Add files via upload

Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com>

.github/dependabot.yml

@@ -0,0 +1,22 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    groups:
+      minor-actions-dependencies:
+        update-types: [minor, patch]
+  
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily" 
+    allow:
+    - dependency-type: direct
+    - dependency-type: production

.github/workflows/5codeql.yml

@@ -0,0 +1,100 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL Advanced"
+
+on:
+  push:
+    branches: [ "main", "Ihtbbs" ]
+  pull_request:
+    branches: [ "main", "Ihtbbs" ]
+  schedule:
+    - cron: '31 15 * * 1'
+
+jobs:
+  analyze:
+    name: Analyze (${{ matrix.language }})
+    # Runner size impacts CodeQL analysis time. To learn more, please see:
+    #   - https://gh.io/recommended-hardware-resources-for-running-codeql
+    #   - https://gh.io/supported-runners-and-hardware-resources
+    #   - https://gh.io/using-larger-runners (GitHub.com only)
+    # Consider using larger runners or machines with greater resources for possible analysis time improvements.
+    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    permissions:
+      # required for all workflows
+      security-events: write
+
+      # required to fetch internal or private CodeQL packs
+      packages: read
+
+      # only required for workflows in private repositories
+      actions: read
+      contents: read
+
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - language: actions
+          build-mode: none
+        - language: javascript-typescript
+          build-mode: none
+        # CodeQL supports the following values keywords for 'language': 'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'
+        # Use `c-cpp` to analyze code written in C, C++ or both
+        # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
+        # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+        # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
+        # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
+        # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
+        # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    # Add any setup steps before running the `github/codeql-action/init` action.
+    # This includes steps like installing compilers or runtimes (`actions/setup-node`
+    # or others). This is typically only required for manual builds.
+    # - name: Setup runtime (example)
+    #   uses: actions/setup-example@v1
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        build-mode: ${{ matrix.build-mode }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+    # If the analyze step fails for one of the languages you are analyzing with
+    # "We were unable to automatically build your code", modify the matrix above
+    # to set the build mode to "manual" for that language. Then modify this step
+    # to build your code.
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+    - if: matrix.build-mode == 'manual'
+      shell: bash
+      run: |
+        echo 'If you are using a "manual" build mode for one or more of the' \
+          'languages you are analyzing, replace this with the commands to build' \
+          'your code, for example:'
+        echo '  make bootstrap'
+        echo '  make release'
+        exit 1
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:${{matrix.language}}"

.github/workflows/check-dist.yml

@@ -15,3 +15,5 @@ jobs:
   call-check-dist:
     name: Check dist/
     uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main
+    with:
+      node-version: "20.x"

.github/workflows/close-inactive-issues.yml

@@ -10,7 +10,7 @@ jobs:
       issues: write
       pull-requests: write
     steps:
-      - uses: actions/stale@v3
+      - uses: actions/stale@v9
         with:
           days-before-issue-stale: 200
           days-before-issue-close: 5

.github/workflows/codeql.yml

@@ -17,11 +17,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       # Override language selection by uncommenting this and choosing your languages
       # with:
       #   languages: go, javascript, csharp, python, cpp, java, ruby
@@ -29,7 +29,7 @@ jobs:
     # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
     # If this step fails, then you should remove it and run the build manually (see below).
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      uses: github/codeql-action/autobuild@v3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -43,4 +43,4 @@ jobs:
     #     make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3

.github/workflows/dependency-review.yml

@@ -0,0 +1,39 @@
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a Pull Request,
+# surfacing known-vulnerable versions of the packages declared or updated in the PR.
+# Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable
+# packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
+name: 'Dependency review'
+on:
+  pull_request:
+    branches: [ "main", "Ihtbbs" ]
+
+# If using a dependency submission action in this workflow this permission will need to be set to:
+#
+# permissions:
+#   contents: write
+#
+# https://docs.github.com/en/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api
+permissions:
+  contents: read
+  # Write permissions for pull-requests are required for using the `comment-summary-in-pr` option, comment out if you aren't using this option
+  pull-requests: write
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout repository'
+        uses: actions/checkout@v4
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v4
+        # Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options.
+        with:
+          comment-summary-in-pr: always
+        #   fail-on-severity: moderate
+        #   deny-licenses: GPL-1.0-or-later, LGPL-2.0-or-later
+        #   retry-on-snapshot-warnings: true

.github/workflows/google.yml

@@ -0,0 +1,116 @@
+# This workflow will build a docker container, publish it to Google Container
+# Registry, and deploy it to GKE when there is a push to the "main"
+# branch.
+#
+# To configure this workflow:
+#
+# 1. Enable the following Google Cloud APIs:
+#
+#    - Artifact Registry (artifactregistry.googleapis.com)
+#    - Google Kubernetes Engine (container.googleapis.com)
+#    - IAM Credentials API (iamcredentials.googleapis.com)
+#
+#    You can learn more about enabling APIs at
+#    https://support.google.com/googleapi/answer/6158841.
+#
+# 2. Ensure that your repository contains the necessary configuration for your
+#    Google Kubernetes Engine cluster, including deployment.yml,
+#    kustomization.yml, service.yml, etc.
+#
+# 3. Create and configure a Workload Identity Provider for GitHub:
+#    https://github.com/google-github-actions/auth#preferred-direct-workload-identity-federation.
+#
+#    Depending on how you authenticate, you will need to grant an IAM principal
+#    permissions on Google Cloud:
+#
+#    - Artifact Registry Administrator (roles/artifactregistry.admin)
+#    - Kubernetes Engine Developer (roles/container.developer)
+#
+#    You can learn more about setting IAM permissions at
+#    https://cloud.google.com/iam/docs/manage-access-other-resources
+#
+# 5. Change the values in the "env" block to match your values.
+
+name: 'Build and Deploy to GKE'
+
+on:
+  push:
+    branches:
+      - '"main"'
+
+env:
+  PROJECT_ID: 'my-project' # TODO: update to your Google Cloud project ID
+  GAR_LOCATION: 'us-central1' # TODO: update to your region
+  GKE_CLUSTER: 'cluster-1' # TODO: update to your cluster name
+  GKE_ZONE: 'us-central1-c' # TODO: update to your cluster zone
+  DEPLOYMENT_NAME: 'gke-test' # TODO: update to your deployment name
+  REPOSITORY: 'samples' # TODO: update to your Artifact Registry docker repository name
+  IMAGE: 'static-site'
+  WORKLOAD_IDENTITY_PROVIDER: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider' # TODO: update to your workload identity provider
+
+jobs:
+  setup-build-publish-deploy:
+    name: 'Setup, Build, Publish, and Deploy'
+    runs-on: 'ubuntu-latest'
+    environment: 'production'
+
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+
+    steps:
+      - name: 'Checkout'
+        uses: 'actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332' # actions/checkout@v4
+
+      # Configure Workload Identity Federation and generate an access token.
+      #
+      # See https://github.com/google-github-actions/auth for more options,
+      # including authenticating via a JSON credentials file.
+      - id: 'auth'
+        name: 'Authenticate to Google Cloud'
+        uses: 'google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2' # google-github-actions/auth@v2
+        with:
+          workload_identity_provider: '${{ env.WORKLOAD_IDENTITY_PROVIDER }}'
+
+      # Authenticate Docker to Google Cloud Artifact Registry
+      - name: 'Docker Auth'
+        uses: 'docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567' # docker/login-action@v3
+        with:
+          username: 'oauth2accesstoken'
+          password: '${{ steps.auth.outputs.auth_token }}'
+          registry: '${{ env.GAR_LOCATION }}-docker.pkg.dev'
+
+      # Get the GKE credentials so we can deploy to the cluster
+      - name: 'Set up GKE credentials'
+        uses: 'google-github-actions/get-gke-credentials@6051de21ad50fbb1767bc93c11357a49082ad116' # google-github-actions/get-gke-credentials@v2
+        with:
+          cluster_name: '${{ env.GKE_CLUSTER }}'
+          location: '${{ env.GKE_ZONE }}'
+
+      # Build the Docker image
+      - name: 'Build and push Docker container'
+        run: |-
+          DOCKER_TAG="${GAR_LOCATION}-docker.pkg.dev/${PROJECT_ID}/${REPOSITORY}/${IMAGE}:${GITHUB_SHA}"
+
+          docker build \
+            --tag "${DOCKER_TAG}" \
+            --build-arg GITHUB_SHA="${GITHUB_SHA}" \
+            --build-arg GITHUB_REF="${GITHUB_REF}" \
+            .
+
+          docker push "${DOCKER_TAG}"
+
+      # Set up kustomize
+      - name: 'Set up Kustomize'
+        run: |-
+          curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.4.3/kustomize_v5.4.3_linux_amd64.tar.gz
+          chmod u+x ./kustomize
+
+      # Deploy the Docker image to the GKE cluster
+      - name: 'Deploy to GKE'
+        run: |-
+          # replacing the image name in the k8s template
+          ./kustomize edit set image LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY/IMAGE:TAG=$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA
+          ./kustomize build . | kubectl apply -f -
+          kubectl rollout status deployment/$DEPLOYMENT_NAME
+          kubectl get services -o wide

.github/workflows/ibm.yml

@@ -0,0 +1,75 @@
+# This workflow will build a docker container, publish it to IBM Container Registry, and deploy it to IKS when there is a push to the "main" branch.
+#
+# To configure this workflow:
+#
+# 1. Ensure that your repository contains a Dockerfile
+# 2. Setup secrets in your repository by going to settings: Create ICR_NAMESPACE and IBM_CLOUD_API_KEY
+# 3. Change the values for the IBM_CLOUD_REGION, REGISTRY_HOSTNAME, IMAGE_NAME, IKS_CLUSTER, DEPLOYMENT_NAME, and PORT
+
+name: Build and Deploy to IKS
+
+on:
+  push:
+    branches: [ "main" ]
+
+# Environment variables available to all jobs and steps in this workflow
+env:
+  GITHUB_SHA: ${{ github.sha }}
+  IBM_CLOUD_API_KEY: ${{ secrets.IBM_CLOUD_API_KEY }}
+  IBM_CLOUD_REGION: us-south
+  ICR_NAMESPACE: ${{ secrets.ICR_NAMESPACE }}
+  REGISTRY_HOSTNAME: us.icr.io
+  IMAGE_NAME: iks-test
+  IKS_CLUSTER: example-iks-cluster-name-or-id
+  DEPLOYMENT_NAME: iks-test
+  PORT: 5001
+
+jobs:
+  setup-build-publish-deploy:
+    name: Setup, Build, Publish, and Deploy
+    runs-on: ubuntu-latest
+    environment: production
+    steps:
+
+    - name: Checkout
+      uses: actions/checkout@v4
+
+    # Download and Install IBM Cloud CLI
+    - name: Install IBM Cloud CLI
+      run: |
+        curl -fsSL https://clis.cloud.ibm.com/install/linux | sh
+        ibmcloud --version
+        ibmcloud config --check-version=false
+        ibmcloud plugin install -f kubernetes-service
+        ibmcloud plugin install -f container-registry
+
+    # Authenticate with IBM Cloud CLI
+    - name: Authenticate with IBM Cloud CLI
+      run: |
+        ibmcloud login --apikey "${IBM_CLOUD_API_KEY}" -r "${IBM_CLOUD_REGION}" -g default
+        ibmcloud cr region-set "${IBM_CLOUD_REGION}"
+        ibmcloud cr login
+
+    # Build the Docker image
+    - name: Build with Docker
+      run: |
+        docker build -t "$REGISTRY_HOSTNAME"/"$ICR_NAMESPACE"/"$IMAGE_NAME":"$GITHUB_SHA" \
+          --build-arg GITHUB_SHA="$GITHUB_SHA" \
+          --build-arg GITHUB_REF="$GITHUB_REF" .
+
+    # Push the image to IBM Container Registry
+    - name: Push the image to ICR
+      run: |
+        docker push $REGISTRY_HOSTNAME/$ICR_NAMESPACE/$IMAGE_NAME:$GITHUB_SHA
+
+    # Deploy the Docker image to the IKS cluster
+    - name: Deploy to IKS
+      run: |
+        ibmcloud ks cluster config --cluster $IKS_CLUSTER
+        kubectl config current-context
+        kubectl create deployment $DEPLOYMENT_NAME --image=$REGISTRY_HOSTNAME/$ICR_NAMESPACE/$IMAGE_NAME:$GITHUB_SHA --dry-run -o yaml > deployment.yaml
+        kubectl apply -f deployment.yaml
+        kubectl rollout status deployment/$DEPLOYMENT_NAME
+        kubectl create service loadbalancer $DEPLOYMENT_NAME --tcp=80:$PORT --dry-run -o yaml > service.yaml
+        kubectl apply -f service.yaml
+        kubectl get services -o wide

.github/workflows/manual.yml

@@ -0,0 +1,32 @@
+# This is a basic workflow that is manually triggered
+
+name: Manual workflow
+
+# Controls when the action will run. Workflow runs when manually triggered using the UI
+# or API.
+on:
+  workflow_dispatch:
+    # Inputs the workflow accepts.
+    inputs:
+      name:
+        # Friendly description to be shown in the UI instead of 'name'
+        description: 'Person to greet'
+        # Default value if no value is explicitly provided
+        default: 'World'
+        # Input has to be provided for the workflow to run
+        required: true
+        # The data type of the input
+        type: string
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "greet"
+  greet:
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+    # Runs a single command using the runners shell
+    - name: Send greeting
+      run: echo "Hello ${{ inputs.name }}"

.github/workflows/npm-publish-github-packages.yml

@@ -0,0 +1,36 @@
+# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
+# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
+
+name: Node.js Package
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - run: npm ci
+      - run: npm test
+
+  publish-gpr:
+    needs: build
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          registry-url: https://npm.pkg.github.com/
+      - run: npm ci
+      - run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}

.github/workflows/npm-publish.yml

@@ -0,0 +1,33 @@
+# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
+# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
+
+name: Node.js Package
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - run: npm ci
+      - run: npm test
+
+  publish-npm:
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          registry-url: https://registry.npmjs.org/
+      - run: npm ci
+      - run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.npm_token}}

.github/workflows/publish-immutable-actions.yml

@@ -0,0 +1,20 @@
+name: 'Publish Immutable Action Version'
+
+on:
+  release:
+    types: [released]
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+      packages: write
+
+    steps:
+      - name: Checking out
+        uses: actions/checkout@v4
+      - name: Publish
+        id: publish
+        uses: actions/publish-immutable-action@0.0.3

.github/workflows/release-new-action-version.yml

@@ -0,0 +1,28 @@
+name: Release new action version
+on:
+  release:
+    types: [released]
+  workflow_dispatch:
+    inputs:
+      TAG_NAME:'Lit2dafit'
+        description: 'Tag name that the major tag will point to'
+        required: true
+
+env:
+  TAG_NAME: ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }}
+permissions:
+  contents: write
+
+jobs:
+  update_tag:
+    name: Update the major tag to include the ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }} changes
+    environment:
+      name: releaseNewActionVersion
+    runs-on: ubuntu-latest
+    steps:
+    - name: Update the ${{ env.TAG_NAME }} tag
+      id: update-major-tag
+      uses: actions/publish-action@v0.3.0
+      with:
+        source-tag: ${{ env.TAG_NAME }}
+        slack-webhook: ${{ secrets.SLACK_WEBHOOK }}

.github/workflows/static.yml

@@ -0,0 +1,43 @@
+# Simple workflow for deploying static content to GitHub Pages
+name: Deploy static content to Pages
+
+on:
+  # Runs on pushes targeting the default branch
+  push:
+    branches: ["main"]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
+# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
+concurrency:
+  group: "pages"
+  cancel-in-progress: false
+
+jobs:
+  # Single deploy job since we're just deploying
+  deploy:
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup Pages
+        uses: actions/configure-pages@v5
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          # Upload entire repository
+          path: '.'
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

.github/workflows/webpack.yml

@@ -0,0 +1,28 @@
+name: NodeJS with Webpack
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [18.x, 20.x, 22.x]
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v4
+      with:
+        node-version: ${{ matrix.node-version }}
+
+    - name: Build
+      run: |
+        npm install
+        npx webpack

.github/workflows/workflow.yml

@@ -20,11 +20,11 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
     - name: Checkout
-      uses: actions/checkout@v3
-    - name: Setup Node.js 16.x
-      uses: actions/setup-node@v3
+      uses: actions/checkout@v4
+    - name: Setup Node.js 20.x
+      uses: actions/setup-node@v4
       with:
-        node-version: 16.x
+        node-version: 20.x
         cache: npm
     - run: npm ci
     - name: Prettier Format Check
@@ -43,7 +43,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
     - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
     - name: Generate files in working directory
       shell: bash
       run: __tests__/create-cache-files.sh ${{ runner.os }} test-cache
@@ -66,7 +66,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
     - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
     - name: Restore cache
       uses: ./
       with:
@@ -96,7 +96,7 @@ jobs:
       https_proxy: http://squid-proxy:3128
     steps:
     - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
     - name: Generate files
       run: __tests__/create-cache-files.sh proxy test-cache
     - name: Save cache
@@ -119,7 +119,7 @@ jobs:
       https_proxy: http://squid-proxy:3128
     steps:
     - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
     - name: Restore cache
       uses: ./
       with:

.licenses/npm/@actions/cache.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@actions/cache"
-version: 4.0.1
+version: 4.0.3
 type: npm
 summary: Actions cache lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/cache

.licenses/npm/commander.dep.yml

@@ -3,7 +3,7 @@ name: commander
 version: 6.2.1
 type: npm
 summary: the complete solution for node.js command-line programs
-homepage: 
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/dot-object.dep.yml

@@ -4,7 +4,7 @@ version: 2.1.5
 type: npm
 summary: dot-object makes it possible to transform and read (JSON) objects using dot
   notation.
-homepage: 
+homepage:
 license: mit
 licenses:
 - sources: MIT-LICENSE

.licenses/npm/fs.realpath.dep.yml

@@ -4,7 +4,7 @@ version: 1.0.0
 type: npm
 summary: Use node's fs.realpath, but fall back to the JS implementation if the native
   one fails
-homepage: 
+homepage:
 license: other
 licenses:
 - sources: LICENSE

.licenses/npm/glob.dep.yml

@@ -3,7 +3,7 @@ name: glob
 version: 7.2.0
 type: npm
 summary: a little globber
-homepage: 
+homepage:
 license: other
 licenses:
 - sources: LICENSE

.licenses/npm/inherits.dep.yml

@@ -3,7 +3,7 @@ name: inherits
 version: 2.0.4
 type: npm
 summary: Browser-friendly inheritance fully compatible with standard node.js inherits()
-homepage: 
+homepage:
 license: isc
 licenses:
 - sources: LICENSE
@@ -25,3 +25,4 @@ licenses:
     PERFORMANCE OF THIS SOFTWARE.
 
 notices: []
+...

