2.8.2

Bumps the prd-minor group with 1 update: [smol-toml](https://github.com/squirrelchat/smol-toml).


Updates `smol-toml` from 1.4.2 to 1.5.2
- [Release notes](https://github.com/squirrelchat/smol-toml/releases)
- [Commits](https://github.com/squirrelchat/smol-toml/compare/v1.4.2...v1.5.2)

---
updated-dependencies:
- dependency-name: smol-toml
  dependency-version: 1.5.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prd-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/buildjet.yml

@@ -2,6 +2,8 @@ name: buildjet
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   buildjet:
     if: github.repository == 'Swatinem/rust-cache'
@@ -17,7 +19,9 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --no-self-update
 

.github/workflows/check-dist.yml

@@ -11,15 +11,19 @@ on:
       - "**.md"
   workflow_dispatch:
 
+permissions: {}
+
 jobs:
   check-dist:
     if: github.repository == 'Swatinem/rust-cache'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - name: Setup Node.js 20.x
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
           node-version: 20.x
           cache: npm
@@ -39,7 +43,7 @@ jobs:
           fi
         id: diff
 
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         if: ${{ failure() && steps.diff.conclusion == 'failure' }}
         with:
           name: dist

.github/workflows/coverage.yml

@@ -2,6 +2,8 @@ name: coverage
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   coverage:
     if: github.repository == 'Swatinem/rust-cache'
@@ -17,11 +19,15 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --component llvm-tools-preview --no-self-update
 
-      - uses: taiki-e/install-action@cargo-llvm-cov
+      - uses: taiki-e/install-action@763e3324d4fd026c9bd284c504378585777a87d5 # v2.62.57
+        with:
+          tool: cargo-llvm-cov
 
       - uses: ./
         with:

.github/workflows/dependabot.yml

@@ -3,23 +3,25 @@
 name: Dependabot Automation
 on: pull_request
 
-permissions:
-  contents: write
-  pull-requests: write
+permissions: {}
 
 jobs:
   automerge:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write # for pushing commits
+      pull-requests: write # for merging PRs
     if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'Swatinem/rust-cache'
     steps:
       - name: Fetch metadata
         id: metadata
-        uses: dependabot/fetch-metadata@v2
+        uses: dependabot/fetch-metadata@08eff52bf64351f401fb50d4972fa95b9f2c2d1b # v2.4.0
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
-      - uses: actions/checkout@v5
-        with: 
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
           fetch-depth: 2
+          persist-credentials: false
         if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
       - name: Check if package-lock.json has been changed
         if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
@@ -35,7 +37,7 @@ jobs:
           fi
       - name: Setup node if necessary
         if: steps.npm.outputs.changed != ''
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
           node-version: 20.x
           cache: npm

.github/workflows/git-registry.yml

@@ -2,6 +2,8 @@ name: git-registry
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   git-registry:
     if: github.repository == 'Swatinem/rust-cache'
@@ -18,7 +20,9 @@ jobs:
       CARGO_REGISTRIES_CRATES_IO_PROTOCOL: git
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --no-self-update
 

.github/workflows/install.yml

@@ -2,6 +2,8 @@ name: install
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   install:
     if: github.repository == 'Swatinem/rust-cache'
@@ -17,7 +19,9 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --no-self-update
 

.github/workflows/multi-job-cache.yml

@@ -0,0 +1,74 @@
+name: multi-job-cache
+
+on: [push, pull_request]
+
+permissions: {}
+
+jobs:
+  multi-job-cache-1:
+    if: github.repository == 'Swatinem/rust-cache'
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+
+    name: Test multi-job cache (1) on ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+
+    env:
+      CARGO_TERM_COLOR: always
+
+    steps:
+      - name: checkout
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
+
+      - name: install rust toolchain
+        run: rustup toolchain install stable --profile minimal --target wasm32-unknown-unknown --no-self-update
+
+      - name: cache
+        uses: ./
+        with:
+          workspaces: |
+            tests
+          add-job-id-key: "false"
+          add-rust-environment-hash-key: "false"
+
+      - name: cargo check (tests)
+        working-directory: tests
+        run: cargo check
+
+  multi-job-cache-2:
+    if: github.repository == 'Swatinem/rust-cache'
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+
+    name: Test multi-job cache (2) on ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+
+    env:
+      CARGO_TERM_COLOR: always
+
+    steps:
+      - name: checkout
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
+
+      - name: install rust toolchain
+        run: rustup toolchain install stable --profile minimal --target wasm32-unknown-unknown --no-self-update
+
+      - name: cache
+        uses: ./
+        with:
+          workspaces: |
+            tests/wasm-workspace
+          add-job-id-key: "false"
+          add-rust-environment-hash-key: "false"
+
+      - name: cargo check (tests/wasm-workspace)
+        working-directory: tests/wasm-workspace
+        run: cargo check

