDir(path.join(profileDir, "trybuild"), packages, checkTimestamp);
-    } catch { }
+    } catch {}
 
     // Delete everything else.
     await rmExcept(profileDir, new Set(["target", "trybuild"]), checkTimestamp);
 
-    return
+    return;
   }
 
   let keepProfile = new Set(["build", ".fingerprint", "deps"]);

src/config.ts

@@ -25,6 +25,9 @@ export class CacheConfig {
   /** The secondary (restore) key that only contains the prefix and environment */
   public restoreKey = "";
 
+  /** Whether to cache CARGO_HOME/.bin */
+  public cacheBin: boolean = true;
+
   /** The workspace configurations */
   public workspaces: Array<Workspace> = [];
 
@@ -66,11 +69,16 @@ export class CacheConfig {
       }
 
       const job = process.env.GITHUB_JOB;
-      if (job) {
+      if ((job) && core.getInput("add-job-id-key").toLowerCase() == "true") {
         key += `-${job}`;
       }
     }
 
+    // Add runner OS and CPU architecture to the key to avoid cross-contamination of cache
+    const runnerOS = os.type();
+    const runnerArch = os.arch();
+    key += `-${runnerOS}-${runnerArch}`;
+
     self.keyPrefix = key;
 
     // Construct environment portion of the key:
@@ -108,7 +116,10 @@ export class CacheConfig {
 
     self.keyEnvs = keyEnvs;
 
-    key += `-${digest(hasher)}`;
+    // Add job hash suffix if 'add-rust-environment-hash-key' is true
+    if (core.getInput("add-rust-environment-hash-key").toLowerCase() == "true") {
+      key += `-${digest(hasher)}`;
+    }
 
     self.restoreKey = key;
 
@@ -116,6 +127,8 @@ export class CacheConfig {
     // This considers all the files found via globbing for various manifests
     // and lockfiles.
 
+    self.cacheBin = core.getInput("cache-bin").toLowerCase() == "true";
+
     // Constructs the workspace config and paths to restore:
     // The workspaces are given using a `$workspace -> $target` syntax.
 
@@ -129,112 +142,126 @@ export class CacheConfig {
     }
     self.workspaces = workspaces;
 
-    let keyFiles = await globFiles(".cargo/config.toml\nrust-toolchain\nrust-toolchain.toml");
-    const parsedKeyFiles = []; // keyFiles that are parsed, pre-processed and hashed
+    // Add hash suffix of all rust environment lockfiles + manifests if
+    // 'add-rust-environment-hash-key' is true
+    if (core.getInput("add-rust-environment-hash-key").toLowerCase() == "true") {
+      let keyFiles = await globFiles(".cargo/config.toml\nrust-toolchain\nrust-toolchain.toml");
+      const parsedKeyFiles = []; // keyFiles that are parsed, pre-processed and hashed
 
-    hasher = crypto.createHash("sha1");
+      hasher = crypto.createHash("sha1");
 
-    for (const workspace of workspaces) {
-      const root = workspace.root;
-      keyFiles.push(
-        ...(await globFiles(
-          `${root}/**/.cargo/config.toml\n${root}/**/rust-toolchain\n${root}/**/rust-toolchain.toml`,
-        )),
-      );
+      for (const workspace of workspaces) {
+        const root = workspace.root;
+        keyFiles.push(
+          ...(await globFiles(
+            `${root}/**/.cargo/config.toml\n${root}/**/rust-toolchain\n${root}/**/rust-toolchain.toml`,
+          )),
+        );
 
-      const workspaceMembers = await workspace.getWorkspaceMembers();
+        const workspaceMembers = await workspace.getWorkspaceMembers();
 
-      const cargo_manifests = sort_and_uniq(workspaceMembers.map(member => path.join(member.path, "Cargo.toml")));
+        const cargo_manifests = sort_and_uniq(workspaceMembers.map((member) => path.join(member.path, "Cargo.toml")));
 
-      for (const cargo_manifest of cargo_manifests) {
-        try {
-          const content = await fs_promises.readFile(cargo_manifest, { encoding: "utf8" });
-          // Use any since TomlPrimitive is not exposed
-          const parsed = toml.parse(content) as { [key: string]: any };
+        for (const cargo_manifest of cargo_manifests) {
+          try {
+            const content = await fs_promises.readFile(cargo_manifest, { encoding: "utf8" });
+            // Use any since TomlPrimitive is not exposed
+            const parsed = toml.parse(content) as { [key: string]: any };
 