.licenses/npm/once.dep.yml

@@ -3,7 +3,7 @@ name: once
 version: 1.4.0
 type: npm
 summary: Run a function exactly one time
-homepage: 
+homepage:
 license: isc
 licenses:
 - sources: LICENSE

.licenses/npm/path-is-absolute.dep.yml

@@ -3,7 +3,7 @@ name: path-is-absolute
 version: 1.0.1
 type: npm
 summary: Node.js 0.12 path.isAbsolute() ponyfill
-homepage: 
+homepage:
 license: mit
 licenses:
 - sources: license

.licenses/npm/path-to-regexp.dep.yml

@@ -3,7 +3,7 @@ name: path-to-regexp
 version: 6.3.0
 type: npm
 summary: Express style path to RegExp utility
-homepage: 
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/ts-poet.dep.yml

@@ -3,7 +3,7 @@ name: ts-poet
 version: 4.15.0
 type: npm
 summary: code generation DSL for TypeScript
-homepage: 
+homepage:
 license: apache-2.0
 licenses:
 - sources: LICENSE.txt
@@ -213,3 +213,4 @@ licenses:
        limitations under the License.
 
 notices: []
+...

.licenses/npm/twirp-ts.dep.yml

@@ -3,7 +3,7 @@ name: twirp-ts
 version: 2.5.0
 type: npm
 summary: Typescript implementation of the Twirp protocol
-homepage: 
+homepage:
 license: mit
 licenses:
 - sources: README.md

.licenses/npm/typescript.dep.yml

@@ -132,7 +132,7 @@ notices:
     Hejlsberg\r\n - Anders Kaseorg\r\n - Andre Sutherland\r\n - Andreas Martin\r\n
     - Andrej Baran\r\n - Andrew\r\n - Andrew Branch\r\n - Andrew Casey\r\n - Andrew
     Faulkner\r\n - Andrew Ochsner\r\n - Andrew Stegmaier\r\n - Andrew Z Allen\r\n
-    - Andrey Roenko\r\n - Andrii Dieiev\r\n - András Parditka\r\n - Andy Hanson\r\n
+    - Andrey Roenko\r\n - Andrii Dieiev\r\n - Andr??s Parditka\r\n - Andy Hanson\r\n
     - Anil Anar\r\n - Anix\r\n - Anton Khlynovskiy\r\n - Anton Tolmachev\r\n - Anubha
     Mathur\r\n - AnyhowStep\r\n - Armando Aguirre\r\n - Arnaud Tournier\r\n - Arnav
     Singh\r\n - Arpad Borsos\r\n - Artem Tyurin\r\n - Arthur Ozga\r\n - Asad Saeeduddin\r\n
@@ -149,29 +149,29 @@ notices:
     - Colin Snover\r\n - Collins Abitekaniza\r\n - Connor Clark\r\n - Cotton Hou\r\n
     - csigs\r\n - Cyrus Najmabadi\r\n - Dafrok Zhang\r\n - Dahan Gong\r\n - Daiki
     Nishikawa\r\n - Dan Corder\r\n - Dan Freeman\r\n - Dan Quirk\r\n - Dan Rollo\r\n
-    - Daniel Gooss\r\n - Daniel Imms\r\n - Daniel Krom\r\n - Daniel Król\r\n - Daniel
+    - Daniel Gooss\r\n - Daniel Imms\r\n - Daniel Krom\r\n - Daniel Kr??l\r\n - Daniel
     Lehenbauer\r\n - Daniel Rosenwasser\r\n - David Li\r\n - David Sheldrick\r\n -
     David Sherret\r\n - David Souther\r\n - David Staheli\r\n - Denis Nedelyaev\r\n
     - Derek P Sifford\r\n - Dhruv Rajvanshi\r\n - Dick van den Brink\r\n - Diogo Franco
-    (Kovensky)\r\n - Dirk Bäumer\r\n - Dirk Holtwick\r\n - Dmitrijs Minajevs\r\n -
-    Dom Chen\r\n - Donald Pipowitch\r\n - Doug Ilijev\r\n - dreamran43@gmail.com\r\n
+    (Kovensky)\r\n - Dirk B??umer\r\n - Dirk Holtwick\r\n - Dmitrijs Minajevs\r\n
+    - Dom Chen\r\n - Donald Pipowitch\r\n - Doug Ilijev\r\n - dreamran43@gmail.com\r\n
     - @e-cloud\r\n - Ecole Keine\r\n - Eddie Jaoude\r\n - Edward Thomson\r\n - EECOLOR\r\n
     - Eli Barzilay\r\n - Elizabeth Dinella\r\n - Ely Alamillo\r\n - Eric Grube\r\n
     - Eric Tsang\r\n - Erik Edrosa\r\n - Erik McClenney\r\n - Esakki Raj\r\n - Ethan
     Resnick\r\n - Ethan Rubio\r\n - Eugene Timokhov\r\n - Evan Cahill\r\n - Evan Martin\r\n
     - Evan Sebastian\r\n - ExE Boss\r\n - Eyas Sharaiha\r\n - Fabian Cook\r\n - @falsandtru\r\n
     - Filipe Silva\r\n - @flowmemo\r\n - Forbes Lindesay\r\n - Francois Hendriks\r\n
-    - Francois Wouts\r\n - Frank Wallis\r\n - František Žiacik\r\n - Frederico Bittencourt\r\n
+    - Francois Wouts\r\n - Frank Wallis\r\n - Franti??ek ??iacik\r\n - Frederico Bittencourt\r\n
     - fullheightcoding\r\n - Gabe Moothart\r\n - Gabriel Isenberg\r\n - Gabriela Araujo
     Britto\r\n - Gabriela Britto\r\n - gb714us\r\n - Gilad Peleg\r\n - Godfrey Chan\r\n
-    - Gorka Hernández Estomba\r\n - Graeme Wicksted\r\n - Guillaume Salles\r\n - Guy
-    Bedford\r\n - hafiz\r\n - Halasi Tamás\r\n - Hendrik Liebau\r\n - Henry Mercer\r\n
+    - Gorka Hern??ndez Estomba\r\n - Graeme Wicksted\r\n - Guillaume Salles\r\n -
+    Guy Bedford\r\n - hafiz\r\n - Halasi Tam??s\r\n - Hendrik Liebau\r\n - Henry Mercer\r\n
     - Herrington Darkholme\r\n - Hoang Pham\r\n - Holger Jeromin\r\n - Homa Wong\r\n
     - Hye Sung Jung\r\n - Iain Monro\r\n - @IdeaHunter\r\n - Igor Novozhilov\r\n -
     Igor Oleinikov\r\n - Ika\r\n - iliashkolyar\r\n - IllusionMH\r\n - Ingvar Stepanyan\r\n
     - Ingvar Stepanyan\r\n - Isiah Meadows\r\n - ispedals\r\n - Ivan Enderlin\r\n
     - Ivo Gabe de Wolff\r\n - Iwata Hidetaka\r\n - Jack Bates\r\n - Jack Williams\r\n
-    - Jake Boone\r\n - Jakub Korzeniowski\r\n - Jakub Młokosiewicz\r\n - James Henry\r\n
+    - Jake Boone\r\n - Jakub Korzeniowski\r\n - Jakub M??okosiewicz\r\n - James Henry\r\n
     - James Keane\r\n - James Whitney\r\n - Jan Melcher\r\n - Jason Freeman\r\n -
     Jason Jarrett\r\n - Jason Killian\r\n - Jason Ramsay\r\n - JBerger\r\n - Jean
     Pierre\r\n - Jed Mao\r\n - Jeff Wilcox\r\n - Jeffrey Morlan\r\n - Jesse Schalken\r\n
@@ -180,60 +180,60 @@ notices:
     - John Vilk\r\n - Jonathan Bond-Caron\r\n - Jonathan Park\r\n - Jonathan Toland\r\n
     - Jordan Harband\r\n - Jordi Oliveras Rovira\r\n - Joscha Feth\r\n - Joseph Wunderlich\r\n
     - Josh Abernathy\r\n - Josh Goldberg\r\n - Josh Kalderimis\r\n - Josh Soref\r\n
-    - Juan Luis Boya García\r\n - Julian Williams\r\n - Justin Bay\r\n - Justin Johansson\r\n
-    - jwbay\r\n - K. Preißer\r\n - Kagami Sascha Rosylight\r\n - Kanchalai Tanglertsampan\r\n
-    - karthikkp\r\n - Kate Miháliková\r\n - Keen Yee Liau\r\n - Keith Mashinter\r\n
+    - Juan Luis Boya Garc??a\r\n - Julian Williams\r\n - Justin Bay\r\n - Justin Johansson\r\n
+    - jwbay\r\n - K. Prei??er\r\n - Kagami Sascha Rosylight\r\n - Kanchalai Tanglertsampan\r\n
+    - karthikkp\r\n - Kate Mih??likov??\r\n - Keen Yee Liau\r\n - Keith Mashinter\r\n
     - Ken Howard\r\n - Kenji Imamula\r\n - Kerem Kat\r\n - Kevin Donnelly\r\n - Kevin
-    Gibbons\r\n - Kevin Lang\r\n - Khải\r\n - Kitson Kelly\r\n - Klaus Meinhardt\r\n
-    - Kris Zyp\r\n - Kyle Kelley\r\n - Kārlis Gaņģis\r\n - laoxiong\r\n - Leon Aves\r\n
-    - Limon Monte\r\n - Lorant Pinter\r\n - Lucien Greathouse\r\n - Luka Hartwig\r\n
-    - Lukas Elmer\r\n - M.Yoshimura\r\n - Maarten Sijm\r\n - Magnus Hiie\r\n - Magnus
-    Kulke\r\n - Manish Bansal\r\n - Manish Giri\r\n - Marcus Noble\r\n - Marin Marinov\r\n
-    - Marius Schulz\r\n - Markus Johnsson\r\n - Markus Wolf\r\n - Martin\r\n - Martin
-    Hiller\r\n - Martin Johns\r\n - Martin Probst\r\n - Martin Vseticka\r\n - Martyn
-    Janes\r\n - Masahiro Wakame\r\n - Mateusz Burzyński\r\n - Matt Bierner\r\n - Matt
-    McCutchen\r\n - Matt Mitchell\r\n - Matthew Aynalem\r\n - Matthew Miller\r\n -
-    Mattias Buelens\r\n - Max Heiber\r\n - Maxwell Paul Brickner\r\n - @meyer\r\n
-    - Micah Zoltu\r\n - @micbou\r\n - Michael\r\n - Michael Crane\r\n - Michael Henderson\r\n
-    - Michael Tamm\r\n - Michael Tang\r\n - Michal Przybys\r\n - Mike Busyrev\r\n
-    - Mike Morearty\r\n - Milosz Piechocki\r\n - Mine Starks\r\n - Minh Nguyen\r\n
-    - Mohamed Hegazy\r\n - Mohsen Azimi\r\n - Mukesh Prasad\r\n - Myles Megyesi\r\n
-    - Nathan Day\r\n - Nathan Fenner\r\n - Nathan Shively-Sanders\r\n - Nathan Yee\r\n
-    - ncoley\r\n - Nicholas Yang\r\n - Nicu Micleușanu\r\n - @nieltg\r\n - Nima Zahedi\r\n
-    - Noah Chen\r\n - Noel Varanda\r\n - Noel Yoo\r\n - Noj Vek\r\n - nrcoley\r\n
-    - Nuno Arruda\r\n - Oleg Mihailik\r\n - Oleksandr Chekhovskyi\r\n - Omer Sheikh\r\n
-    - Orta Therox\r\n - Orta Therox\r\n - Oskar Grunning\r\n - Oskar Segersva¨rd\r\n
-    - Oussama Ben Brahim\r\n - Ozair Patel\r\n - Patrick McCartney\r\n - Patrick Zhong\r\n
-    - Paul Koerbitz\r\n - Paul van Brenk\r\n - @pcbro\r\n - Pedro Maltez\r\n - Pete
-    Bacon Darwin\r\n - Peter Burns\r\n - Peter Šándor\r\n - Philip Pesca\r\n - Philippe
-    Voinov\r\n - Pi Lanningham\r\n - Piero Cangianiello\r\n - Pierre-Antoine Mills\r\n
-    - @piloopin\r\n - Pranav Senthilnathan\r\n - Prateek Goel\r\n - Prateek Nayak\r\n
-    - Prayag Verma\r\n - Priyantha Lankapura\r\n - @progre\r\n - Punya Biswal\r\n
-    - r7kamura\r\n - Rado Kirov\r\n - Raj Dosanjh\r\n - rChaser53\r\n - Reiner Dolp\r\n
-    - Remo H. Jansen\r\n - @rflorian\r\n - Rhys van der Waerden\r\n - @rhysd\r\n -
-    Ricardo N Feliciano\r\n - Richard Karmazín\r\n - Richard Knoll\r\n - Roger Spratley\r\n
-    - Ron Buckton\r\n - Rostislav Galimsky\r\n - Rowan Wyborn\r\n - rpgeeganage\r\n
-    - Ruwan Pradeep Geeganage\r\n - Ryan Cavanaugh\r\n - Ryan Clarke\r\n - Ryohei
-    Ikegami\r\n - Salisbury, Tom\r\n - Sam Bostock\r\n - Sam Drugan\r\n - Sam El-Husseini\r\n
-    - Sam Lanning\r\n - Sangmin Lee\r\n - Sanket Mishra\r\n - Sarangan Rajamanickam\r\n
-    - Sasha Joseph\r\n - Sean Barag\r\n - Sergey Rubanov\r\n - Sergey Shandar\r\n
-    - Sergey Tychinin\r\n - Sergii Bezliudnyi\r\n - Sergio Baidon\r\n - Sharon Rolel\r\n
-    - Sheetal Nandi\r\n - Shengping Zhong\r\n - Sheon Han\r\n - Shyyko Serhiy\r\n
-    - Siddharth Singh\r\n - sisisin\r\n - Slawomir Sadziak\r\n - Solal Pirelli\r\n
-    - Soo Jae Hwang\r\n - Stan Thomas\r\n - Stanislav Iliev\r\n - Stanislav Sysoev\r\n
-    - Stas Vilchik\r\n - Stephan Ginthör\r\n - Steve Lucco\r\n - @styfle\r\n - Sudheesh
-    Singanamalla\r\n - Suhas\r\n - Suhas Deshpande\r\n - superkd37\r\n - Sébastien
-    Arod\r\n - @T18970237136\r\n - @t_\r\n - Tan Li Hau\r\n - Tapan Prakash\r\n -
-    Taras Mankovski\r\n - Tarik Ozket\r\n - Tetsuharu Ohzeki\r\n - The Gitter Badger\r\n
-    - Thomas den Hollander\r\n - Thorsten Ball\r\n - Tien Hoanhtien\r\n - Tim Lancina\r\n
-    - Tim Perry\r\n - Tim Schaub\r\n - Tim Suchanek\r\n - Tim Viiding-Spader\r\n -
-    Tingan Ho\r\n - Titian Cernicova-Dragomir\r\n - tkondo\r\n - Todd Thomson\r\n
-    - togru\r\n - Tom J\r\n - Torben Fitschen\r\n - Toxyxer\r\n - @TravCav\r\n - Troy
-    Tae\r\n - TruongSinh Tran-Nguyen\r\n - Tycho Grouwstra\r\n - uhyo\r\n - Vadi Taslim\r\n
-    - Vakhurin Sergey\r\n - Valera Rozuvan\r\n - Vilic Vane\r\n - Vimal Raghubir\r\n
-    - Vladimir Kurchatkin\r\n - Vladimir Matveev\r\n - Vyacheslav Pukhanov\r\n - Wenlu
-    Wang\r\n - Wes Souza\r\n - Wesley Wigham\r\n - William Orr\r\n - Wilson Hobbs\r\n
-    - xiaofa\r\n - xl1\r\n - Yacine Hmito\r\n - Yang Cao\r\n - York Yao\r\n - @yortus\r\n
-    - Yoshiki Shibukawa\r\n - Yuichi Nukiyama\r\n - Yuval Greenfield\r\n - Yuya Tanaka\r\n
-    - Z\r\n - Zeeshan Ahmed\r\n - Zev Spitz\r\n - Zhengbo Li\r\n - Zixiang Li\r\n
-    - @Zzzen\r\n - 阿卡琳"
+    Gibbons\r\n - Kevin Lang\r\n - Kh???i\r\n - Kitson Kelly\r\n - Klaus Meinhardt\r\n
+    - Kris Zyp\r\n - Kyle Kelley\r\n - K??rlis Ga????is\r\n - laoxiong\r\n - Leon
+    Aves\r\n - Limon Monte\r\n - Lorant Pinter\r\n - Lucien Greathouse\r\n - Luka
+    Hartwig\r\n - Lukas Elmer\r\n - M.Yoshimura\r\n - Maarten Sijm\r\n - Magnus Hiie\r\n
+    - Magnus Kulke\r\n - Manish Bansal\r\n - Manish Giri\r\n - Marcus Noble\r\n -
+    Marin Marinov\r\n - Marius Schulz\r\n - Markus Johnsson\r\n - Markus Wolf\r\n
+    - Martin\r\n - Martin Hiller\r\n - Martin Johns\r\n - Martin Probst\r\n - Martin
+    Vseticka\r\n - Martyn Janes\r\n - Masahiro Wakame\r\n - Mateusz Burzy??ski\r\n
+    - Matt Bierner\r\n - Matt McCutchen\r\n - Matt Mitchell\r\n - Matthew Aynalem\r\n
+    - Matthew Miller\r\n - Mattias Buelens\r\n - Max Heiber\r\n - Maxwell Paul Brickner\r\n
+    - @meyer\r\n - Micah Zoltu\r\n - @micbou\r\n - Michael\r\n - Michael Crane\r\n
+    - Michael Henderson\r\n - Michael Tamm\r\n - Michael Tang\r\n - Michal Przybys\r\n
+    - Mike Busyrev\r\n - Mike Morearty\r\n - Milosz Piechocki\r\n - Mine Starks\r\n
+    - Minh Nguyen\r\n - Mohamed Hegazy\r\n - Mohsen Azimi\r\n - Mukesh Prasad\r\n
+    - Myles Megyesi\r\n - Nathan Day\r\n - Nathan Fenner\r\n - Nathan Shively-Sanders\r\n
+    - Nathan Yee\r\n - ncoley\r\n - Nicholas Yang\r\n - Nicu Micleu??anu\r\n - @nieltg\r\n
+    - Nima Zahedi\r\n - Noah Chen\r\n - Noel Varanda\r\n - Noel Yoo\r\n - Noj Vek\r\n
+    - nrcoley\r\n - Nuno Arruda\r\n - Oleg Mihailik\r\n - Oleksandr Chekhovskyi\r\n
+    - Omer Sheikh\r\n - Orta Therox\r\n - Orta Therox\r\n - Oskar Grunning\r\n - Oskar
+    Segersva??rd\r\n - Oussama Ben Brahim\r\n - Ozair Patel\r\n - Patrick McCartney\r\n
+    - Patrick Zhong\r\n - Paul Koerbitz\r\n - Paul van Brenk\r\n - @pcbro\r\n - Pedro
+    Maltez\r\n - Pete Bacon Darwin\r\n - Peter Burns\r\n - Peter ????ndor\r\n - Philip
+    Pesca\r\n - Philippe Voinov\r\n - Pi Lanningham\r\n - Piero Cangianiello\r\n -
+    Pierre-Antoine Mills\r\n - @piloopin\r\n - Pranav Senthilnathan\r\n - Prateek
+    Goel\r\n - Prateek Nayak\r\n - Prayag Verma\r\n - Priyantha Lankapura\r\n - @progre\r\n
+    - Punya Biswal\r\n - r7kamura\r\n - Rado Kirov\r\n - Raj Dosanjh\r\n - rChaser53\r\n
+    - Reiner Dolp\r\n - Remo H. Jansen\r\n - @rflorian\r\n - Rhys van der Waerden\r\n
+    - @rhysd\r\n - Ricardo N Feliciano\r\n - Richard Karmaz??n\r\n - Richard Knoll\r\n
+    - Roger Spratley\r\n - Ron Buckton\r\n - Rostislav Galimsky\r\n - Rowan Wyborn\r\n
+    - rpgeeganage\r\n - Ruwan Pradeep Geeganage\r\n - Ryan Cavanaugh\r\n - Ryan Clarke\r\n
+    - Ryohei Ikegami\r\n - Salisbury, Tom\r\n - Sam Bostock\r\n - Sam Drugan\r\n -
+    Sam El-Husseini\r\n - Sam Lanning\r\n - Sangmin Lee\r\n - Sanket Mishra\r\n -
+    Sarangan Rajamanickam\r\n - Sasha Joseph\r\n - Sean Barag\r\n - Sergey Rubanov\r\n
+    - Sergey Shandar\r\n - Sergey Tychinin\r\n - Sergii Bezliudnyi\r\n - Sergio Baidon\r\n
+    - Sharon Rolel\r\n - Sheetal Nandi\r\n - Shengping Zhong\r\n - Sheon Han\r\n -
+    Shyyko Serhiy\r\n - Siddharth Singh\r\n - sisisin\r\n - Slawomir Sadziak\r\n -
+    Solal Pirelli\r\n - Soo Jae Hwang\r\n - Stan Thomas\r\n - Stanislav Iliev\r\n
+    - Stanislav Sysoev\r\n - Stas Vilchik\r\n - Stephan Ginth??r\r\n - Steve Lucco\r\n
+    - @styfle\r\n - Sudheesh Singanamalla\r\n - Suhas\r\n - Suhas Deshpande\r\n -
+    superkd37\r\n - S??bastien Arod\r\n - @T18970237136\r\n - @t_\r\n - Tan Li Hau\r\n
+    - Tapan Prakash\r\n - Taras Mankovski\r\n - Tarik Ozket\r\n - Tetsuharu Ohzeki\r\n
+    - The Gitter Badger\r\n - Thomas den Hollander\r\n - Thorsten Ball\r\n - Tien
+    Hoanhtien\r\n - Tim Lancina\r\n - Tim Perry\r\n - Tim Schaub\r\n - Tim Suchanek\r\n
+    - Tim Viiding-Spader\r\n - Tingan Ho\r\n - Titian Cernicova-Dragomir\r\n - tkondo\r\n
+    - Todd Thomson\r\n - togru\r\n - Tom J\r\n - Torben Fitschen\r\n - Toxyxer\r\n
+    - @TravCav\r\n - Troy Tae\r\n - TruongSinh Tran-Nguyen\r\n - Tycho Grouwstra\r\n
+    - uhyo\r\n - Vadi Taslim\r\n - Vakhurin Sergey\r\n - Valera Rozuvan\r\n - Vilic
+    Vane\r\n - Vimal Raghubir\r\n - Vladimir Kurchatkin\r\n - Vladimir Matveev\r\n
+    - Vyacheslav Pukhanov\r\n - Wenlu Wang\r\n - Wes Souza\r\n - Wesley Wigham\r\n
+    - William Orr\r\n - Wilson Hobbs\r\n - xiaofa\r\n - xl1\r\n - Yacine Hmito\r\n
+    - Yang Cao\r\n - York Yao\r\n - @yortus\r\n - Yoshiki Shibukawa\r\n - Yuichi Nukiyama\r\n
+    - Yuval Greenfield\r\n - Yuya Tanaka\r\n - Z\r\n - Zeeshan Ahmed\r\n - Zev Spitz\r\n
+    - Zhengbo Li\r\n - Zixiang Li\r\n - @Zzzen\r\n - ?????????"