.github/workflows/simple.yml

@@ -2,6 +2,8 @@ name: simple
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   simple:
     if: github.repository == 'Swatinem/rust-cache'
@@ -17,7 +19,9 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --no-self-update
 

.github/workflows/target-dir.yml

@@ -2,6 +2,8 @@ name: target-dir
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   target-dir:
     if: github.repository == 'Swatinem/rust-cache'
@@ -17,7 +19,9 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --no-self-update
 

.github/workflows/workspaces.yml

@@ -2,6 +2,8 @@ name: workspaces
 
 on: [push, pull_request]
 
+permissions: {}
+
 jobs:
   workspaces:
     if: github.repository == 'Swatinem/rust-cache'
@@ -17,7 +19,9 @@ jobs:
       CARGO_TERM_COLOR: always
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - run: rustup toolchain install stable --profile minimal --target wasm32-unknown-unknown --no-self-update
 

.github/workflows/zizmor.yml

@@ -0,0 +1,24 @@
+name: GitHub Actions Security Analysis with zizmor 🌈
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["**"]
+
+permissions: {}
+
+jobs:
+  zizmor:
+    name: Run zizmor 🌈
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write # for uploading results to the Security tab
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
+
+      - name: Run zizmor 🌈
+        uses: zizmorcore/zizmor-action@e639db99335bc9038abc0e066dfcd72e23d26fb4 # v0.3.0

.gitignore

@@ -1,5 +1,6 @@
 node_modules/
 target/
+src/*.js
 
 # Editors
 .idea/

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog
 
+## 2.8.2
+
+- Don't overwrite env for cargo-metadata call
+
 ## 2.8.1
 
 - Set empty `CARGO_ENCODED_RUSTFLAGS` when retrieving metadata

README.md

@@ -28,6 +28,16 @@ sensible defaults.
     # default: empty
     key: ""
 
+    # If the automatic `job`-based cache key should include the job id.
+    # default: "true"
+    add-job-id-key: ""
+
+    # Weather the a hash of the rust environment should be included in the cache key.
+    # This includes a hash of all Cargo.toml/Cargo.lock files, rust-toolchain files,
+    # and .cargo/config.toml files (if present), as well as the specified 'env-vars'.
+    # default: "true"
+    add-rust-environment-hash-key: ""
+
     # A whitespace separated list of env-var *prefixes* who's value contributes
     # to the environment cache key.
     # The env-vars are matched by *prefix*, so the default `RUST` var will
@@ -121,12 +131,14 @@ This action currently caches the following files/directories:
 
 This cache is automatically keyed by:
 
-- the github [`job_id`](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_id),
+- the github [`job_id`](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_id)
+(if `add-job-id-key` is `"true"`),
 - the rustc release / host / hash,
-- the value of some compiler-specific environment variables (eg. RUSTFLAGS, etc), and
-- a hash of all `Cargo.lock` / `Cargo.toml` files found anywhere in the repository (if present).
-- a hash of all `rust-toolchain` / `rust-toolchain.toml` files in the root of the repository (if present).
-- a hash of all `.cargo/config.toml` files in the root of the repository (if present).
+- the following values, if `add-rust-environment-hash-key` is `"true"`:
+  - the value of some compiler-specific environment variables (eg. RUSTFLAGS, etc), and
+  - a hash of all `Cargo.lock` / `Cargo.toml` files found anywhere in the repository (if present).
+  - a hash of all `rust-toolchain` / `rust-toolchain.toml` files in the root of the repository (if present).
+  - a hash of all `.cargo/config.toml` files in the root of the repository (if present).
 