-          if ("package" in parsed) {
-            const pack = parsed.package;
-            if ("version" in pack) {
-              pack["version"] = "0.0.0";
-            }
-          }
-
-          for (const prefix of ["", "build-", "dev-"]) {
-            const section_name = `${prefix}dependencies`;
-            if (!(section_name in parsed)) {
-              continue;
-            }
-            const deps = parsed[section_name];
-
-            for (const key of Object.keys(deps)) {
-              const dep = deps[key];
-
-              try {
-                if ("path" in dep) {
-                  dep.version = "0.0.0";
-                  dep.path = "";
-                }
-              } catch (_e) {
-                // Not an object, probably a string (version),
-                // continue.
-                continue;
+            if ("package" in parsed) {
+              const pack = parsed.package;
+              if ("version" in pack) {
+                pack["version"] = "0.0.0";
               }
             }
+
+            for (const prefix of ["", "build-", "dev-"]) {
+              const section_name = `${prefix}dependencies`;
+              if (!(section_name in parsed)) {
+                continue;
+              }
+              const deps = parsed[section_name];
+
+              for (const key of Object.keys(deps)) {
+                const dep = deps[key];
+
+                try {
+                  if ("path" in dep) {
+                    dep.version = "0.0.0";
+                    dep.path = "";
+                  }
+                } catch (_e) {
+                  // Not an object, probably a string (version),
+                  // continue.
+                  continue;
+                }
+              }
+            }
+
+            hasher.update(JSON.stringify(parsed));
+
+            parsedKeyFiles.push(cargo_manifest);
+          } catch (e) {
+            // Fallback to caching them as regular file
+            core.warning(`Error parsing Cargo.toml manifest, fallback to caching entire file: ${e}`);
+            keyFiles.push(cargo_manifest);
           }
-
-          hasher.update(JSON.stringify(parsed));
-
-          parsedKeyFiles.push(cargo_manifest);
-        } catch (e) { // Fallback to caching them as regular file
-          core.warning(`Error parsing Cargo.toml manifest, fallback to caching entire file: ${e}`);
-          keyFiles.push(cargo_manifest);
         }
-      }
 
-      const cargo_lock = path.join(workspace.root, "Cargo.lock");
-      if (await exists(cargo_lock)) {
-        try {
-          const content = await fs_promises.readFile(cargo_lock, { encoding: "utf8" });
-          const parsed = toml.parse(content);
+        const cargo_lock = path.join(workspace.root, "Cargo.lock");
+        if (await exists(cargo_lock)) {
+          try {
+            const content = await fs_promises.readFile(cargo_lock, { encoding: "utf8" });
+            const parsed = toml.parse(content);
 
-          if (parsed.version !== 3 || !("package" in parsed)) {
-            // Fallback to caching them as regular file since this action
-            // can only handle Cargo.lock format version 3
-            core.warning('Unsupported Cargo.lock format, fallback to caching entire file');
+            if ((parsed.version !== 3 && parsed.version !== 4) || !("package" in parsed)) {
+              // Fallback to caching them as regular file since this action
+              // can only handle Cargo.lock format version 3
+              core.warning("Unsupported Cargo.lock format, fallback to caching entire file");
+              keyFiles.push(cargo_lock);
+              continue;
+            }
+
+            // Package without `[[package]].source` and `[[package]].checksum`
+            // are the one with `path = "..."` to crates within the workspace.
+            const packages = (parsed.package as any[]).filter((p: any) => "source" in p || "checksum" in p);
+
+            hasher.update(JSON.stringify(packages));
+
+            parsedKeyFiles.push(cargo_lock);
+          } catch (e) {
+            // Fallback to caching them as regular file
+            core.warning(`Error parsing Cargo.lock manifest, fallback to caching entire file: ${e}`);
             keyFiles.push(cargo_lock);
-            continue;
           }
-
-          // Package without `[[package]].source` and `[[package]].checksum`
-          // are the one with `path = "..."` to crates within the workspace.
-          const packages = (parsed.package as any[]).filter((p: any) => "source" in p || "checksum" in p);
-
-          hasher.update(JSON.stringify(packages));
-
-          parsedKeyFiles.push(cargo_lock);
-        } catch (e) { // Fallback to caching them as regular file
-          core.warning(`Error parsing Cargo.lock manifest, fallback to caching entire file: ${e}`);
-          keyFiles.push(cargo_lock);
         }
       }
-    }
-    keyFiles = sort_and_uniq(keyFiles);
+      keyFiles = sort_and_uniq(keyFiles);
 
-    for (const file of keyFiles) {
-      for await (const chunk of fs.createReadStream(file)) {
-        hasher.update(chunk);
+      for (const file of keyFiles) {
+        for await (const chunk of fs.createReadStream(file)) {
+          hasher.update(chunk);
+        }
       }
+
+      keyFiles.push(...parsedKeyFiles);
+      self.keyFiles = sort_and_uniq(keyFiles);
+
+      let lockHash = digest(hasher);
+      key += `-${lockHash}`;
     }
 