.licenses/npm/uuid.dep.yml

@@ -3,7 +3,7 @@ name: uuid
 version: 8.3.2
 type: npm
 summary: RFC4122 (v1, v4, and v5) UUIDs
-homepage: 
+homepage:
 license: mit
 licenses:
 - sources: LICENSE.md

LICENSE

@@ -1,22 +1,28 @@
+BSD 3-Clause License
 
-The MIT License (MIT)
+Copyright (c) 2025, DIMVY clothing brand 
 
-Copyright (c) 2018 GitHub, Inc. and contributors
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
 
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
 
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

@@ -1,338 +1,58 @@
-# Cache action
+# Dimvy-Clothing-brand/cache
 
-This action allows caching dependencies and build outputs to improve workflow execution time.
+Cache dependencies and build outputs in GitHub Actions.
 
->Two other actions are available in addition to the primary `cache` action:
->
->* [Restore action](./restore/README.md)
->* [Save action](./save/README.md)
+## Table of Contents
 
-[![Tests](https://github.com/actions/cache/actions/workflows/workflow.yml/badge.svg)](https://github.com/actions/cache/actions/workflows/workflow.yml)
+- [Overview](#overview)
+- [Features](#features)
+- [Installation](#installation)
+- [Usage](#usage)
+- [Contributing](#contributing)
+- [License](#license)
 
-## Documentation
+## Overview
 
-See ["Caching dependencies to speed up workflows"](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows).
+This repository provides a solution for caching dependencies and build outputs in GitHub Actions. By caching these outputs, you can significantly speed up your CI/CD workflows.
 
-## What's New
+## Features
 
-### ⚠️ Important changes
+- **TypeScript**: 98%
+- **Shell**: 1.1%
+- **JavaScript**: 0.9%
 
-The cache backend service has been rewritten from the ground up for improved performance and reliability. [actions/cache](https://github.com/actions/cache) now integrates with the new cache service (v2) APIs.
+## Installation
 
-The new service will gradually roll out as of **February 1st, 2025**. The legacy service will also be sunset on the same date. Changes in these release are **fully backward compatible**.
-
-**We are deprecating some versions of this action**. We recommend upgrading to version `v4` or `v3` as soon as possible before **February 1st, 2025.** (Upgrade instructions below).
-
-If you are using pinned SHAs, please use the SHAs of versions `v4.2.0` or `v3.4.0`
-
-If you do not upgrade, all workflow runs using any of the deprecated [actions/cache](https://github.com/actions/cache) will fail.
-
-Upgrading to the recommended versions will not break your workflows.
-
-Read more about the change & access the migration guide: [reference to the announcement](https://github.com/actions/cache/discussions/1510).
-
-### v3
-
-* Integrated with the new cache service (v2) APIs.
-* Added support for caching in GHES 3.5+.
-* Fixed download issue for files > 2GB during restore.
-* Updated the minimum runner version support from node 12 -> node 16.
-* Fixed avoiding empty cache save when no files are available for caching.
-* Fixed tar creation error while trying to create tar with path as `~/` home folder on `ubuntu-latest`.
-* Fixed zstd failing on amazon linux 2.0 runners.
-* Fixed cache not working with github workspace directory or current directory.
-* Fixed the download stuck problem by introducing a timeout of 1 hour for cache downloads.
-* Fix zstd not working for windows on gnu tar in issues.
-* Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable `SEGMENT_DOWNLOAD_TIMEOUT_MINS`. Default is 10 minutes.
-* New actions are available for granular control over caches - [restore](restore/action.yml) and [save](save/action.yml).
-* Support cross-os caching as an opt-in feature. See [Cross OS caching](./tips-and-workarounds.md#cross-os-cache) for more info.
-* Added option to fail job on cache miss. See [Exit workflow on cache miss](./restore/README.md#exit-workflow-on-cache-miss) for more info.
-* Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners
-* Added option to lookup cache without downloading it.
-* Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck.
-
-See the [v2 README.md](https://github.com/actions/cache/blob/v2/README.md) for older updates.
+To use this caching solution in your GitHub Actions workflows, you need to add the appropriate configuration to your workflow YAML files.
 