 An additional input `key` can be provided if the builtin keys are not sufficient.
 

action.yml

@@ -12,6 +12,14 @@ inputs:
   key:
     description: "An additional cache key that is added alongside the automatic `job`-based cache key and can be used to further differentiate jobs."
     required: false
+  add-job-id-key:
+    description: "If the automatic `job`-based cache key should include the job id. Defaults to true."
+    required: false
+    default: "true"
+  add-rust-environment-hash-key:
+    description: "Weather the a hash of the rust environment should be included in the cache key. This includes a hash of all Cargo.toml/Cargo.lock files, rust-toolchain files, and .cargo/config.toml files (if present), as well as the specified 'env-vars'. Defaults to true."
+    required: false
+    default: "true"
   env-vars:
     description: "Additional environment variables to include in the cache key, separated by spaces."
     required: false

package-lock.json

@@ -1,28 +1,28 @@
 {
   "name": "rust-cache",
-  "version": "2.8.1",
+  "version": "2.8.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "rust-cache",
-      "version": "2.8.1",
+      "version": "2.8.2",
       "license": "LGPL-3.0",
       "dependencies": {
         "@actions/buildjet-cache": "npm:github-actions.cache-buildjet@0.2.0",
-        "@actions/cache": "^4.0.5",
+        "@actions/cache": "^4.1.0",
         "@actions/core": "^1.11.1",
         "@actions/exec": "^1.1.1",
         "@actions/glob": "^0.5.0",
-        "@actions/io": "^1.1.3",
+        "@actions/io": "^2.0.0",
         "@actions/warpbuild-cache": "npm:github-actions.warp-cache@1.4.7",
-        "smol-toml": "^1.4.2"
+        "smol-toml": "^1.5.2"
       },
       "devDependencies": {
-        "@types/node": "^24.3.0",
-        "@vercel/ncc": "^0.38.3",
+        "@types/node": "^24.10.1",
+        "@vercel/ncc": "^0.38.4",
         "linefix": "^0.1.1",
-        "typescript": "5.9.2"
+        "typescript": "5.9.3"
       },
       "funding": {
         "url": "https://github.com/sponsors/Swatinem"
@@ -52,10 +52,17 @@
         "minimatch": "^3.0.4"
       }
     },
+    "node_modules/@actions/buildjet-cache/node_modules/@actions/io": {
+      "version": "1.1.3",
+      "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz",
+      "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q==",
+      "license": "MIT"
+    },
     "node_modules/@actions/cache": {
-      "version": "4.0.5",
-      "resolved": "https://registry.npmjs.org/@actions/cache/-/cache-4.0.5.tgz",
-      "integrity": "sha512-RjLz1/vvntOfp3FpkY3wB0MjVRbLq7bfQEuQG9UUTKwdtcYmFrKVmuD+9B6ADbzbkSfHM+dM4sMjdr3R4XIkFg==",
+      "version": "4.1.0",
+      "resolved": "https://registry.npmjs.org/@actions/cache/-/cache-4.1.0.tgz",
+      "integrity": "sha512-z3Opg+P4Y7baq+g1dODXgdtsvPLSewr3ZKpp3U0HQR1A/vWCoJFS52XSezjdngo4SIOdR5oHtyK3a3Arar+X9A==",
+      "license": "MIT",
       "dependencies": {
         "@actions/core": "^1.11.1",
         "@actions/exec": "^1.0.1",
@@ -78,6 +85,12 @@
         "minimatch": "^3.0.4"
       }
     },
+    "node_modules/@actions/cache/node_modules/@actions/io": {
+      "version": "1.1.3",
+      "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz",
+      "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q==",
+      "license": "MIT"
+    },
     "node_modules/@actions/core": {
       "version": "1.11.1",
       "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.11.1.tgz",
@@ -95,6 +108,12 @@
         "@actions/io": "^1.0.1"
       }
     },
+    "node_modules/@actions/exec/node_modules/@actions/io": {
+      "version": "1.1.3",
+      "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz",
+      "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q==",
+      "license": "MIT"
+    },
     "node_modules/@actions/github": {
       "version": "6.0.1",
       "resolved": "https://registry.npmjs.org/@actions/github/-/github-6.0.1.tgz",
@@ -128,9 +147,10 @@
       }
     },
     "node_modules/@actions/io": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz",
-      "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q=="
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@actions/io/-/io-2.0.0.tgz",