-    let lockHash = digest(hasher);
-
-    keyFiles.push(...parsedKeyFiles);
-    self.keyFiles = sort_and_uniq(keyFiles);
-
-    key += `-${lockHash}`;
     self.cacheKey = key;
 
-    self.cachePaths = [CARGO_HOME];
+    self.cachePaths = [path.join(CARGO_HOME, "registry"), path.join(CARGO_HOME, "git")];
+    if (self.cacheBin) {
+      self.cachePaths = [
+        path.join(CARGO_HOME, "bin"),
+        path.join(CARGO_HOME, ".crates.toml"),
+        path.join(CARGO_HOME, ".crates2.json"),
+        ...self.cachePaths,
+      ];
+    }
     const cacheTargets = core.getInput("cache-targets").toLowerCase() || "true";
     if (cacheTargets === "true") {
       self.cachePaths.push(...workspaces.map((ws) => ws.target));

src/restore.ts

@@ -24,6 +24,8 @@ async function run() {
     if (cacheOnFailure !== "true") {
       cacheOnFailure = "false";
     }
+    var lookupOnly = core.getInput("lookup-only").toLowerCase() === "true";
+
     core.exportVariable("CACHE_ON_FAILURE", cacheOnFailure);
     core.exportVariable("CARGO_INCREMENTAL", 0);
 
@@ -31,15 +33,17 @@ async function run() {
     config.printInfo(cacheProvider);
     core.info("");
 
-    core.info(`... Restoring cache ...`);
+    core.info(`... ${lookupOnly ? "Checking" : "Restoring"} cache ...`);
     const key = config.cacheKey;
     // Pass a copy of cachePaths to avoid mutating the original array as reported by:
     // https://github.com/actions/toolkit/pull/1378
     // TODO: remove this once the underlying bug is fixed.
-    const restoreKey = await cacheProvider.cache.restoreCache(config.cachePaths.slice(), key, [config.restoreKey]);
+    const restoreKey = await cacheProvider.cache.restoreCache(config.cachePaths.slice(), key, [config.restoreKey], {
+      lookupOnly,
+    });
     if (restoreKey) {
       const match = restoreKey === key;
-      core.info(`Restored from cache key "${restoreKey}" full match: ${match}.`);
+      core.info(`${lookupOnly ? "Found" : "Restored from"} cache key "${restoreKey}" full match: ${match}.`);
       if (!match) {
         // pre-clean the target directory on cache mismatch
         for (const workspace of config.workspaces) {
@@ -64,6 +68,7 @@ async function run() {
 
     reportError(e);
   }
+  process.exit();
 }
 
 function setCacheHitOutput(cacheHit: boolean): void {

src/save.ts

@@ -32,11 +32,18 @@ async function run() {
     core.info("");
 
     // TODO: remove this once https://github.com/actions/toolkit/pull/553 lands
-    await macOsWorkaround();
+    if (process.env["RUNNER_OS"] == "macOS") {
+      await macOsWorkaround();
+    }
 
+    const workspaceCrates = core.getInput("cache-workspace-crates").toLowerCase() || "false";
     const allPackages = [];
     for (const workspace of config.workspaces) {
       const packages = await workspace.getPackagesOutsideWorkspaceRoot();
+      if (workspaceCrates === "true") {
+        const wsMembers = await workspace.getWorkspaceMembers();
+        packages.push(...wsMembers);
+      }
       allPackages.push(...packages);
       try {
         core.info(`... Cleaning ${workspace.target} ...`);
@@ -54,11 +61,13 @@ async function run() {
       core.debug(`${(e as any).stack}`);
     }
 
-    try {
-      core.info(`... Cleaning cargo/bin ...`);
-      await cleanBin(config.cargoBins);
-    } catch (e) {
-      core.debug(`${(e as any).stack}`);
+    if (config.cacheBin) {
+      try {
+        core.info(`... Cleaning cargo/bin ...`);
+        await cleanBin(config.cargoBins);
+      } catch (e) {
+        core.debug(`${(e as any).stack}`);
+      }
     }
 
     try {
@@ -76,6 +85,7 @@ async function run() {
   } catch (e) {
     reportError(e);
   }
+  process.exit();
 }
 
 run();

src/utils.ts

@@ -1,6 +1,7 @@
 import * as core from "@actions/core";
 import * as exec from "@actions/exec";
 import * as buildjetCache from "@actions/buildjet-cache";
+import * as warpbuildCache from "@actions/warpbuild-cache";
 import * as ghCache from "@actions/cache";
 import fs from "fs";
 