 ## Usage
 
-### Pre-requisites
-
-Create a workflow `.yml` file in your repository's `.github/workflows` directory. An [example workflow](#example-cache-workflow) is available below. For more information, see the GitHub Help Documentation for [Creating a workflow file](https://help.github.com/en/articles/configuring-a-workflow#creating-a-workflow-file).
-
-If you are using this inside a container, a POSIX-compliant `tar` needs to be included and accessible from the execution path.
-
-If you are using a `self-hosted` Windows runner, `GNU tar` and `zstd` are required for [Cross-OS caching](https://github.com/actions/cache/blob/main/tips-and-workarounds.md#cross-os-cache) to work. They are also recommended to be installed in general so the performance is on par with `hosted` Windows runners.
-
-### Inputs
-
-* `key` - An explicit key for a cache entry. See [creating a cache key](#creating-a-cache-key).
-* `path` - A list of files, directories, and wildcard patterns to cache and restore. See [`@actions/glob`](https://github.com/actions/toolkit/tree/main/packages/glob) for supported patterns.
-* `restore-keys` - An ordered list of prefix-matched keys to use for restoring stale cache if no cache hit occurred for key.
-* `enableCrossOsArchive` - An optional boolean when enabled, allows Windows runners to save or restore caches that can be restored or saved respectively on other platforms. Default: `false`
-* `fail-on-cache-miss` - Fail the workflow if cache entry is not found. Default: `false`
-* `lookup-only` - If true, only checks if cache entry exists and skips download. Does not change save cache behavior. Default: `false`
-
-#### Environment Variables
-
-* `SEGMENT_DOWNLOAD_TIMEOUT_MINS` - Segment download timeout (in minutes, default `10`) to abort download of the segment if not completed in the defined number of minutes. [Read more](https://github.com/actions/cache/blob/main/tips-and-workarounds.md#cache-segment-restore-timeout)
-
-### Outputs
-
-* `cache-hit` - A boolean value to indicate an exact match was found for the key.
-
-    > **Note** `cache-hit` will only be set to `true` when a cache hit occurs for the exact `key` match. For a partial key match via `restore-keys` or a cache miss, it will be set to `false`.
-
-See [Skipping steps based on cache-hit](#skipping-steps-based-on-cache-hit) for info on using this output
-
-### Cache scopes
-
-The cache is scoped to the key, [version](#cache-version), and branch. The default branch cache is available to other branches.
-
-See [Matching a cache key](https://help.github.com/en/actions/configuring-and-managing-workflows/caching-dependencies-to-speed-up-workflows#matching-a-cache-key) for more info.
-
-### Example cache workflow
-
-#### Restoring and saving cache using a single action
+Here's an example of how to use this caching solution in a GitHub Actions workflow:
 
 ```yaml
-name: Caching Primes
+name: CI
 
-on: push
+on: [push, pull_request]
 
 jobs:
   build:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v2
 
-    - name: Cache Primes
-      id: cache-primes
-      uses: actions/cache@v3
+    - name: Set up Node.js
+      uses: actions/setup-node@v2
       with:
-        path: prime-numbers
-        key: ${{ runner.os }}-primes
+        node-version: '14'
 
-    - name: Generate Prime Numbers
-      if: steps.cache-primes.outputs.cache-hit != 'true'
-      run: /generate-primes.sh -d prime-numbers
-
-    - name: Use Prime Numbers
-      run: /primes.sh -d prime-numbers
-```
-
-The `cache` action provides a `cache-hit` output which is set to `true` when the cache is restored using the primary `key` and `false` when the cache is restored using `restore-keys` or no cache is restored.
-
-#### Using a combination of restore and save actions
-
-```yaml
-name: Caching Primes
-
-on: push
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Restore cached Primes
-      id: cache-primes-restore
-      uses: actions/cache/restore@v3
+    - name: Cache dependencies
+      uses: actions/cache@v2
       with:
-        path: |
-          path/to/dependencies
-          some/other/dependencies
-        key: ${{ runner.os }}-primes
-    .
-    . //intermediate workflow steps
-    .
-    - name: Save Primes
-      id: cache-primes-save
-      uses: actions/cache/save@v3
-      with:
-        path: |
-          path/to/dependencies
-          some/other/dependencies
-        key: ${{ steps.cache-primes-restore.outputs.cache-primary-key }}
-```
+        path: ~/.npm
+        key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+        restore-keys: |
+          ${{ runner.os }}-node-
 
-> **Note**
-> You must use the `cache` or `restore` action in your workflow before you need to use the files that might be restored from the cache. If the provided `key` matches an existing cache, a new cache is not created and if the provided `key` doesn't match an existing cache, a new cache is automatically created provided the job completes successfully.
-
-## Caching Strategies
-
-With the introduction of the `restore` and `save` actions, a lot of caching use cases can now be achieved. Please see the [caching strategies](./caching-strategies.md) document for understanding how you can use the actions strategically to achieve the desired goal.
-
-## Implementation Examples
-
-Every programming language and framework has its own way of caching.
-
-See [Examples](examples.md) for a list of `actions/cache` implementations for use with:
-
-* [C# - NuGet](./examples.md#c---nuget)
-* [Clojure - Lein Deps](./examples.md#clojure---lein-deps)
-* [D - DUB](./examples.md#d---dub)
-* [Deno](./examples.md#deno)
-* [Elixir - Mix](./examples.md#elixir---mix)
-* [Go - Modules](./examples.md#go---modules)
-* [Haskell - Cabal](./examples.md#haskell---cabal)
-* [Haskell - Stack](./examples.md#haskell---stack)
-* [Java - Gradle](./examples.md#java---gradle)
-* [Java - Maven](./examples.md#java---maven)
-* [Node - npm](./examples.md#node---npm)
-* [Node - Lerna](./examples.md#node---lerna)
-* [Node - Yarn](./examples.md#node---yarn)
-* [OCaml/Reason - esy](./examples.md#ocamlreason---esy)
-* [PHP - Composer](./examples.md#php---composer)
-* [Python - pip](./examples.md#python---pip)
-* [Python - pipenv](./examples.md#python---pipenv)
-* [R - renv](./examples.md#r---renv)
-* [Ruby - Bundler](./examples.md#ruby---bundler)
-* [Rust - Cargo](./examples.md#rust---cargo)
-* [Scala - SBT](./examples.md#scala---sbt)
-* [Swift, Objective-C - Carthage](./examples.md#swift-objective-c---carthage)
-* [Swift, Objective-C - CocoaPods](./examples.md#swift-objective-c---cocoapods)
-* [Swift - Swift Package Manager](./examples.md#swift---swift-package-manager)
-* [Swift - Mint](./examples.md#swift---mint)
-
-## Creating a cache key
-
-A cache key can include any of the contexts, functions, literals, and operators supported by GitHub Actions.
-
-For example, using the [`hashFiles`](https://docs.github.com/en/actions/learn-github-actions/expressions#hashfiles) function allows you to create a new cache when dependencies change.
-
-```yaml
-  - uses: actions/cache@v3
-    with:
-      path: |
-        path/to/dependencies
-        some/other/dependencies
-      key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }}
-```
-
-Additionally, you can use arbitrary command output in a cache key, such as a date or software version:
-
-```yaml
-  # http://man7.org/linux/man-pages/man1/date.1.html
-  - name: Get Date
-    id: get-date
-    run: |
-      echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT
-    shell: bash
-
-  - uses: actions/cache@v3
-    with:
-      path: path/to/dependencies
-      key: ${{ runner.os }}-${{ steps.get-date.outputs.date }}-${{ hashFiles('**/lockfiles') }}
-```
-
-See [Using contexts to create cache keys](https://help.github.com/en/actions/configuring-and-managing-workflows/caching-dependencies-to-speed-up-workflows#using-contexts-to-create-cache-keys)
-
-## Cache Limits
-
-A repository can have up to 10GB of caches. Once the 10GB limit is reached, older caches will be evicted based on when the cache was last accessed.  Caches that are not accessed within the last week will also be evicted.
-
-## Skipping steps based on cache-hit
-
-Using the `cache-hit` output, subsequent steps (such as install or build) can be skipped when a cache hit occurs on the key.  It is recommended to install missing/updated dependencies in case of a partial key match when the key is dependent on the `hash` of the package file.
-
-Example:
-
-```yaml
-steps:
-  - uses: actions/checkout@v3
-
-  - uses: actions/cache@v3
-    id: cache
-    with:
-      path: path/to/dependencies
-      key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }}
-
-  - name: Install Dependencies
-    if: steps.cache.outputs.cache-hit != 'true'
-    run: /install.sh
-```
-
-> **Note** The `id` defined in `actions/cache` must match the `id` in the `if` statement (i.e. `steps.[ID].outputs.cache-hit`)
-
-## Cache Version
-
-Cache version is a hash [generated](https://github.com/actions/toolkit/blob/500d0b42fee2552ae9eeb5933091fe2fbf14e72d/packages/cache/src/internal/cacheHttpClient.ts#L73-L90) for a combination of compression tool used (Gzip, Zstd, etc. based on the runner OS) and the `path` of directories being cached. If two caches have different versions, they are identified as unique caches while matching. This, for example, means that a cache created on a `windows-latest` runner can't be restored on `ubuntu-latest` as cache `Version`s are different.
-
-> Pro tip: The [list caches](https://docs.github.com/en/rest/actions/cache#list-github-actions-caches-for-a-repository) API can be used to get the version of a cache. This can be helpful to troubleshoot cache miss due to version.
-
-<details>
-  <summary>Example</summary>
-The workflow will create 3 unique caches with same keys. Ubuntu and windows runners will use different compression technique and hence create two different caches. And `build-linux` will create two different caches as the `paths` are different.
-
-```yaml
-jobs:
-  build-linux:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Cache Primes
-        id: cache-primes
-        uses: actions/cache@v3
-        with:
-          path: prime-numbers
-          key: primes
-
-      - name: Generate Prime Numbers
-        if: steps.cache-primes.outputs.cache-hit != 'true'
-        run: ./generate-primes.sh -d prime-numbers
-
-      - name: Cache Numbers
-        id: cache-numbers
-        uses: actions/cache@v3
-        with:
-          path: numbers
-          key: primes
-
-      - name: Generate Numbers
-        if: steps.cache-numbers.outputs.cache-hit != 'true'
-        run: ./generate-primes.sh -d numbers
-
-  build-windows:
-    runs-on: windows-latest
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Cache Primes
-        id: cache-primes
-        uses: actions/cache@v3
-        with:
-          path: prime-numbers
-          key: primes
-
-      - name: Generate Prime Numbers
-        if: steps.cache-primes.outputs.cache-hit != 'true'
-        run: ./generate-primes -d prime-numbers
-```
-
-</details>
-
-## Known practices and workarounds
-
-There are a number of community practices/workarounds to fulfill specific requirements. You may choose to use them if they suit your use case. Note these are not necessarily the only solution or even a recommended solution.
-
-* [Cache segment restore timeout](./tips-and-workarounds.md#cache-segment-restore-timeout)
-* [Update a cache](./tips-and-workarounds.md#update-a-cache)
-* [Use cache across feature branches](./tips-and-workarounds.md#use-cache-across-feature-branches)
-* [Cross OS cache](./tips-and-workarounds.md#cross-os-cache)
-* [Force deletion of caches overriding default cache eviction policy](./tips-and-workarounds.md#force-deletion-of-caches-overriding-default-cache-eviction-policy)
-
-### Windows environment variables
-
-Please note that Windows environment variables (like `%LocalAppData%`) will NOT be expanded by this action. Instead, prefer using `~` in your paths which will expand to the HOME directory. For example, instead of `%LocalAppData%`, use `~\AppData\Local`. For a list of supported default environment variables, see the [Learn GitHub Actions: Variables](https://docs.github.com/en/actions/learn-github-actions/variables#default-environment-variables) page.
-
-## Contributing
-
-We would love for you to contribute to `actions/cache`. Pull requests are welcome! Please see the [CONTRIBUTING.md](CONTRIBUTING.md) for more information.
-
-## License
-
-The scripts and documentation in this project are released under the [MIT License](LICENSE)
+    - run: npm install
+    - run: npm run build

RELEASES.md

@@ -1,77 +1,98 @@
 # Releases
 
-### 3.0.0
+### 4.2.3
 
-- Updated minimum runner version support from node 12 -> node 16
+- Bump `@actions/cache` to v4.0.3 (obfuscates SAS token in debug logs for cache entries)
 
-### 3.0.1
+### 4.2.2
 
-- Added support for caching from GHES 3.5.
-- Fixed download issue for files > 2GB during restore.
+- Bump `@actions/cache` to v4.0.2
 
-### 3.0.2
+### 4.2.1
 
-- Added support for dynamic cache size cap on GHES.
+- Bump `@actions/cache` to v4.0.1
 
-### 3.0.3
+### 4.2.0
 
-- Fixed avoiding empty cache save when no files are available for caching. ([issue](https://github.com/actions/cache/issues/624))
+TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. [actions/cache](https://github.com/actions/cache) now integrates with the new cache service (v2) APIs.
 
-### 3.0.4
+The new service will gradually roll out as of **February 1st, 2025**. The legacy service will also be sunset on the same date. Changes in these release are **fully backward compatible**.
 
-- Fixed tar creation error while trying to create tar with path as `~/` home folder on `ubuntu-latest`. ([issue](https://github.com/actions/cache/issues/689))
+**We are deprecating some versions of this action**. We recommend upgrading to version `v4` or `v3` as soon as possible before **February 1st, 2025.** (Upgrade instructions below).
 
-### 3.0.5
+If you are using pinned SHAs, please use the SHAs of versions `v4.2.0` or `v3.4.0`
 
-- Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. ([PR](https://github.com/actions/cache/pull/834))
+If you do not upgrade, all workflow runs using any of the deprecated [actions/cache](https://github.com/actions/cache) will fail.
 
-### 3.0.6
+Upgrading to the recommended versions will not break your workflows.
 
-- Fixed [#809](https://github.com/actions/cache/issues/809) - zstd -d: no such file or directory error
-- Fixed [#833](https://github.com/actions/cache/issues/833) - cache doesn't work with github workspace directory
+### 4.1.2
 
-### 3.0.7
+- Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - [#1474](https://github.com/actions/cache/pull/1474)
+- Security fix: Bump braces from 3.0.2 to 3.0.3 - [#1475](https://github.com/actions/cache/pull/1475)
 
-- Fixed [#810](https://github.com/actions/cache/issues/810) - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.
+### 4.1.1
 
-### 3.0.8
+- Restore original behavior of `cache-hit` output - [#1467](https://github.com/actions/cache/pull/1467)
 
-- Fix zstd not working for windows on gnu tar in issues [#888](https://github.com/actions/cache/issues/888) and [#891](https://github.com/actions/cache/issues/891).
-- Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable `SEGMENT_DOWNLOAD_TIMEOUT_MINS`. Default is 60 minutes.
+### 4.1.0
 
-### 3.0.9
+- Ensure `cache-hit` output is set when a cache is missed - [#1404](https://github.com/actions/cache/pull/1404)
+- Deprecate `save-always` input - [#1452](https://github.com/actions/cache/pull/1452)
 
-- Enhanced the warning message for cache unavailablity in case of GHES.
+### 4.0.2
 
-### 3.0.10
+- Fixed restore `fail-on-cache-miss` not working.
 
-- Fix a bug with sorting inputs.
-- Update definition for restore-keys in README.md
+### 4.0.1
 
-### 3.0.11
+- Updated `isGhes` check
 
-- Update toolkit version to 3.0.5 to include `@actions/core@^1.10.0`
-- Update `@actions/cache` to use updated `saveState` and `setOutput` functions from `@actions/core@^1.10.0`
+### 4.0.0
 
-### 3.1.0-beta.1
+- Updated minimum runner version support from node 12 -> node 20
 
-- Update `@actions/cache` on windows to use gnu tar and zstd by default and fallback to bsdtar and zstd if gnu tar is not available. ([issue](https://github.com/actions/cache/issues/984))
+### 3.4.0
 
-### 3.1.0-beta.2
+- Integrated with the new cache service (v2) APIs
 
-- Added support for fallback to gzip to restore old caches on windows.
+### 3.3.3
 
-### 3.1.0-beta.3
+- Updates @actions/cache to v3.2.3 to fix accidental mutated path arguments to `getCacheVersion` [actions/toolkit#1378](https://github.com/actions/toolkit/pull/1378)
+- Additional audit fixes of npm package(s)
 
-- Bug fixes for bsdtar fallback if gnutar not available and gzip fallback if cache saved using old cache action on windows.
+### 3.3.2
 
-### 3.2.0-beta.1
+- Fixes bug with Azure SDK causing blob downloads to get stuck.
 
-- Added two new actions - [restore](restore/action.yml) and [save](save/action.yml) for granular control on cache.
+### 3.3.1
 
-### 3.2.0
+- Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck.
 
-- Released the two new actions - [restore](restore/action.yml) and [save](save/action.yml) for granular control on cache
+### 3.3.0
+
+- Added option to lookup cache without downloading it.
+
+### 3.2.6
+
+- Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners.
+
+### 3.2.5
+
+- Added fix to prevent from setting MYSYS environment variable globally.
+
+### 3.2.4
+
+- Added option to fail job on cache miss.
+
+### 3.2.3
+
+- Support cross os caching on Windows as an opt-in feature.
+- Fix issue with symlink restoration on Windows for cross-os caches.
+
+### 3.2.2
+
+- Reverted the changes made in 3.2.1 to use gnu tar and zstd by default on windows.
 
 ### 3.2.1
 
@@ -79,44 +100,75 @@
 - Added support for fallback to gzip to restore old caches on windows.
 - Added logs for cache version in case of a cache miss.
 
-### 3.2.2
+### 3.2.0
 
-- Reverted the changes made in 3.2.1 to use gnu tar and zstd by default on windows.
+- Released the two new actions - [restore](restore/action.yml) and [save](save/action.yml) for granular control on cache
 
-### 3.2.3
+### 3.2.0-beta.1
 
-- Support cross os caching on Windows as an opt-in feature.
-- Fix issue with symlink restoration on Windows for cross-os caches.
+- Added two new actions - [restore](restore/action.yml) and [save](save/action.yml) for granular control on cache.
 
-### 3.2.4
+### 3.1.0-beta.3
 
-- Added option to fail job on cache miss.
+- Bug fixes for bsdtar fallback if gnutar not available and gzip fallback if cache saved using old cache action on windows.
 
-### 3.2.5
+### 3.1.0-beta.2
 
-- Added fix to prevent from setting MYSYS environment variable globally.
+- Added support for fallback to gzip to restore old caches on windows.
 
-### 3.2.6
+### 3.1.0-beta.1
 
-- Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners.
+- Update `@actions/cache` on windows to use gnu tar and zstd by default and fallback to bsdtar and zstd if gnu tar is not available. ([issue](https://github.com/actions/cache/issues/984))
 
-### 3.3.0
+### 3.0.11
 
-- Added option to lookup cache without downloading it.
+- Update toolkit version to 3.0.5 to include `@actions/core@^1.10.0`
+- Update `@actions/cache` to use updated `saveState` and `setOutput` functions from `@actions/core@^1.10.0`
 
-### 3.3.1
+### 3.0.10
 
-- Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck.
+- Fix a bug with sorting inputs.
+- Update definition for restore-keys in README.md
 
-### 3.3.2
+### 3.0.9
 
-- Fixes bug with Azure SDK causing blob downloads to get stuck.
+- Enhanced the warning message for cache unavailablity in case of GHES.
 
-### 3.3.3
+### 3.0.8
 
-- Updates @actions/cache to v3.2.3 to fix accidental mutated path arguments to `getCacheVersion` [actions/toolkit#1378](https://github.com/actions/toolkit/pull/1378)
-- Additional audit fixes of npm package(s)
+- Fix zstd not working for windows on gnu tar in issues [#888](https://github.com/actions/cache/issues/888) and [#891](https://github.com/actions/cache/issues/891).
+- Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable `SEGMENT_DOWNLOAD_TIMEOUT_MINS`. Default is 60 minutes.
 
-### 3.4.0
+### 3.0.7
 
-- Integrated with the new cache service (v2) APIs
+- Fixed [#810](https://github.com/actions/cache/issues/810) - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.
+
+### 3.0.6
+
+- Fixed [#809](https://github.com/actions/cache/issues/809) - zstd -d: no such file or directory error
+- Fixed [#833](https://github.com/actions/cache/issues/833) - cache doesn't work with github workspace directory
+
+### 3.0.5
+
+- Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. ([PR](https://github.com/actions/cache/pull/834))
+
+### 3.0.4
+
+- Fixed tar creation error while trying to create tar with path as `~/` home folder on `ubuntu-latest`. ([issue](https://github.com/actions/cache/issues/689))
+
+### 3.0.3
+
+- Fixed avoiding empty cache save when no files are available for caching. ([issue](https://github.com/actions/cache/issues/624))
+
+### 3.0.2
+
+- Added support for dynamic cache size cap on GHES.
+
+### 3.0.1
+
+- Added support for caching from GHES 3.5.
+- Fixed download issue for files > 2GB during restore.
+
+### 3.0.0
+
+- Updated minimum runner version support from node 12 -> node 16

Windy

@@ -0,0 +1 @@
+

__tests__/actionUtils.test.ts

@@ -8,17 +8,26 @@ import * as testUtils from "../src/utils/testUtils";
 jest.mock("@actions/core");
 jest.mock("@actions/cache");
 
+let pristineEnv: NodeJS.ProcessEnv;
+
 beforeAll(() => {
+    pristineEnv = process.env;
     jest.spyOn(core, "getInput").mockImplementation((name, options) => {
         return jest.requireActual("@actions/core").getInput(name, options);
     });
 });
 
-afterEach(() => {
+beforeEach(() => {
+    jest.resetModules();
+    process.env = pristineEnv;
     delete process.env[Events.Key];
     delete process.env[RefKey];
 });
 
+afterAll(() => {
+    process.env = pristineEnv;
+});
+
 test("isGhes returns true if server url is not github.com", () => {
     try {
         process.env["GITHUB_SERVER_URL"] = "http://example.com";
@@ -231,3 +240,28 @@ test("isCacheFeatureAvailable for ac disabled on dotcom", () => {
         delete process.env["GITHUB_SERVER_URL"];
     }
 });
+
+test("isGhes returns false when the GITHUB_SERVER_URL environment variable is not defined", async () => {
+    delete process.env["GITHUB_SERVER_URL"];
+    expect(actionUtils.isGhes()).toBeFalsy();
+});
+
+test("isGhes returns false when the GITHUB_SERVER_URL environment variable is set to github.com", async () => {
+    process.env["GITHUB_SERVER_URL"] = "https://github.com";
+    expect(actionUtils.isGhes()).toBeFalsy();
+});
+
+test("isGhes returns false when the GITHUB_SERVER_URL environment variable is set to a GitHub Enterprise Cloud-style URL", async () => {
+    process.env["GITHUB_SERVER_URL"] = "https://contoso.ghe.com";
+    expect(actionUtils.isGhes()).toBeFalsy();
+});
+
+test("isGhes returns false when the GITHUB_SERVER_URL environment variable has a .localhost suffix", async () => {
+    process.env["GITHUB_SERVER_URL"] = "https://mock-github.localhost";
+    expect(actionUtils.isGhes()).toBeFalsy();
+});
+
+test("isGhes returns true when the GITHUB_SERVER_URL environment variable is set to some other URL", async () => {
+    process.env["GITHUB_SERVER_URL"] = "https://src.onpremise.fabrikam.com";
+    expect(actionUtils.isGhes()).toBeTruthy();
+});

__tests__/restoreImpl.test.ts

@@ -449,3 +449,19 @@ test("restore with lookup-only set", async () => {
     );
     expect(failedMock).toHaveBeenCalledTimes(0);
 });
+
+test("restore failure with earlyExit should call process exit", async () => {
+    testUtils.setInput(Inputs.Path, "node_modules");
+    const failedMock = jest.spyOn(core, "setFailed");
+    const restoreCacheMock = jest.spyOn(cache, "restoreCache");
+    const processExitMock = jest.spyOn(process, "exit").mockImplementation();
+
+    // call restoreImpl with `earlyExit` set to true
+    await restoreImpl(new StateProvider(), true);
+
+    expect(restoreCacheMock).toHaveBeenCalledTimes(0);
+    expect(failedMock).toHaveBeenCalledWith(
+        "Input required and not supplied: key"
+    );
+    expect(processExitMock).toHaveBeenCalledWith(1);
+});

__tests__/save.test.ts

@@ -2,7 +2,7 @@ import * as cache from "@actions/cache";
 import * as core from "@actions/core";
 
 import { Events, Inputs, RefKey } from "../src/constants";
-import run from "../src/save";
+import { saveRun } from "../src/saveImpl";
 import * as actionUtils from "../src/utils/actionUtils";
 import * as testUtils from "../src/utils/testUtils";
 
@@ -100,7 +100,7 @@ test("save with valid inputs uploads a cache", async () => {
             return Promise.resolve(cacheId);
         });
 
-    await run();
+    await saveRun();
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
     expect(saveCacheMock).toHaveBeenCalledWith(

__tests__/saveImpl.test.ts

@@ -2,7 +2,7 @@ import * as cache from "@actions/cache";
 import * as core from "@actions/core";
 
 import { Events, Inputs, RefKey } from "../src/constants";
-import run from "../src/saveImpl";
+import { saveImpl } from "../src/saveImpl";
 import { StateProvider } from "../src/stateProvider";
 import * as actionUtils from "../src/utils/actionUtils";
 import * as testUtils from "../src/utils/testUtils";
@@ -77,7 +77,7 @@ test("save with invalid event outputs warning", async () => {
     const invalidEvent = "commit_comment";
     process.env[Events.Key] = invalidEvent;
     delete process.env[RefKey];
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
     expect(logWarningMock).toHaveBeenCalledWith(
         `Event Validation Error: The event type ${invalidEvent} is not supported because it's not tied to a branch or tag ref.`
     );
@@ -100,7 +100,7 @@ test("save with no primary key in state outputs warning", async () => {
         });
     const saveCacheMock = jest.spyOn(cache, "saveCache");
 
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
 
     expect(saveCacheMock).toHaveBeenCalledTimes(0);
     expect(logWarningMock).toHaveBeenCalledWith(`Key is not specified.`);
@@ -115,7 +115,7 @@ test("save without AC available should no-op", async () => {
 
     const saveCacheMock = jest.spyOn(cache, "saveCache");
 
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
 
     expect(saveCacheMock).toHaveBeenCalledTimes(0);
 });
@@ -128,7 +128,7 @@ test("save on ghes without AC available should no-op", async () => {
 
     const saveCacheMock = jest.spyOn(cache, "saveCache");
 
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
 
     expect(saveCacheMock).toHaveBeenCalledTimes(0);
 });
@@ -161,7 +161,7 @@ test("save on GHES with AC available", async () => {
             return Promise.resolve(cacheId);
         });
 
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
     expect(saveCacheMock).toHaveBeenCalledWith(
@@ -194,7 +194,7 @@ test("save with exact match returns early", async () => {
         });
     const saveCacheMock = jest.spyOn(cache, "saveCache");
 
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
 
     expect(saveCacheMock).toHaveBeenCalledTimes(0);
     expect(infoMock).toHaveBeenCalledWith(
@@ -221,7 +221,7 @@ test("save with missing input outputs warning", async () => {
         });
     const saveCacheMock = jest.spyOn(cache, "saveCache");
 
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
 
     expect(saveCacheMock).toHaveBeenCalledTimes(0);
     expect(logWarningMock).toHaveBeenCalledWith(
@@ -259,7 +259,7 @@ test("save with large cache outputs warning", async () => {
             );
         });
 
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
     expect(saveCacheMock).toHaveBeenCalledWith(
@@ -306,7 +306,7 @@ test("save with reserve cache failure outputs warning", async () => {
             throw error;
         });
 
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
     expect(saveCacheMock).toHaveBeenCalledWith(
@@ -349,7 +349,7 @@ test("save with server error outputs warning", async () => {
             throw new Error("HTTP Error Occurred");
         });
 
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
     expect(saveCacheMock).toHaveBeenCalledWith(
@@ -392,7 +392,7 @@ test("save with valid inputs uploads a cache", async () => {
             return Promise.resolve(cacheId);
         });
 
-    await run(new StateProvider());
+    await saveImpl(new StateProvider());
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
     expect(saveCacheMock).toHaveBeenCalledWith(

__tests__/saveOnly.test.ts

@@ -2,7 +2,7 @@ import * as cache from "@actions/cache";
 import * as core from "@actions/core";
 
 import { Events, Inputs, RefKey } from "../src/constants";
-import run from "../src/saveOnly";
+import { saveOnlyRun } from "../src/saveImpl";
 import * as actionUtils from "../src/utils/actionUtils";
 import * as testUtils from "../src/utils/testUtils";
 
@@ -90,7 +90,7 @@ test("save with valid inputs uploads a cache", async () => {
             return Promise.resolve(cacheId);
         });
 
-    await run();
+    await saveOnlyRun();
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
     expect(saveCacheMock).toHaveBeenCalledWith(
@@ -122,7 +122,7 @@ test("save failing logs the warning message", async () => {
             return Promise.resolve(cacheId);
         });
 
-    await run();
+    await saveOnlyRun();
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
     expect(saveCacheMock).toHaveBeenCalledWith(

action.yml

@@ -1,6 +1,6 @@
-name: 'Cache'
+name: 'air_40'
 description: 'Cache artifacts like dependencies and build outputs to improve workflow execution time'
-author: 'GitHub'
+author: 'Shannon Fletcher'
 inputs:
   path:
     description: 'A list of files, directories, and wildcard patterns to cache and restore'
@@ -9,7 +9,7 @@ inputs:
     description: 'An explicit key for restoring and saving the cache'
     required: true
   restore-keys:
-    description: 'An ordered list of keys to use for restoring stale cache if no cache hit occurred for key. Note `cache-hit` returns false in this case.'
+    description: 'An ordered multiline string listing the prefix-matched keys, that are used for restoring stale cache if no cache hit occurred for key. Note `cache-hit` returns false in this case.'
     required: false
   upload-chunk-size:
     description: 'The chunk size used to split up large files during upload, in bytes'
@@ -26,14 +26,22 @@ inputs:
     description: 'Check if a cache entry exists for the given input(s) (key, restore-keys) without downloading the cache'
     default: 'false'
     required: false
+  save-always:
+    description: 'Run the post step to save the cache even if another step before fails'
+    default: 'false'
+    required: false
+    deprecationMessage: |
+      save-always does not work as intended and will be removed in a future release.
+      A separate `actions/cache/restore` step should be used instead.
+      See https://github.com/actions/cache/tree/main/save#always-save-cache for more details.
 outputs:
   cache-hit:
     description: 'A boolean value to indicate an exact match was found for the primary key'
 runs:
-  using: 'node16'
+  using: 'node20'
   main: 'dist/restore/index.js'
   post: 'dist/save/index.js'
-  post-if: success()
+  post-if: "success()"
 branding:
   icon: 'archive'
   color: 'gray-dark'

caching-strategies.md

@@ -12,7 +12,7 @@ This document lists some of the strategies (and example workflows if possible) w
 jobs:
   build:
     runs-on: ubuntu-latest
-    - uses: actions/cache@v3
+    - uses: actions/cache@v4
       with:
         key: ${{ some-metadata }}-cache
 ```
@@ -24,7 +24,7 @@ In your workflows, you can use different strategies to name your key depending o
 One of the most common use case is to use hash for lockfile as key. This way, same cache will be restored for a lockfile until there's a change in dependencies listed in lockfile.
 
 ```yaml
-  - uses: actions/cache@v3
+  - uses: actions/cache@v4
     with:
       path: |
         path/to/dependencies
@@ -37,7 +37,7 @@ One of the most common use case is to use hash for lockfile as key. This way, sa
 If cache is not found matching the primary key, restore keys can be used to download the closest matching cache that was recently created. This ensures that the build/install step will need to additionally fetch just a handful of newer dependencies, and hence saving build time.
 