+      "integrity": "sha512-Jv33IN09XLO+0HS79aaODsvIRyduiF7NY/F6LYeK5oeUmrsz7aFdRphQjFoESF4jS7lMauDOttKALcpapVDIAg==",
+      "license": "MIT"
     },
     "node_modules/@actions/warpbuild-cache": {
       "name": "github-actions.warp-cache",
@@ -164,6 +184,12 @@
         "minimatch": "^3.0.4"
       }
     },
+    "node_modules/@actions/warpbuild-cache/node_modules/@actions/io": {
+      "version": "1.1.3",
+      "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz",
+      "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q==",
+      "license": "MIT"
+    },
     "node_modules/@azure/abort-controller": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/@azure/abort-controller/-/abort-controller-1.1.0.tgz",
@@ -576,6 +602,7 @@
       "version": "5.2.2",
       "resolved": "https://registry.npmjs.org/@octokit/core/-/core-5.2.2.tgz",
       "integrity": "sha512-/g2d4sW9nUDJOMz3mabVQvOGhVa4e/BN/Um7yca9Bb2XTzPPnfTWHWQg+IsEYO7M3Vx+EXvaM/I2pJWIMun1bg==",
+      "peer": true,
       "dependencies": {
         "@octokit/auth-token": "^4.0.0",
         "@octokit/graphql": "^7.1.0",
@@ -741,11 +768,12 @@
       "integrity": "sha512-hWtVTC2q7hc7xZ/RLbxapMvDMgUnDvKvMOpKal4DrMyfGBUfB1oKaZlIRr6mJL+If3bAP6sV/QneGzF6tJjZDg=="
     },
     "node_modules/@types/node": {
-      "version": "24.5.2",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.5.2.tgz",
-      "integrity": "sha512-FYxk1I7wPv3K2XBaoyH2cTnocQEu8AOZ60hPbsyukMPLv5/5qr7V1i8PLHdl6Zf87I+xZXFvPCXYjiTFq+YSDQ==",
+      "version": "24.10.1",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.1.tgz",
+      "integrity": "sha512-GNWcUTRBgIRJD5zj+Tq0fKOJ5XZajIiBroOF0yvj2bSU1WvNdYS/dn9UxwsujGW4JX06dnHyjV2y9rRaybH0iQ==",
+      "license": "MIT",
       "dependencies": {
-        "undici-types": "~7.12.0"
+        "undici-types": "~7.16.0"
       }
     },
     "node_modules/@types/request": {
@@ -778,10 +806,11 @@
       }
     },
     "node_modules/@vercel/ncc": {
-      "version": "0.38.3",
-      "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.38.3.tgz",
-      "integrity": "sha512-rnK6hJBS6mwc+Bkab+PGPs9OiS0i/3kdTO+CkI8V0/VrW3vmz7O2Pxjw/owOlmo6PKEIxRSeZKv/kuL9itnpYA==",
+      "version": "0.38.4",
+      "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.38.4.tgz",
+      "integrity": "sha512-8LwjnlP39s08C08J5NstzriPvW1SP8Zfpp1BvC2sI35kPeZnHfxVkCwu4/+Wodgnd60UtT1n8K8zw+Mp7J9JmQ==",
       "dev": true,
+      "license": "MIT",
       "bin": {
         "ncc": "dist/ncc/cli.js"
       }
@@ -1537,9 +1566,10 @@
       }
     },
     "node_modules/smol-toml": {
-      "version": "1.4.2",
-      "resolved": "https://registry.npmjs.org/smol-toml/-/smol-toml-1.4.2.tgz",
-      "integrity": "sha512-rInDH6lCNiEyn3+hH8KVGFdbjc099j47+OSgbMrfDYX1CmXLfdKd7qi6IfcWj2wFxvSVkuI46M+wPGYfEOEj6g==",
+      "version": "1.5.2",
+      "resolved": "https://registry.npmjs.org/smol-toml/-/smol-toml-1.5.2.tgz",
+      "integrity": "sha512-QlaZEqcAH3/RtNyet1IPIYPsEWAaYyXXv1Krsi+1L/QHppjX4Ifm8MQsBISz9vE8cHicIq3clogsheili5vhaQ==",
+      "license": "BSD-3-Clause",
       "engines": {
         "node": ">= 18"
       },
@@ -1666,10 +1696,11 @@
       }
     },
     "node_modules/typescript": {
-      "version": "5.9.2",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.2.tgz",
-      "integrity": "sha512-CWBzXQrc/qOkhidw1OzBTQuYRbfyxDXJMVJ1XNwUHGROVmuaeiEm3OslpZ1RV96d7SKKjZKrSJu3+t/xlw3R9A==",
+      "version": "5.9.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz",
+      "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==",
       "dev": true,
+      "license": "Apache-2.0",
       "bin": {
         "tsc": "bin/tsc",
         "tsserver": "bin/tsserver"
@@ -1690,9 +1721,10 @@
       }
     },
     "node_modules/undici-types": {
-      "version": "7.12.0",
-      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.12.0.tgz",
-      "integrity": "sha512-goOacqME2GYyOZZfb5Lgtu+1IDmAlAEu5xnD3+xTzS10hT0vzpf0SPjkXwAw9Jm+4n/mQGDP3LO8CPbYROeBfQ=="
+      "version": "7.16.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.16.0.tgz",
+      "integrity": "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==",
+      "license": "MIT"
     },
     "node_modules/universal-user-agent": {
       "version": "6.0.1",