@@ -44,17 +45,32 @@ export async function getCmdOutput(
   return stdout;
 }
 
+export interface GhCache {
+  isFeatureAvailable: typeof ghCache.isFeatureAvailable;
+  restoreCache: typeof ghCache.restoreCache;
+  saveCache: (paths: string[], key: string) => Promise<string | number>;
+}
+
 export interface CacheProvider {
   name: string;
-  cache: typeof ghCache;
+  cache: GhCache;
 }
 
 export function getCacheProvider(): CacheProvider {
   const cacheProvider = core.getInput("cache-provider");
-  const cache = cacheProvider === "github" ? ghCache : cacheProvider === "buildjet" ? buildjetCache : undefined;
-
-  if (!cache) {
-    throw new Error(`The \`cache-provider\` \`{cacheProvider}\` is not valid.`);
+  let cache: GhCache;
+  switch (cacheProvider) {
+    case "github":
+      cache = ghCache;
+      break;
+    case "buildjet":
+      cache = buildjetCache;
+      break;
+    case "warpbuild":
+      cache = warpbuildCache;
+      break;
+    default:
+      throw new Error(`The \`cache-provider\` \`${cacheProvider}\` is not valid.`);
   }
 
   return {

src/workspace.ts

@@ -8,13 +8,14 @@ const SAVE_TARGETS = new Set(["lib", "proc-macro"]);
 export class Workspace {
   constructor(public root: string, public target: string) {}
 
-  async getPackages(filter: ((p: Meta['packages'][0]) => boolean), ...extraArgs: string[]): Promise<Packages> {
+  async getPackages(filter: (p: Meta["packages"][0]) => boolean, ...extraArgs: string[]): Promise<Packages> {
     let packages: Packages = [];
     try {
       core.debug(`collecting metadata for "${this.root}"`);
       const meta: Meta = JSON.parse(
         await getCmdOutput("cargo", ["metadata", "--all-features", "--format-version", "1", ...extraArgs], {
           cwd: this.root,
+          env: { ...process.env, "CARGO_ENCODED_RUSTFLAGS": "" },
         }),
       );
       core.debug(`workspace "${this.root}" has ${meta.packages.length} packages`);
@@ -29,11 +30,11 @@ export class Workspace {
   }
 
   public async getPackagesOutsideWorkspaceRoot(): Promise<Packages> {
-    return await this.getPackages(pkg => !pkg.manifest_path.startsWith(this.root));
+    return await this.getPackages((pkg) => !pkg.manifest_path.startsWith(this.root));
   }
 
   public async getWorkspaceMembers(): Promise<Packages> {
-    return await this.getPackages(_ => true, "--no-deps");
+    return await this.getPackages((_) => true, "--no-deps");
   }
 }
 

tests/Cargo.toml

@@ -6,11 +6,12 @@ authors = ["Arpad Borsos <arpad.borsos@googlemail.com>"]
 edition = "2021"
 
 [dependencies]
-reqwest = "0.11.18"
-watto = { git = "https://github.com/getsentry/watto", rev = "d71c8218506bddba102a124a460d64da25e303dc", features = ["strings"] }
+reqwest = "0.12.1"
+jsonpath_lib_polars_vendor = "0.0.1"
+watto = { git = "https://github.com/getsentry/watto", rev = "39ccb9add289c1f23c89f40506f4a80b2f4011b9", features = ["strings"] }
 
 [dev-dependencies]
 trybuild = "1"
 
 [target.'cfg(not(target_env = "msvc"))'.dependencies]
-tikv-jemallocator = "0.5.4"
+tikv-jemallocator = "0.6.0"

tests/tests/trybuild/fail_to_compile.stderr

@@ -2,4 +2,4 @@ error[E0599]: no method named `foobar` found for reference `&'static str` in the
  --> tests/trybuild/fail_to_compile.rs:2:14
   |
 2 |     "foobar".foobar();
-  |              ^^^^^^ method not found in `&str`
+  |              ^^^^^^ method not found in `&'static str`

tests/wasm-workspace/Cargo.toml

@@ -1,4 +1,5 @@
 [workspace]
+resolver = "2"
 members = [
     "crates/one",
     "crates/two",

tests/wasm-workspace/crates/one/Cargo.toml

@@ -5,7 +5,7 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
-reqwest = "0.11.0"
+reqwest = "0.12"
 async-std = "1"
 tracing = "0.1"
 tracing-futures = "0.2"

tests/wasm-workspace/crates/two/Cargo.toml

@@ -5,4 +5,4 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
-clap = "3"
+clap = "4"