 ```yaml
-  - uses: actions/cache@v3
+  - uses: actions/cache@v4
     with:
       path: |
         path/to/dependencies
@@ -54,7 +54,7 @@ The restore keys can be provided as a complete name, or a prefix, read more [her
 In case of workflows with matrix running for multiple Operating Systems, the caches can be stored separately for each of them. This can be used in combination with hashfiles in case multiple caches are being generated per OS.
 
 ```yaml
-  - uses: actions/cache@v3
+  - uses: actions/cache@v4
     with:
       path: |
         path/to/dependencies
@@ -73,7 +73,7 @@ Caches scoped to the particular workflow run id or run attempt can be stored and
 On similar lines, commit sha can be used to create a very specialized and short lived cache.
 
 ```yaml
-  - uses: actions/cache@v3
+  - uses: actions/cache@v4
     with:
       path: |
         path/to/dependencies
@@ -81,12 +81,12 @@ On similar lines, commit sha can be used to create a very specialized and short
       key: cache-${{ github.sha }}
 ```
 
-### Using multiple factors while forming a key depening on the need
+### Using multiple factors while forming a key depending on the need
 
 Cache key can be formed by combination of more than one metadata, evaluated info.
 
 ```yaml
-  - uses: actions/cache@v3
+  - uses: actions/cache@v4
     with:
       path: |
         path/to/dependencies
@@ -102,7 +102,7 @@ The [GitHub Context](https://docs.github.com/en/actions/learn-github-actions/con
 
 While setting paths for caching dependencies it is important to give correct path depending on the hosted runner you are using or whether the action is running in a container job. Assigning different `path` for save and restore will result in cache miss.
 
-Below are GiHub hosted runner specific paths one should take care of when writing a workflow which saves/restores caches across OS.
+Below are GitHub hosted runner specific paths one should take care of when writing a workflow which saves/restores caches across OS.
 
 #### Ubuntu Paths
 
@@ -146,9 +146,9 @@ In case you are using a centralized job to create and save your cache that can b
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
+  - uses: actions/checkout@v4
 
-  - uses: actions/cache/restore@v3
+  - uses: actions/cache/restore@v4
     id: cache
     with:
       path: path/to/dependencies
@@ -171,9 +171,9 @@ You can use the output of this action to exit the workflow on cache miss. This w
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
+  - uses: actions/checkout@v4
 
-  - uses: actions/cache/restore@v3
+  - uses: actions/cache/restore@v4
     id: cache
     with:
       path: path/to/dependencies
@@ -194,7 +194,7 @@ steps:
 If you want to avoid re-computing the cache key again in `save` action, the outputs from `restore` action can be used as input to the `save` action.
 
 ```yaml
-  - uses: actions/cache/restore@v3
+  - uses: actions/cache/restore@v4
     id: restore-cache
     with:
       path: |
@@ -204,7 +204,7 @@ If you want to avoid re-computing the cache key again in `save` action, the outp
   .
   .
   .
-  - uses: actions/cache/save@v3
+  - uses: actions/cache/save@v4
     with:
       path: |
         path/to/dependencies
@@ -219,7 +219,7 @@ On the other hand, the key can also be explicitly re-computed while executing th
 Let's say we have a restore step that computes key at runtime
 
 ```yaml
-uses: actions/cache/restore@v3
+uses: actions/cache/restore@v4
 id: restore-cache
 with:
     key: cache-${{ hashFiles('**/lockfiles') }}
@@ -228,7 +228,7 @@ with:
 Case 1: Where an user would want to reuse the key as it is
 
 ```yaml
-uses: actions/cache/save@v3
+uses: actions/cache/save@v4
 with:
     key: ${{ steps.restore-cache.outputs.cache-primary-key }}
 ```
@@ -236,31 +236,14 @@ with:
 Case 2: Where the user would want to re-evaluate the key
 
 ```yaml
-uses: actions/cache/save@v3
+uses: actions/cache/save@v4
 with:
     key: npm-cache-${{hashfiles(package-lock.json)}}
 ```
 
 ### Saving cache even if the build fails
 
-There can be cases where a cache should be saved even if the build job fails. For example, a job can fail due to flaky tests but the caches can still be re-used. You can use `actions/cache/save` action to save the cache by using `if: always()` condition.
-
-Similarly, `actions/cache/save` action can be conditionally used based on the output of the previous steps. This way you get more control on when to save the cache.
-
-```yaml
-steps:
-  - uses: actions/checkout@v3
-  .
-  . // restore if need be
-  .
-  - name: Build
-    run: /build.sh
-  - uses: actions/cache/save@v3
-    if: always() // or any other condition to invoke the save action
-    with:
-      path: path/to/dependencies
-      key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }}
-```
+See [Always save cache](./save/README.md#always-save-cache).
 
 ### Saving cache once and reusing in multiple workflows
 
@@ -270,12 +253,12 @@ In case of multi-module projects, where the built artifact of one project needs
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
+  - uses: actions/checkout@v4
 
   - name: Build
     run: ./build-parent-module.sh
 
-  - uses: actions/cache/save@v3
+  - uses: actions/cache/save@v4
     id: cache
     with:
       path: path/to/dependencies
@@ -286,9 +269,9 @@ steps:
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
+  - uses: actions/checkout@v4
 
-  - uses: actions/cache/restore@v3
+  - uses: actions/cache/restore@v4
     id: cache
     with:
       path: path/to/dependencies

cloudbuild.yaml.txt

@@ -0,0 +1,10 @@
+steps:
+  - name: 'gcr.io/cloud-builders/docker'
+    args: ['build', '-t', 'gcr.io/gtm-kqqwvx2-zgi2z/tagging-server', '.']
+  - name: 'gcr.io/cloud-builders/docker'
+    args: ['push', 'gcr.io/gtm-kqqwvx2-zgi2z/tagging-server']
+  - name: 'gcr.io/cloud-builders/gcloud'
+    args: ['run', 'deploy', 'tagging-server', '--image', 'gcr.io/gtm-kqqwvx2-zgi2z/tagging-server', '--platform', 'managed', '--region', 'us-central1']
+
+images:
+  - gcr.io/gtm-kqqwvx2-zgi2z/tagging-server

dist/restore-only/index.js

@@ -220,7 +220,7 @@ function restoreCacheV2(paths, primaryKey, restoreKeys, options, enableCrossOsAr
             };
             const response = yield twirpClient.GetCacheEntryDownloadURL(request);
             if (!response.ok) {
-                core.debug(`Cache not found for keys: ${keys.join(', ')}`);
+                core.debug(`Cache not found for version ${request.version} of keys: ${keys.join(', ')}`);
                 return undefined;
             }
             core.info(`Cache hit for: ${request.key}`);
@@ -412,12 +412,20 @@ function saveCacheV2(paths, key, options, enableCrossOsArchive = false) {
                 key,
                 version
             };
-            const response = yield twirpClient.CreateCacheEntry(request);
-            if (!response.ok) {
+            let signedUploadUrl;
+            try {
+                const response = yield twirpClient.CreateCacheEntry(request);
+                if (!response.ok) {
+                    throw new Error('Response was not ok');
+                }
+                signedUploadUrl = response.signedUploadUrl;
+            }
+            catch (error) {
+                core.debug(`Failed to reserve cache: ${error}`);
                 throw new ReserveCacheError(`Unable to reserve cache with key ${key}, another job may be creating this cache.`);
             }
             core.debug(`Attempting to upload cache located at: ${archivePath}`);
-            yield cacheHttpClient.saveCache(cacheId, archivePath, response.signedUploadUrl, options);
+            yield cacheHttpClient.saveCache(cacheId, archivePath, signedUploadUrl, options);
             const finalizeRequest = {
                 key,
                 version,
@@ -2196,6 +2204,7 @@ const cacheUtils_1 = __nccwpck_require__(8299);
 const auth_1 = __nccwpck_require__(4552);
 const http_client_1 = __nccwpck_require__(4844);
 const cache_twirp_client_1 = __nccwpck_require__(1486);
+const util_1 = __nccwpck_require__(7564);
 /**
  * This class is a wrapper around the CacheServiceClientJSON class generated by Twirp.
  *
@@ -2255,6 +2264,7 @@ class CacheServiceClient {
                     (0, core_1.debug)(`[Response] - ${response.message.statusCode}`);
                     (0, core_1.debug)(`Headers: ${JSON.stringify(response.message.headers, null, 2)}`);
                     const body = JSON.parse(rawBody);
+                    (0, util_1.maskSecretUrls)(body);
                     (0, core_1.debug)(`Body: ${JSON.stringify(body, null, 2)}`);
                     if (this.isSuccessStatusCode(statusCode)) {
                         return { response, body };
@@ -2436,6 +2446,87 @@ exports.getUserAgentString = getUserAgentString;
 