package.json

@@ -1,7 +1,7 @@
 {
   "private": true,
   "name": "rust-cache",
-  "version": "2.8.1",
+  "version": "2.8.2",
   "description": "A GitHub Action that implements smart caching for rust/cargo projects with sensible defaults.",
   "keywords": [
     "actions",
@@ -24,18 +24,18 @@
   "dependencies": {
     "@actions/buildjet-cache": "npm:github-actions.cache-buildjet@0.2.0",
     "@actions/warpbuild-cache": "npm:github-actions.warp-cache@1.4.7",
-    "@actions/cache": "^4.0.5",
+    "@actions/cache": "^4.1.0",
     "@actions/core": "^1.11.1",
     "@actions/exec": "^1.1.1",
     "@actions/glob": "^0.5.0",
-    "@actions/io": "^1.1.3",
-    "smol-toml": "^1.4.2"
+    "@actions/io": "^2.0.0",
+    "smol-toml": "^1.5.2"
   },
   "devDependencies": {
-    "@types/node": "^24.3.0",
-    "@vercel/ncc": "^0.38.3",
+    "@types/node": "^24.10.1",
+    "@vercel/ncc": "^0.38.4",
     "linefix": "^0.1.1",
-    "typescript": "5.9.2"
+    "typescript": "5.9.3"
   },
   "scripts": {
     "prepare": "ncc build --target es2020 -o dist/restore src/restore.ts && ncc build --target es2020 -o dist/save src/save.ts && linefix dist"

src/config.ts

@@ -69,7 +69,7 @@ export class CacheConfig {
       }
 
       const job = process.env.GITHUB_JOB;
-      if (job) {
+      if ((job) && core.getInput("add-job-id-key").toLowerCase() == "true") {
         key += `-${job}`;
       }
     }
@@ -116,7 +116,10 @@ export class CacheConfig {
 
     self.keyEnvs = keyEnvs;
 
-    key += `-${digest(hasher)}`;
+    // Add job hash suffix if 'add-rust-environment-hash-key' is true
+    if (core.getInput("add-rust-environment-hash-key").toLowerCase() == "true") {
+      key += `-${digest(hasher)}`;
+    }
 
     self.restoreKey = key;
 
@@ -139,111 +142,115 @@ export class CacheConfig {
     }
     self.workspaces = workspaces;
 
-    let keyFiles = await globFiles(".cargo/config.toml\nrust-toolchain\nrust-toolchain.toml");
-    const parsedKeyFiles = []; // keyFiles that are parsed, pre-processed and hashed
+    // Add hash suffix of all rust environment lockfiles + manifests if
+    // 'add-rust-environment-hash-key' is true
+    if (core.getInput("add-rust-environment-hash-key").toLowerCase() == "true") {
+      let keyFiles = await globFiles(".cargo/config.toml\nrust-toolchain\nrust-toolchain.toml");
+      const parsedKeyFiles = []; // keyFiles that are parsed, pre-processed and hashed
 
-    hasher = crypto.createHash("sha1");
+      hasher = crypto.createHash("sha1");
 
-    for (const workspace of workspaces) {
-      const root = workspace.root;
-      keyFiles.push(
-        ...(await globFiles(
-          `${root}/**/.cargo/config.toml\n${root}/**/rust-toolchain\n${root}/**/rust-toolchain.toml`,
-        )),
-      );
+      for (const workspace of workspaces) {
+        const root = workspace.root;
+        keyFiles.push(
+          ...(await globFiles(
+            `${root}/**/.cargo/config.toml\n${root}/**/rust-toolchain\n${root}/**/rust-toolchain.toml`,
+          )),
+        );
 
-      const workspaceMembers = await workspace.getWorkspaceMembers();
+        const workspaceMembers = await workspace.getWorkspaceMembers();
 
-      const cargo_manifests = sort_and_uniq(workspaceMembers.map((member) => path.join(member.path, "Cargo.toml")));
+        const cargo_manifests = sort_and_uniq(workspaceMembers.map((member) => path.join(member.path, "Cargo.toml")));
 
-      for (const cargo_manifest of cargo_manifests) {
-        try {
-          const content = await fs_promises.readFile(cargo_manifest, { encoding: "utf8" });
-          // Use any since TomlPrimitive is not exposed
-          const parsed = toml.parse(content) as { [key: string]: any };
+        for (const cargo_manifest of cargo_manifests) {
+          try {
+            const content = await fs_promises.readFile(cargo_manifest, { encoding: "utf8" });
+            // Use any since TomlPrimitive is not exposed
+            const parsed = toml.parse(content) as { [key: string]: any };
 
-          if ("package" in parsed) {
-            const pack = parsed.package;
-            if ("version" in pack) {
-              pack["version"] = "0.0.0";
-            }
-          }
-
-          for (const prefix of ["", "build-", "dev-"]) {
-            const section_name = `${prefix}dependencies`;
-            if (!(section_name in parsed)) {
-              continue;
-            }
-            const deps = parsed[section_name];
-
-            for (const key of Object.keys(deps)) {
-              const dep = deps[key];
-
-              try {
-                if ("path" in dep) {
-                  dep.version = "0.0.0";
-                  dep.path = "";
-                }
-              } catch (_e) {
-                // Not an object, probably a string (version),
-                // continue.
-                continue;
+            if ("package" in parsed) {
+              const pack = parsed.package;
+              if ("version" in pack) {
+                pack["version"] = "0.0.0";
               }
             }
+
+            for (const prefix of ["", "build-", "dev-"]) {
+              const section_name = `${prefix}dependencies`;
+              if (!(section_name in parsed)) {
+                continue;
+              }
+              const deps = parsed[section_name];
+
+              for (const key of Object.keys(deps)) {
+                const dep = deps[key];
+
+                try {
+                  if ("path" in dep) {
+                    dep.version = "0.0.0";
+                    dep.path = "";
+                  }
+                } catch (_e) {
+                  // Not an object, probably a string (version),
+                  // continue.
+                  continue;
+                }
+              }
+            }
+
+            hasher.update(JSON.stringify(parsed));
+
+            parsedKeyFiles.push(cargo_manifest);
+          } catch (e) {
+            // Fallback to caching them as regular file
+            core.warning(`Error parsing Cargo.toml manifest, fallback to caching entire file: ${e}`);
+            keyFiles.push(cargo_manifest);
           }
-
-          hasher.update(JSON.stringify(parsed));
-
-          parsedKeyFiles.push(cargo_manifest);
-        } catch (e) {
-          // Fallback to caching them as regular file
-          core.warning(`Error parsing Cargo.toml manifest, fallback to caching entire file: ${e}`);
-          keyFiles.push(cargo_manifest);
         }
-      }
 