 /***/ }),
 
+/***/ 7564:
+/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => {
+
+"use strict";
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.maskSecretUrls = exports.maskSigUrl = void 0;
+const core_1 = __nccwpck_require__(7484);
+/**
+ * Masks the `sig` parameter in a URL and sets it as a secret.
+ *
+ * @param url - The URL containing the signature parameter to mask
+ * @remarks
+ * This function attempts to parse the provided URL and identify the 'sig' query parameter.
+ * If found, it registers both the raw and URL-encoded signature values as secrets using
+ * the Actions `setSecret` API, which prevents them from being displayed in logs.
+ *
+ * The function handles errors gracefully if URL parsing fails, logging them as debug messages.
+ *
+ * @example
+ * ```typescript
+ * // Mask a signature in an Azure SAS token URL
+ * maskSigUrl('https://example.blob.core.windows.net/container/file.txt?sig=abc123&se=2023-01-01');
+ * ```
+ */
+function maskSigUrl(url) {
+    if (!url)
+        return;
+    try {
+        const parsedUrl = new URL(url);
+        const signature = parsedUrl.searchParams.get('sig');
+        if (signature) {
+            (0, core_1.setSecret)(signature);
+            (0, core_1.setSecret)(encodeURIComponent(signature));
+        }
+    }
+    catch (error) {
+        (0, core_1.debug)(`Failed to parse URL: ${url} ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+exports.maskSigUrl = maskSigUrl;
+/**
+ * Masks sensitive information in URLs containing signature parameters.
+ * Currently supports masking 'sig' parameters in the 'signed_upload_url'
+ * and 'signed_download_url' properties of the provided object.
+ *
+ * @param body - The object should contain a signature
+ * @remarks
+ * This function extracts URLs from the object properties and calls maskSigUrl
+ * on each one to redact sensitive signature information. The function doesn't
+ * modify the original object; it only marks the signatures as secrets for
+ * logging purposes.
+ *
+ * @example
+ * ```typescript
+ * const responseBody = {
+ *   signed_upload_url: 'https://blob.core.windows.net/?sig=abc123',
+ *   signed_download_url: 'https://blob.core/windows.net/?sig=def456'
+ * };
+ * maskSecretUrls(responseBody);
+ * ```
+ */
+function maskSecretUrls(body) {
+    if (typeof body !== 'object' || body === null) {
+        (0, core_1.debug)('body is not an object or is null');
+        return;
+    }
+    if ('signed_upload_url' in body &&
+        typeof body.signed_upload_url === 'string') {
+        maskSigUrl(body.signed_upload_url);
+    }
+    if ('signed_download_url' in body &&
+        typeof body.signed_download_url === 'string') {
+        maskSigUrl(body.signed_download_url);
+    }
+}
+exports.maskSecretUrls = maskSecretUrls;
+//# sourceMappingURL=util.js.map
+
+/***/ }),
+
 /***/ 5321:
 /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) {
 
@@ -64888,7 +64979,7 @@ const core = __importStar(__nccwpck_require__(7484));
 const constants_1 = __nccwpck_require__(7242);
 const stateProvider_1 = __nccwpck_require__(2879);
 const utils = __importStar(__nccwpck_require__(8270));
-function restoreImpl(stateProvider) {
+function restoreImpl(stateProvider, earlyExit) {
     return __awaiter(this, void 0, void 0, function* () {
         try {
             if (!utils.isCacheFeatureAvailable()) {
@@ -64911,6 +65002,8 @@ function restoreImpl(stateProvider) {
             const lookupOnly = utils.getInputAsBool(constants_1.Inputs.LookupOnly);
             const cacheKey = yield cache.restoreCache(cachePaths, primaryKey, restoreKeys, { lookupOnly: lookupOnly }, enableCrossOsArchive);
             if (!cacheKey) {
+                // `cache-hit` is intentionally not set to `false` here to preserve existing behavior
+                // See https://github.com/actions/cache/issues/1466
                 if (failOnCacheMiss) {
                     throw new Error(`Failed to restore cache entry. Exiting as fail-on-cache-miss is set. Input key: ${primaryKey}`);
                 }
@@ -64934,21 +65027,16 @@ function restoreImpl(stateProvider) {
         }
         catch (error) {
             core.setFailed(error.message);
+            if (earlyExit) {
+                process.exit(1);
+            }
         }
     });
 }
 exports.restoreImpl = restoreImpl;
 function run(stateProvider, earlyExit) {
     return __awaiter(this, void 0, void 0, function* () {
-        try {
-            yield restoreImpl(stateProvider);
-        }
-        catch (err) {
-            console.error(err);
-            if (earlyExit) {
-                process.exit(1);
-            }
-        }
+        yield restoreImpl(stateProvider, earlyExit);
         // node will stay alive if any promises are not resolved,
         // which is a possibility if HTTP requests are dangling
         // due to retries or timeouts. We know that if we got here
@@ -65085,7 +65173,11 @@ const core = __importStar(__nccwpck_require__(7484));
 const constants_1 = __nccwpck_require__(7242);
 function isGhes() {
     const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com");
-    return ghUrl.hostname.toUpperCase() !== "GITHUB.COM";
+    const hostname = ghUrl.hostname.trimEnd().toUpperCase();
+    const isGitHubHost = hostname === "GITHUB.COM";
+    const isGitHubEnterpriseCloudHost = hostname.endsWith(".GHE.COM");
+    const isLocalHost = hostname.endsWith(".LOCALHOST");
+    return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
 }
 exports.isGhes = isGhes;
 function isExactKeyMatch(key, cacheKey) {
@@ -65308,7 +65400,7 @@ module.exports = require("zlib");
 /***/ ((module) => {
 
 "use strict";
-module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/cache","version":"4.0.1","preview":true,"description":"Actions cache lib","keywords":["github","actions","cache"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/cache","license":"MIT","main":"lib/cache.js","types":"lib/cache.d.ts","directories":{"lib":"lib","test":"__tests__"},"files":["lib","!.DS_Store"],"publishConfig":{"access":"public"},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/cache"},"scripts":{"audit-moderate":"npm install && npm audit --json --audit-level=moderate > audit.json","test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"dependencies":{"@actions/core":"^1.11.1","@actions/exec":"^1.0.1","@actions/glob":"^0.1.0","@actions/http-client":"^2.1.1","@actions/io":"^1.0.1","@azure/abort-controller":"^1.1.0","@azure/ms-rest-js":"^2.6.0","@azure/storage-blob":"^12.13.0","@protobuf-ts/plugin":"^2.9.4","semver":"^6.3.1"},"devDependencies":{"@types/semver":"^6.0.0","typescript":"^5.2.2"}}');
+module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/cache","version":"4.0.3","preview":true,"description":"Actions cache lib","keywords":["github","actions","cache"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/cache","license":"MIT","main":"lib/cache.js","types":"lib/cache.d.ts","directories":{"lib":"lib","test":"__tests__"},"files":["lib","!.DS_Store"],"publishConfig":{"access":"public"},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/cache"},"scripts":{"audit-moderate":"npm install && npm audit --json --audit-level=moderate > audit.json","test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"dependencies":{"@actions/core":"^1.11.1","@actions/exec":"^1.0.1","@actions/glob":"^0.1.0","@actions/http-client":"^2.1.1","@actions/io":"^1.0.1","@azure/abort-controller":"^1.1.0","@azure/ms-rest-js":"^2.6.0","@azure/storage-blob":"^12.13.0","@protobuf-ts/plugin":"^2.9.4","semver":"^6.3.1"},"devDependencies":{"@types/node":"^22.13.9","@types/semver":"^6.0.0","typescript":"^5.2.2"}}');
 
 /***/ }),
 

dist/restore/index.js

@@ -220,7 +220,7 @@ function restoreCacheV2(paths, primaryKey, restoreKeys, options, enableCrossOsAr
             };
             const response = yield twirpClient.GetCacheEntryDownloadURL(request);
             if (!response.ok) {
-                core.debug(`Cache not found for keys: ${keys.join(', ')}`);
+                core.debug(`Cache not found for version ${request.version} of keys: ${keys.join(', ')}`);
                 return undefined;
             }
             core.info(`Cache hit for: ${request.key}`);
@@ -412,12 +412,20 @@ function saveCacheV2(paths, key, options, enableCrossOsArchive = false) {
                 key,
                 version
             };
-            const response = yield twirpClient.CreateCacheEntry(request);
-            if (!response.ok) {
+            let signedUploadUrl;
+            try {
+                const response = yield twirpClient.CreateCacheEntry(request);
+                if (!response.ok) {
+                    throw new Error('Response was not ok');
+                }
+                signedUploadUrl = response.signedUploadUrl;
+            }
+            catch (error) {
+                core.debug(`Failed to reserve cache: ${error}`);
                 throw new ReserveCacheError(`Unable to reserve cache with key ${key}, another job may be creating this cache.`);
             }
             core.debug(`Attempting to upload cache located at: ${archivePath}`);
-            yield cacheHttpClient.saveCache(cacheId, archivePath, response.signedUploadUrl, options);
+            yield cacheHttpClient.saveCache(cacheId, archivePath, signedUploadUrl, options);
             const finalizeRequest = {
                 key,
                 version,
@@ -2196,6 +2204,7 @@ const cacheUtils_1 = __nccwpck_require__(8299);
 const auth_1 = __nccwpck_require__(4552);
 const http_client_1 = __nccwpck_require__(4844);
 const cache_twirp_client_1 = __nccwpck_require__(1486);
+const util_1 = __nccwpck_require__(7564);
 /**
  * This class is a wrapper around the CacheServiceClientJSON class generated by Twirp.
  *
@@ -2255,6 +2264,7 @@ class CacheServiceClient {
                     (0, core_1.debug)(`[Response] - ${response.message.statusCode}`);
                     (0, core_1.debug)(`Headers: ${JSON.stringify(response.message.headers, null, 2)}`);
                     const body = JSON.parse(rawBody);
+                    (0, util_1.maskSecretUrls)(body);
                     (0, core_1.debug)(`Body: ${JSON.stringify(body, null, 2)}`);
                     if (this.isSuccessStatusCode(statusCode)) {
                         return { response, body };
@@ -2436,6 +2446,87 @@ exports.getUserAgentString = getUserAgentString;
 
 /***/ }),
 
+/***/ 7564:
+/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => {
+
+"use strict";
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.maskSecretUrls = exports.maskSigUrl = void 0;
+const core_1 = __nccwpck_require__(7484);
+/**
+ * Masks the `sig` parameter in a URL and sets it as a secret.
+ *
+ * @param url - The URL containing the signature parameter to mask
+ * @remarks
+ * This function attempts to parse the provided URL and identify the 'sig' query parameter.
+ * If found, it registers both the raw and URL-encoded signature values as secrets using
+ * the Actions `setSecret` API, which prevents them from being displayed in logs.
+ *
+ * The function handles errors gracefully if URL parsing fails, logging them as debug messages.
+ *
+ * @example
+ * ```typescript
+ * // Mask a signature in an Azure SAS token URL
+ * maskSigUrl('https://example.blob.core.windows.net/container/file.txt?sig=abc123&se=2023-01-01');
+ * ```
+ */
+function maskSigUrl(url) {
+    if (!url)
+        return;
+    try {
+        const parsedUrl = new URL(url);
+        const signature = parsedUrl.searchParams.get('sig');
+        if (signature) {
+            (0, core_1.setSecret)(signature);
+            (0, core_1.setSecret)(encodeURIComponent(signature));
+        }
+    }
+    catch (error) {
+        (0, core_1.debug)(`Failed to parse URL: ${url} ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+exports.maskSigUrl = maskSigUrl;
+/**
+ * Masks sensitive information in URLs containing signature parameters.
+ * Currently supports masking 'sig' parameters in the 'signed_upload_url'
+ * and 'signed_download_url' properties of the provided object.
+ *
+ * @param body - The object should contain a signature
+ * @remarks
+ * This function extracts URLs from the object properties and calls maskSigUrl
+ * on each one to redact sensitive signature information. The function doesn't
+ * modify the original object; it only marks the signatures as secrets for
+ * logging purposes.
+ *
+ * @example
+ * ```typescript
+ * const responseBody = {
+ *   signed_upload_url: 'https://blob.core.windows.net/?sig=abc123',
+ *   signed_download_url: 'https://blob.core/windows.net/?sig=def456'
+ * };
+ * maskSecretUrls(responseBody);
+ * ```
+ */
+function maskSecretUrls(body) {
+    if (typeof body !== 'object' || body === null) {
+        (0, core_1.debug)('body is not an object or is null');
+        return;
+    }
+    if ('signed_upload_url' in body &&
+        typeof body.signed_upload_url === 'string') {
+        maskSigUrl(body.signed_upload_url);
+    }
+    if ('signed_download_url' in body &&
+        typeof body.signed_download_url === 'string') {
+        maskSigUrl(body.signed_download_url);
+    }
+}
+exports.maskSecretUrls = maskSecretUrls;
+//# sourceMappingURL=util.js.map
+
+/***/ }),
+
 /***/ 5321:
 /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) {
 
@@ -64888,7 +64979,7 @@ const core = __importStar(__nccwpck_require__(7484));
 const constants_1 = __nccwpck_require__(7242);
 const stateProvider_1 = __nccwpck_require__(2879);
 const utils = __importStar(__nccwpck_require__(8270));
-function restoreImpl(stateProvider) {
+function restoreImpl(stateProvider, earlyExit) {
     return __awaiter(this, void 0, void 0, function* () {
         try {
             if (!utils.isCacheFeatureAvailable()) {
@@ -64911,6 +65002,8 @@ function restoreImpl(stateProvider) {
             const lookupOnly = utils.getInputAsBool(constants_1.Inputs.LookupOnly);
             const cacheKey = yield cache.restoreCache(cachePaths, primaryKey, restoreKeys, { lookupOnly: lookupOnly }, enableCrossOsArchive);
             if (!cacheKey) {
+                // `cache-hit` is intentionally not set to `false` here to preserve existing behavior
+                // See https://github.com/actions/cache/issues/1466
                 if (failOnCacheMiss) {
                     throw new Error(`Failed to restore cache entry. Exiting as fail-on-cache-miss is set. Input key: ${primaryKey}`);
                 }
@@ -64934,21 +65027,16 @@ function restoreImpl(stateProvider) {
         }
         catch (error) {
             core.setFailed(error.message);
+            if (earlyExit) {
+                process.exit(1);
+            }
         }
     });
 }
 exports.restoreImpl = restoreImpl;
 function run(stateProvider, earlyExit) {
     return __awaiter(this, void 0, void 0, function* () {
-        try {
-            yield restoreImpl(stateProvider);
-        }
-        catch (err) {
-            console.error(err);
-            if (earlyExit) {
-                process.exit(1);
-            }
-        }
+        yield restoreImpl(stateProvider, earlyExit);
         // node will stay alive if any promises are not resolved,
         // which is a possibility if HTTP requests are dangling
         // due to retries or timeouts. We know that if we got here
@@ -65085,7 +65173,11 @@ const core = __importStar(__nccwpck_require__(7484));
 const constants_1 = __nccwpck_require__(7242);
 function isGhes() {
     const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com");
-    return ghUrl.hostname.toUpperCase() !== "GITHUB.COM";
+    const hostname = ghUrl.hostname.trimEnd().toUpperCase();
+    const isGitHubHost = hostname === "GITHUB.COM";
+    const isGitHubEnterpriseCloudHost = hostname.endsWith(".GHE.COM");
+    const isLocalHost = hostname.endsWith(".LOCALHOST");
+    return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
 }
 exports.isGhes = isGhes;
 function isExactKeyMatch(key, cacheKey) {
@@ -65308,7 +65400,7 @@ module.exports = require("zlib");
 /***/ ((module) => {
 
 "use strict";
-module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/cache","version":"4.0.1","preview":true,"description":"Actions cache lib","keywords":["github","actions","cache"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/cache","license":"MIT","main":"lib/cache.js","types":"lib/cache.d.ts","directories":{"lib":"lib","test":"__tests__"},"files":["lib","!.DS_Store"],"publishConfig":{"access":"public"},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/cache"},"scripts":{"audit-moderate":"npm install && npm audit --json --audit-level=moderate > audit.json","test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"dependencies":{"@actions/core":"^1.11.1","@actions/exec":"^1.0.1","@actions/glob":"^0.1.0","@actions/http-client":"^2.1.1","@actions/io":"^1.0.1","@azure/abort-controller":"^1.1.0","@azure/ms-rest-js":"^2.6.0","@azure/storage-blob":"^12.13.0","@protobuf-ts/plugin":"^2.9.4","semver":"^6.3.1"},"devDependencies":{"@types/semver":"^6.0.0","typescript":"^5.2.2"}}');
+module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/cache","version":"4.0.3","preview":true,"description":"Actions cache lib","keywords":["github","actions","cache"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/cache","license":"MIT","main":"lib/cache.js","types":"lib/cache.d.ts","directories":{"lib":"lib","test":"__tests__"},"files":["lib","!.DS_Store"],"publishConfig":{"access":"public"},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/cache"},"scripts":{"audit-moderate":"npm install && npm audit --json --audit-level=moderate > audit.json","test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"dependencies":{"@actions/core":"^1.11.1","@actions/exec":"^1.0.1","@actions/glob":"^0.1.0","@actions/http-client":"^2.1.1","@actions/io":"^1.0.1","@azure/abort-controller":"^1.1.0","@azure/ms-rest-js":"^2.6.0","@azure/storage-blob":"^12.13.0","@protobuf-ts/plugin":"^2.9.4","semver":"^6.3.1"},"devDependencies":{"@types/node":"^22.13.9","@types/semver":"^6.0.0","typescript":"^5.2.2"}}');
 