-      const cargo_lock = path.join(workspace.root, "Cargo.lock");
-      if (await exists(cargo_lock)) {
-        try {
-          const content = await fs_promises.readFile(cargo_lock, { encoding: "utf8" });
-          const parsed = toml.parse(content);
+        const cargo_lock = path.join(workspace.root, "Cargo.lock");
+        if (await exists(cargo_lock)) {
+          try {
+            const content = await fs_promises.readFile(cargo_lock, { encoding: "utf8" });
+            const parsed = toml.parse(content);
 
-          if ((parsed.version !== 3 && parsed.version !== 4) || !("package" in parsed)) {
-            // Fallback to caching them as regular file since this action
-            // can only handle Cargo.lock format version 3
-            core.warning("Unsupported Cargo.lock format, fallback to caching entire file");
+            if ((parsed.version !== 3 && parsed.version !== 4) || !("package" in parsed)) {
+              // Fallback to caching them as regular file since this action
+              // can only handle Cargo.lock format version 3
+              core.warning("Unsupported Cargo.lock format, fallback to caching entire file");
+              keyFiles.push(cargo_lock);
+              continue;
+            }
+
+            // Package without `[[package]].source` and `[[package]].checksum`
+            // are the one with `path = "..."` to crates within the workspace.
+            const packages = (parsed.package as any[]).filter((p: any) => "source" in p || "checksum" in p);
+
+            hasher.update(JSON.stringify(packages));
+
+            parsedKeyFiles.push(cargo_lock);
+          } catch (e) {
+            // Fallback to caching them as regular file
+            core.warning(`Error parsing Cargo.lock manifest, fallback to caching entire file: ${e}`);
             keyFiles.push(cargo_lock);
-            continue;
           }
-
-          // Package without `[[package]].source` and `[[package]].checksum`
-          // are the one with `path = "..."` to crates within the workspace.
-          const packages = (parsed.package as any[]).filter((p: any) => "source" in p || "checksum" in p);
-
-          hasher.update(JSON.stringify(packages));
-
-          parsedKeyFiles.push(cargo_lock);
-        } catch (e) {
-          // Fallback to caching them as regular file
-          core.warning(`Error parsing Cargo.lock manifest, fallback to caching entire file: ${e}`);
-          keyFiles.push(cargo_lock);
         }
       }
-    }
-    keyFiles = sort_and_uniq(keyFiles);
+      keyFiles = sort_and_uniq(keyFiles);
 
-    for (const file of keyFiles) {
-      for await (const chunk of fs.createReadStream(file)) {
-        hasher.update(chunk);
+      for (const file of keyFiles) {
+        for await (const chunk of fs.createReadStream(file)) {
+          hasher.update(chunk);
+        }
       }
+
+      keyFiles.push(...parsedKeyFiles);
+      self.keyFiles = sort_and_uniq(keyFiles);
+
+      let lockHash = digest(hasher);
+      key += `-${lockHash}`;
     }
 
-    let lockHash = digest(hasher);
-
-    keyFiles.push(...parsedKeyFiles);
-    self.keyFiles = sort_and_uniq(keyFiles);
-
-    key += `-${lockHash}`;
     self.cacheKey = key;
 
     self.cachePaths = [path.join(CARGO_HOME, "registry"), path.join(CARGO_HOME, "git")];

src/workspace.ts

@@ -15,7 +15,7 @@ export class Workspace {
       const meta: Meta = JSON.parse(
         await getCmdOutput("cargo", ["metadata", "--all-features", "--format-version", "1", ...extraArgs], {
           cwd: this.root,
-          env: { "CARGO_ENCODED_RUSTFLAGS": "" },
+          env: { ...process.env, "CARGO_ENCODED_RUSTFLAGS": "" },
         }),
       );
       core.debug(`workspace "${this.root}" has ${meta.packages.length} packages`);