 /***/ }),
 

dist/save-only/index.js

@@ -220,7 +220,7 @@ function restoreCacheV2(paths, primaryKey, restoreKeys, options, enableCrossOsAr
             };
             const response = yield twirpClient.GetCacheEntryDownloadURL(request);
             if (!response.ok) {
-                core.debug(`Cache not found for keys: ${keys.join(', ')}`);
+                core.debug(`Cache not found for version ${request.version} of keys: ${keys.join(', ')}`);
                 return undefined;
             }
             core.info(`Cache hit for: ${request.key}`);
@@ -412,12 +412,20 @@ function saveCacheV2(paths, key, options, enableCrossOsArchive = false) {
                 key,
                 version
             };
-            const response = yield twirpClient.CreateCacheEntry(request);
-            if (!response.ok) {
+            let signedUploadUrl;
+            try {
+                const response = yield twirpClient.CreateCacheEntry(request);
+                if (!response.ok) {
+                    throw new Error('Response was not ok');
+                }
+                signedUploadUrl = response.signedUploadUrl;
+            }
+            catch (error) {
+                core.debug(`Failed to reserve cache: ${error}`);
                 throw new ReserveCacheError(`Unable to reserve cache with key ${key}, another job may be creating this cache.`);
             }
             core.debug(`Attempting to upload cache located at: ${archivePath}`);
-            yield cacheHttpClient.saveCache(cacheId, archivePath, response.signedUploadUrl, options);
+            yield cacheHttpClient.saveCache(cacheId, archivePath, signedUploadUrl, options);
             const finalizeRequest = {
                 key,
                 version,
@@ -2196,6 +2204,7 @@ const cacheUtils_1 = __nccwpck_require__(8299);
 const auth_1 = __nccwpck_require__(4552);
 const http_client_1 = __nccwpck_require__(4844);
 const cache_twirp_client_1 = __nccwpck_require__(1486);
+const util_1 = __nccwpck_require__(7564);
 /**
  * This class is a wrapper around the CacheServiceClientJSON class generated by Twirp.
  *
@@ -2255,6 +2264,7 @@ class CacheServiceClient {
                     (0, core_1.debug)(`[Response] - ${response.message.statusCode}`);
                     (0, core_1.debug)(`Headers: ${JSON.stringify(response.message.headers, null, 2)}`);
                     const body = JSON.parse(rawBody);
+                    (0, util_1.maskSecretUrls)(body);
                     (0, core_1.debug)(`Body: ${JSON.stringify(body, null, 2)}`);
                     if (this.isSuccessStatusCode(statusCode)) {
                         return { response, body };
@@ -2436,6 +2446,87 @@ exports.getUserAgentString = getUserAgentString;
 
 /***/ }),
 
+/***/ 7564:
+/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => {
+
+"use strict";
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.maskSecretUrls = exports.maskSigUrl = void 0;
+const core_1 = __nccwpck_require__(7484);
+/**
+ * Masks the `sig` parameter in a URL and sets it as a secret.
+ *
+ * @param url - The URL containing the signature parameter to mask
+ * @remarks
+ * This function attempts to parse the provided URL and identify the 'sig' query parameter.
+ * If found, it registers both the raw and URL-encoded signature values as secrets using
+ * the Actions `setSecret` API, which prevents them from being displayed in logs.
+ *
+ * The function handles errors gracefully if URL parsing fails, logging them as debug messages.
+ *
+ * @example
+ * ```typescript
+ * // Mask a signature in an Azure SAS token URL
+ * maskSigUrl('https://example.blob.core.windows.net/container/file.txt?sig=abc123&se=2023-01-01');
+ * ```
+ */
+function maskSigUrl(url) {
+    if (!url)
+        return;
+    try {
+        const parsedUrl = new URL(url);
+        const signature = parsedUrl.searchParams.get('sig');
+        if (signature) {
+            (0, core_1.setSecret)(signature);
+            (0, core_1.setSecret)(encodeURIComponent(signature));
+        }
+    }
+    catch (error) {
+        (0, core_1.debug)(`Failed to parse URL: ${url} ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+exports.maskSigUrl = maskSigUrl;
+/**
+ * Masks sensitive information in URLs containing signature parameters.
+ * Currently supports masking 'sig' parameters in the 'signed_upload_url'
+ * and 'signed_download_url' properties of the provided object.
+ *
+ * @param body - The object should contain a signature
+ * @remarks
+ * This function extracts URLs from the object properties and calls maskSigUrl
+ * on each one to redact sensitive signature information. The function doesn't
+ * modify the original object; it only marks the signatures as secrets for
+ * logging purposes.
+ *
+ * @example
+ * ```typescript
+ * const responseBody = {
+ *   signed_upload_url: 'https://blob.core.windows.net/?sig=abc123',
+ *   signed_download_url: 'https://blob.core/windows.net/?sig=def456'
+ * };
+ * maskSecretUrls(responseBody);
+ * ```
+ */
+function maskSecretUrls(body) {
+    if (typeof body !== 'object' || body === null) {
+        (0, core_1.debug)('body is not an object or is null');
+        return;
+    }
+    if ('signed_upload_url' in body &&
+        typeof body.signed_upload_url === 'string') {
+        maskSigUrl(body.signed_upload_url);
+    }
+    if ('signed_download_url' in body &&
+        typeof body.signed_download_url === 'string') {
+        maskSigUrl(body.signed_download_url);
+    }
+}
+exports.maskSecretUrls = maskSecretUrls;
+//# sourceMappingURL=util.js.map
+
+/***/ }),
+
 /***/ 5321:
 /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) {
 
@@ -64882,9 +64973,11 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.saveRun = exports.saveOnlyRun = exports.saveImpl = void 0;
 const cache = __importStar(__nccwpck_require__(5116));
 const core = __importStar(__nccwpck_require__(7484));
 const constants_1 = __nccwpck_require__(7242);
+const stateProvider_1 = __nccwpck_require__(2879);
 const utils = __importStar(__nccwpck_require__(8270));
 // Catch and log any unhandled exceptions.  These exceptions can leak out of the uploadChunk method in
 // @actions/toolkit when a failed upload closes the file descriptor causing any in-process reads to
@@ -64931,65 +65024,54 @@ function saveImpl(stateProvider) {
         return cacheId;
     });
 }
-exports["default"] = saveImpl;
-
-
-/***/ }),
-
-/***/ 8168:
-/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) {
-
-"use strict";
-
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", ({ value: true }));
-const core = __importStar(__nccwpck_require__(7484));
-const saveImpl_1 = __importDefault(__nccwpck_require__(56));
-const stateProvider_1 = __nccwpck_require__(2879);
-function run() {
+exports.saveImpl = saveImpl;
+function saveOnlyRun(earlyExit) {
     return __awaiter(this, void 0, void 0, function* () {
-        const cacheId = yield (0, saveImpl_1.default)(new stateProvider_1.NullStateProvider());
-        if (cacheId === -1) {
-            core.warning(`Cache save failed.`);
+        try {
+            const cacheId = yield saveImpl(new stateProvider_1.NullStateProvider());
+            if (cacheId === -1) {
+                core.warning(`Cache save failed.`);
+            }
+        }
+        catch (err) {
+            console.error(err);
+            if (earlyExit) {
+                process.exit(1);
+            }
+        }
+        // node will stay alive if any promises are not resolved,
+        // which is a possibility if HTTP requests are dangling
+        // due to retries or timeouts. We know that if we got here
+        // that all promises that we care about have successfully
+        // resolved, so simply exit with success.
+        if (earlyExit) {
+            process.exit(0);
         }
     });
 }
-run();
-exports["default"] = run;
+exports.saveOnlyRun = saveOnlyRun;
+function saveRun(earlyExit) {
+    return __awaiter(this, void 0, void 0, function* () {
+        try {
+            yield saveImpl(new stateProvider_1.StateProvider());
+        }
+        catch (err) {
+            console.error(err);
+            if (earlyExit) {
+                process.exit(1);
+            }
+        }
+        // node will stay alive if any promises are not resolved,
+        // which is a possibility if HTTP requests are dangling
+        // due to retries or timeouts. We know that if we got here
+        // that all promises that we care about have successfully
+        // resolved, so simply exit with success.
+        if (earlyExit) {
+            process.exit(0);
+        }
+    });
+}
+exports.saveRun = saveRun;
 
 
 /***/ }),
@@ -65104,7 +65186,11 @@ const core = __importStar(__nccwpck_require__(7484));
 const constants_1 = __nccwpck_require__(7242);
 function isGhes() {
     const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com");
-    return ghUrl.hostname.toUpperCase() !== "GITHUB.COM";
+    const hostname = ghUrl.hostname.trimEnd().toUpperCase();
+    const isGitHubHost = hostname === "GITHUB.COM";
+    const isGitHubEnterpriseCloudHost = hostname.endsWith(".GHE.COM");
+    const isLocalHost = hostname.endsWith(".LOCALHOST");
+    return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
 }
 exports.isGhes = isGhes;
 function isExactKeyMatch(key, cacheKey) {
@@ -65327,7 +65413,7 @@ module.exports = require("zlib");
 /***/ ((module) => {
 
 "use strict";
-module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/cache","version":"4.0.1","preview":true,"description":"Actions cache lib","keywords":["github","actions","cache"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/cache","license":"MIT","main":"lib/cache.js","types":"lib/cache.d.ts","directories":{"lib":"lib","test":"__tests__"},"files":["lib","!.DS_Store"],"publishConfig":{"access":"public"},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/cache"},"scripts":{"audit-moderate":"npm install && npm audit --json --audit-level=moderate > audit.json","test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"dependencies":{"@actions/core":"^1.11.1","@actions/exec":"^1.0.1","@actions/glob":"^0.1.0","@actions/http-client":"^2.1.1","@actions/io":"^1.0.1","@azure/abort-controller":"^1.1.0","@azure/ms-rest-js":"^2.6.0","@azure/storage-blob":"^12.13.0","@protobuf-ts/plugin":"^2.9.4","semver":"^6.3.1"},"devDependencies":{"@types/semver":"^6.0.0","typescript":"^5.2.2"}}');
+module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/cache","version":"4.0.3","preview":true,"description":"Actions cache lib","keywords":["github","actions","cache"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/cache","license":"MIT","main":"lib/cache.js","types":"lib/cache.d.ts","directories":{"lib":"lib","test":"__tests__"},"files":["lib","!.DS_Store"],"publishConfig":{"access":"public"},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/cache"},"scripts":{"audit-moderate":"npm install && npm audit --json --audit-level=moderate > audit.json","test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"dependencies":{"@actions/core":"^1.11.1","@actions/exec":"^1.0.1","@actions/glob":"^0.1.0","@actions/http-client":"^2.1.1","@actions/io":"^1.0.1","@azure/abort-controller":"^1.1.0","@azure/ms-rest-js":"^2.6.0","@azure/storage-blob":"^12.13.0","@protobuf-ts/plugin":"^2.9.4","semver":"^6.3.1"},"devDependencies":{"@types/node":"^22.13.9","@types/semver":"^6.0.0","typescript":"^5.2.2"}}');
 
 /***/ }),
 
@@ -65385,12 +65471,18 @@ module.exports = /*#__PURE__*/JSON.parse('[[[0,44],"disallowed_STD3_valid"],[[45
 /******/ 	if (typeof __nccwpck_require__ !== 'undefined') __nccwpck_require__.ab = __dirname + "/";
 /******/ 	
 /************************************************************************/
-/******/ 	
-/******/ 	// startup
-/******/ 	// Load entry module and return exports
-/******/ 	// This entry module is referenced by other modules so it can't be inlined
-/******/ 	var __webpack_exports__ = __nccwpck_require__(8168);
-/******/ 	module.exports = __webpack_exports__;
-/******/ 	
+var __webpack_exports__ = {};
+// This entry need to be wrapped in an IIFE because it need to be in strict mode.
+(() => {
+"use strict";
+var exports = __webpack_exports__;
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+const saveImpl_1 = __nccwpck_require__(56);
+(0, saveImpl_1.saveOnlyRun)(true);
+
+})();
+
+module.exports = __webpack_exports__;
 /******/ })()
 ;

dist/save/index.js

@@ -220,7 +220,7 @@ function restoreCacheV2(paths, primaryKey, restoreKeys, options, enableCrossOsAr
             };
             const response = yield twirpClient.GetCacheEntryDownloadURL(request);
             if (!response.ok) {
-                core.debug(`Cache not found for keys: ${keys.join(', ')}`);
+                core.debug(`Cache not found for version ${request.version} of keys: ${keys.join(', ')}`);
                 return undefined;
             }
             core.info(`Cache hit for: ${request.key}`);
@@ -412,12 +412,20 @@ function saveCacheV2(paths, key, options, enableCrossOsArchive = false) {
                 key,
                 version
             };
-            const response = yield twirpClient.CreateCacheEntry(request);
-            if (!response.ok) {
+            let signedUploadUrl;
+            try {
+                const response = yield twirpClient.CreateCacheEntry(request);
+                if (!response.ok) {
+                    throw new Error('Response was not ok');
+                }
+                signedUploadUrl = response.signedUploadUrl;
+            }
+            catch (error) {
+                core.debug(`Failed to reserve cache: ${error}`);
                 throw new ReserveCacheError(`Unable to reserve cache with key ${key}, another job may be creating this cache.`);
             }
             core.debug(`Attempting to upload cache located at: ${archivePath}`);
-            yield cacheHttpClient.saveCache(cacheId, archivePath, response.signedUploadUrl, options);
+            yield cacheHttpClient.saveCache(cacheId, archivePath, signedUploadUrl, options);
             const finalizeRequest = {
                 key,
                 version,
@@ -2196,6 +2204,7 @@ const cacheUtils_1 = __nccwpck_require__(8299);
 const auth_1 = __nccwpck_require__(4552);
 const http_client_1 = __nccwpck_require__(4844);
 const cache_twirp_client_1 = __nccwpck_require__(1486);
+const util_1 = __nccwpck_require__(7564);
 /**
  * This class is a wrapper around the CacheServiceClientJSON class generated by Twirp.
  *
@@ -2255,6 +2264,7 @@ class CacheServiceClient {
                     (0, core_1.debug)(`[Response] - ${response.message.statusCode}`);
                     (0, core_1.debug)(`Headers: ${JSON.stringify(response.message.headers, null, 2)}`);
                     const body = JSON.parse(rawBody);
+                    (0, util_1.maskSecretUrls)(body);
                     (0, core_1.debug)(`Body: ${JSON.stringify(body, null, 2)}`);
                     if (this.isSuccessStatusCode(statusCode)) {
                         return { response, body };
@@ -2436,6 +2446,87 @@ exports.getUserAgentString = getUserAgentString;
 
 /***/ }),
 
+/***/ 7564:
+/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => {
+
+"use strict";
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.maskSecretUrls = exports.maskSigUrl = void 0;
+const core_1 = __nccwpck_require__(7484);
+/**
+ * Masks the `sig` parameter in a URL and sets it as a secret.
+ *
+ * @param url - The URL containing the signature parameter to mask
+ * @remarks
+ * This function attempts to parse the provided URL and identify the 'sig' query parameter.
+ * If found, it registers both the raw and URL-encoded signature values as secrets using
+ * the Actions `setSecret` API, which prevents them from being displayed in logs.
+ *
+ * The function handles errors gracefully if URL parsing fails, logging them as debug messages.
+ *
+ * @example
+ * ```typescript
+ * // Mask a signature in an Azure SAS token URL
+ * maskSigUrl('https://example.blob.core.windows.net/container/file.txt?sig=abc123&se=2023-01-01');
+ * ```
+ */
+function maskSigUrl(url) {
+    if (!url)
+        return;
+    try {
+        const parsedUrl = new URL(url);
+        const signature = parsedUrl.searchParams.get('sig');
+        if (signature) {
+            (0, core_1.setSecret)(signature);
+            (0, core_1.setSecret)(encodeURIComponent(signature));
+        }
+    }
+    catch (error) {
+        (0, core_1.debug)(`Failed to parse URL: ${url} ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+exports.maskSigUrl = maskSigUrl;
+/**
+ * Masks sensitive information in URLs containing signature parameters.
+ * Currently supports masking 'sig' parameters in the 'signed_upload_url'
+ * and 'signed_download_url' properties of the provided object.
+ *
+ * @param body - The object should contain a signature
+ * @remarks
+ * This function extracts URLs from the object properties and calls maskSigUrl
+ * on each one to redact sensitive signature information. The function doesn't
+ * modify the original object; it only marks the signatures as secrets for
+ * logging purposes.
+ *
+ * @example
+ * ```typescript
+ * const responseBody = {
+ *   signed_upload_url: 'https://blob.core.windows.net/?sig=abc123',
+ *   signed_download_url: 'https://blob.core/windows.net/?sig=def456'
+ * };
+ * maskSecretUrls(responseBody);
+ * ```
+ */
+function maskSecretUrls(body) {
+    if (typeof body !== 'object' || body === null) {
+        (0, core_1.debug)('body is not an object or is null');
+        return;
+    }
+    if ('signed_upload_url' in body &&
+        typeof body.signed_upload_url === 'string') {
+        maskSigUrl(body.signed_upload_url);
+    }
+    if ('signed_download_url' in body &&
+        typeof body.signed_download_url === 'string') {
+        maskSigUrl(body.signed_download_url);
+    }
+}
+exports.maskSecretUrls = maskSecretUrls;
+//# sourceMappingURL=util.js.map
+
+/***/ }),
+
 /***/ 5321:
 /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) {
 
@@ -64842,37 +64933,6 @@ var Events;
 exports.RefKey = "GITHUB_REF";
 
 
-/***/ }),
-
-/***/ 198:
-/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) {
-
-"use strict";
-
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", ({ value: true }));
-const saveImpl_1 = __importDefault(__nccwpck_require__(56));
-const stateProvider_1 = __nccwpck_require__(2879);
-function run() {
-    return __awaiter(this, void 0, void 0, function* () {
-        yield (0, saveImpl_1.default)(new stateProvider_1.StateProvider());
-    });
-}
-run();
-exports["default"] = run;
-
-
 /***/ }),
 
 /***/ 56:
@@ -64913,9 +64973,11 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.saveRun = exports.saveOnlyRun = exports.saveImpl = void 0;
 const cache = __importStar(__nccwpck_require__(5116));
 const core = __importStar(__nccwpck_require__(7484));
 const constants_1 = __nccwpck_require__(7242);
+const stateProvider_1 = __nccwpck_require__(2879);
 const utils = __importStar(__nccwpck_require__(8270));
 // Catch and log any unhandled exceptions.  These exceptions can leak out of the uploadChunk method in
 // @actions/toolkit when a failed upload closes the file descriptor causing any in-process reads to
@@ -64962,7 +65024,54 @@ function saveImpl(stateProvider) {
         return cacheId;
     });
 }
-exports["default"] = saveImpl;
+exports.saveImpl = saveImpl;
+function saveOnlyRun(earlyExit) {
+    return __awaiter(this, void 0, void 0, function* () {
+        try {
+            const cacheId = yield saveImpl(new stateProvider_1.NullStateProvider());
+            if (cacheId === -1) {
+                core.warning(`Cache save failed.`);
+            }
+        }
+        catch (err) {
+            console.error(err);
+            if (earlyExit) {
+                process.exit(1);
+            }
+        }
+        // node will stay alive if any promises are not resolved,
+        // which is a possibility if HTTP requests are dangling
+        // due to retries or timeouts. We know that if we got here
+        // that all promises that we care about have successfully
+        // resolved, so simply exit with success.
+        if (earlyExit) {
+            process.exit(0);
+        }
+    });
+}
+exports.saveOnlyRun = saveOnlyRun;
+function saveRun(earlyExit) {
+    return __awaiter(this, void 0, void 0, function* () {
+        try {
+            yield saveImpl(new stateProvider_1.StateProvider());
+        }
+        catch (err) {
+            console.error(err);
+            if (earlyExit) {
+                process.exit(1);
+            }
+        }
+        // node will stay alive if any promises are not resolved,
+        // which is a possibility if HTTP requests are dangling
+        // due to retries or timeouts. We know that if we got here
+        // that all promises that we care about have successfully
+        // resolved, so simply exit with success.
+        if (earlyExit) {
+            process.exit(0);
+        }
+    });
+}
+exports.saveRun = saveRun;
 
 
 /***/ }),
@@ -65077,7 +65186,11 @@ const core = __importStar(__nccwpck_require__(7484));
 const constants_1 = __nccwpck_require__(7242);
 function isGhes() {
     const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com");
-    return ghUrl.hostname.toUpperCase() !== "GITHUB.COM";
+    const hostname = ghUrl.hostname.trimEnd().toUpperCase();
+    const isGitHubHost = hostname === "GITHUB.COM";
+    const isGitHubEnterpriseCloudHost = hostname.endsWith(".GHE.COM");
+    const isLocalHost = hostname.endsWith(".LOCALHOST");
+    return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
 }
 exports.isGhes = isGhes;
 function isExactKeyMatch(key, cacheKey) {
@@ -65300,7 +65413,7 @@ module.exports = require("zlib");
 /***/ ((module) => {
 
 "use strict";
-module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/cache","version":"4.0.1","preview":true,"description":"Actions cache lib","keywords":["github","actions","cache"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/cache","license":"MIT","main":"lib/cache.js","types":"lib/cache.d.ts","directories":{"lib":"lib","test":"__tests__"},"files":["lib","!.DS_Store"],"publishConfig":{"access":"public"},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/cache"},"scripts":{"audit-moderate":"npm install && npm audit --json --audit-level=moderate > audit.json","test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"dependencies":{"@actions/core":"^1.11.1","@actions/exec":"^1.0.1","@actions/glob":"^0.1.0","@actions/http-client":"^2.1.1","@actions/io":"^1.0.1","@azure/abort-controller":"^1.1.0","@azure/ms-rest-js":"^2.6.0","@azure/storage-blob":"^12.13.0","@protobuf-ts/plugin":"^2.9.4","semver":"^6.3.1"},"devDependencies":{"@types/semver":"^6.0.0","typescript":"^5.2.2"}}');
+module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/cache","version":"4.0.3","preview":true,"description":"Actions cache lib","keywords":["github","actions","cache"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/cache","license":"MIT","main":"lib/cache.js","types":"lib/cache.d.ts","directories":{"lib":"lib","test":"__tests__"},"files":["lib","!.DS_Store"],"publishConfig":{"access":"public"},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/cache"},"scripts":{"audit-moderate":"npm install && npm audit --json --audit-level=moderate > audit.json","test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"dependencies":{"@actions/core":"^1.11.1","@actions/exec":"^1.0.1","@actions/glob":"^0.1.0","@actions/http-client":"^2.1.1","@actions/io":"^1.0.1","@azure/abort-controller":"^1.1.0","@azure/ms-rest-js":"^2.6.0","@azure/storage-blob":"^12.13.0","@protobuf-ts/plugin":"^2.9.4","semver":"^6.3.1"},"devDependencies":{"@types/node":"^22.13.9","@types/semver":"^6.0.0","typescript":"^5.2.2"}}');
 
 /***/ }),
 
@@ -65358,12 +65471,18 @@ module.exports = /*#__PURE__*/JSON.parse('[[[0,44],"disallowed_STD3_valid"],[[45
 /******/ 	if (typeof __nccwpck_require__ !== 'undefined') __nccwpck_require__.ab = __dirname + "/";
 /******/ 	
 /************************************************************************/
-/******/ 	
-/******/ 	// startup
-/******/ 	// Load entry module and return exports
-/******/ 	// This entry module is referenced by other modules so it can't be inlined
-/******/ 	var __webpack_exports__ = __nccwpck_require__(198);
-/******/ 	module.exports = __webpack_exports__;
-/******/ 	
+var __webpack_exports__ = {};
+// This entry need to be wrapped in an IIFE because it need to be in strict mode.
+(() => {
+"use strict";
+var exports = __webpack_exports__;
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+const saveImpl_1 = __nccwpck_require__(56);
+(0, saveImpl_1.saveRun)(true);
+
+})();
+
+module.exports = __webpack_exports__;
 /******/ })()
 ;

examples.md

@@ -1,5 +1,6 @@
 # Examples
 
+- [Bun](#bun)
 - [C# - NuGet](#c---nuget)
 - [Clojure - Lein Deps](#clojure---lein-deps)
 - [D - DUB](#d---dub)
@@ -41,12 +42,32 @@
 - [Swift - Mint](#swift---mint)
 - [* - Bazel](#---bazel)
 
+## Bun
+
+```yaml
+- uses: actions/cache@v4
+  with:
+    path: |
+      ~/.bun/install/cache
+    key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lockb') }}
+```
+
+### Windows
+
+```yaml
+- uses: actions/cache@v4
+  with:
+    path: |
+      ~\.bun
+    key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lockb') }}
+```
+
 ## C# - NuGet
 
 Using [NuGet lock files](https://docs.microsoft.com/nuget/consume-packages/package-references-in-project-files#locking-dependencies):
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: ~/.nuget/packages
     key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
@@ -55,10 +76,10 @@ Using [NuGet lock files](https://docs.microsoft.com/nuget/consume-packages/packa
 ```
 
 Depending on the environment, huge packages might be pre-installed in the global cache folder.
-With `actions/cache@v3` you can now exclude unwanted packages with [exclude pattern](https://github.com/actions/toolkit/tree/main/packages/glob#exclude-patterns)
+With `actions/cache@v4` you can now exclude unwanted packages with [exclude pattern](https://github.com/actions/toolkit/tree/main/packages/glob#exclude-patterns)
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: |
       ~/.nuget/packages
@@ -75,7 +96,7 @@ Or you could move the cache folder like below.
 env:
   NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages
 steps:
-  - uses: actions/cache@v3
+  - uses: actions/cache@v4
     with:
       path: ${{ github.workspace }}/.nuget/packages
       key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
@@ -87,7 +108,7 @@ steps:
 
 ```yaml
 - name: Cache lein project dependencies
-  uses: actions/cache@v3
+  uses: actions/cache@v4
   with:
     path: ~/.m2/repository
     key: ${{ runner.os }}-clojure-${{ hashFiles('**/project.clj') }}
@@ -101,7 +122,7 @@ steps:
 ### POSIX
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: ~/.dub
     key: ${{ runner.os }}-dub-${{ hashFiles('**/dub.selections.json') }}
@@ -112,7 +133,7 @@ steps:
 ### Windows
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: ~\AppData\Local\dub
     key: ${{ runner.os }}-dub-${{ hashFiles('**/dub.selections.json') }}
@@ -125,7 +146,7 @@ steps:
 ### Linux
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: |
       ~/.deno
@@ -136,7 +157,7 @@ steps:
 ### macOS
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: |
       ~/.deno
@@ -147,7 +168,7 @@ steps:
 ### Windows
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: |
       ~\.deno
@@ -158,7 +179,7 @@ steps:
 ## Elixir - Mix
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: |
       deps
@@ -185,7 +206,7 @@ steps:
 ### Linux
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: |
       ~/.cache/go-build
@@ -198,7 +219,7 @@ steps:
 ### macOS
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: |
       ~/Library/Caches/go-build
@@ -211,7 +232,7 @@ steps:
 ### Windows
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: |
       ~\AppData\Local\go-build
@@ -227,7 +248,7 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 
 ```yaml
 - name: Cache ~/.cabal/packages, ~/.cabal/store and dist-newstyle
-  uses: actions/cache@v3
+  uses: actions/cache@v4
   with:
     path: |
       ~/.cabal/packages
@@ -242,14 +263,14 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 ### Linux or macOS
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   name: Cache ~/.stack
   with:
     path: ~/.stack
     key: ${{ runner.os }}-stack-global-${{ hashFiles('stack.yaml') }}-${{ hashFiles('package.yaml') }}
     restore-keys: |
       ${{ runner.os }}-stack-global-
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   name: Cache .stack-work
   with:
     path: .stack-work
@@ -261,7 +282,7 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 ### Windows
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   name: Cache %APPDATA%\stack %LOCALAPPDATA%\Programs\stack
   with:
     path: |
@@ -270,7 +291,7 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
     key: ${{ runner.os }}-stack-global-${{ hashFiles('stack.yaml') }}-${{ hashFiles('package.yaml') }}
     restore-keys: |
       ${{ runner.os }}-stack-global-
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   name: Cache .stack-work
   with:
     path: .stack-work
@@ -284,7 +305,7 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 > **Note** Ensure no Gradle daemons are running anymore when your workflow completes. Creating the cache package might fail due to locks being held by Gradle. Refer to the [Gradle Daemon documentation](https://docs.gradle.org/current/userguide/gradle_daemon.html) on how to disable or stop the Gradle Daemons.
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: |
       ~/.gradle/caches
@@ -298,7 +319,7 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 
 ```yaml
 - name: Cache local Maven repository
-  uses: actions/cache@v3
+  uses: actions/cache@v4
   with:
     path: ~/.m2/repository
     key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
@@ -334,7 +355,7 @@ After [deprecation](https://github.blog/changelog/2022-10-11-github-actions-depr
 `Get npm cache directory` step can then be used with `actions/cache` as shown below
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   id: npm-cache # use this to check for `cache-hit` ==> if: steps.npm-cache.outputs.cache-hit != 'true'
   with:
     path: ${{ steps.npm-cache-dir.outputs.dir }}
@@ -347,7 +368,7 @@ After [deprecation](https://github.blog/changelog/2022-10-11-github-actions-depr
 
 ```yaml
 - name: restore lerna
-  uses: actions/cache@v3
+  uses: actions/cache@v4
   with:
     path: '**/node_modules'
     key: ${{ runner.os }}-${{ hashFiles('**/yarn.lock') }}
@@ -361,7 +382,7 @@ The yarn cache directory will depend on your operating system and version of `ya
   id: yarn-cache-dir-path
   run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
 
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
   with:
     path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
@@ -379,7 +400,7 @@ The yarn 2 cache directory will depend on your config. See https://yarnpkg.com/c
   id: yarn-cache-dir-path
   run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
 
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
   with:
     path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
@@ -394,7 +415,7 @@ Esy allows you to export built dependencies and import pre-built dependencies.
 ```yaml
     - name: Restore Cache
       id: restore-cache
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: _export
         key:  ${{ runner.os }}-esy-${{ hashFiles('esy.lock/index.json') }}
@@ -423,7 +444,7 @@ Esy allows you to export built dependencies and import pre-built dependencies.
   id: composer-cache
   run: |
     echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: ${{ steps.composer-cache.outputs.dir }}
     key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
@@ -444,7 +465,7 @@ Locations:
 ### Simple example
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: ~/.cache/pip
     key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
@@ -457,7 +478,7 @@ Replace `~/.cache/pip` with the correct `path` if not using Ubuntu.
 ### Multiple OS's in a workflow
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   if: startsWith(runner.os, 'Linux')
   with:
     path: ~/.cache/pip
@@ -465,7 +486,7 @@ Replace `~/.cache/pip` with the correct `path` if not using Ubuntu.
     restore-keys: |
       ${{ runner.os }}-pip-
 
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   if: startsWith(runner.os, 'macOS')
   with:
     path: ~/Library/Caches/pip
@@ -473,7 +494,7 @@ Replace `~/.cache/pip` with the correct `path` if not using Ubuntu.
     restore-keys: |
       ${{ runner.os }}-pip-
 
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   if: startsWith(runner.os, 'Windows')
   with:
     path: ~\AppData\Local\pip\Cache
@@ -499,7 +520,7 @@ jobs:
         - os: windows-latest
           path: ~\AppData\Local\pip\Cache
     steps:
-    - uses: actions/cache@v3
+    - uses: actions/cache@v4
       with:
         path: ${{ matrix.path }}
         key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
@@ -513,11 +534,12 @@ jobs:
 ```yaml
 - name: Get pip cache dir
   id: pip-cache
+  shell: bash
   run: |
     echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT
 
 - name: pip cache
-  uses: actions/cache@v3
+  uses: actions/cache@v4
   with:
     path: ${{ steps.pip-cache.outputs.dir }}
     key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
@@ -535,7 +557,7 @@ jobs:
 
   ⋮
 
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: ~/.local/share/virtualenvs
     key: ${{ runner.os }}-python-${{ steps.setup-python.outputs.python-version }}-pipenv-${{ hashFiles('Pipfile.lock') }}
@@ -562,7 +584,7 @@ For renv, the cache directory will vary by OS. The `RENV_PATHS_ROOT` environment
     cat("##[set-output name=r-version;]", R.Version()$version.string, sep = "")
   shell: Rscript {0}
 - name: Restore Renv package cache
-  uses: actions/cache@v3
+  uses: actions/cache@v4
   with:
     path: ${{ env.RENV_PATHS_ROOT }}
     key: ${{ steps.get-version.outputs.os-version }}-${{ steps.get-version.outputs.r-version }}-${{ inputs.cache-version }}-${{ hashFiles('renv.lock') }}
@@ -588,7 +610,7 @@ whenever possible:
 ## Rust - Cargo
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: |
       ~/.cargo/bin/
@@ -603,7 +625,7 @@ whenever possible:
 
 ```yaml
 - name: Cache SBT
-  uses: actions/cache@v3
+  uses: actions/cache@v4
   with:
     path: |
       ~/.ivy2/cache
@@ -614,7 +636,7 @@ whenever possible:
 ## Swift, Objective-C - Carthage
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: Carthage
     key: ${{ runner.os }}-carthage-${{ hashFiles('**/Cartfile.resolved') }}
@@ -625,7 +647,7 @@ whenever possible:
 ## Swift, Objective-C - CocoaPods
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: Pods
     key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }}
@@ -636,7 +658,7 @@ whenever possible:
 ## Swift - Swift Package Manager
 
 ```yaml
-- uses: actions/cache@v3
+- uses: actions/cache@v4
   with:
     path: .build
     key: ${{ runner.os }}-spm-${{ hashFiles('**/Package.resolved') }}
@@ -651,7 +673,7 @@ env:
   MINT_PATH: .mint/lib
   MINT_LINK_PATH: .mint/bin
 steps:
-  - uses: actions/cache@v3
+  - uses: actions/cache@v4
     with:
       path: .mint
       key: ${{ runner.os }}-mint-${{ hashFiles('**/Mintfile') }}
@@ -667,7 +689,7 @@ steps:
 
 ```yaml
 - name: Cache Bazel
-  uses: actions/cache@v3
+  uses: actions/cache@v4
   with:
     path: |
       ~/.cache/bazel
@@ -681,7 +703,7 @@ steps:
 
 ```yaml
 - name: Cache Bazel
-  uses: actions/cache@v3
+  uses: actions/cache@v4
   with:
     path: |
       /private/var/tmp/_bazel_runner/

package-lock.json

@@ -1,15 +1,15 @@
 {
   "name": "cache",
-  "version": "3.4.1",
+  "version": "4.2.3",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "cache",
-      "version": "3.4.1",
+      "version": "4.2.3",
       "license": "MIT",
       "dependencies": {
-        "@actions/cache": "^4.0.1",
+        "@actions/cache": "^4.0.3",
         "@actions/core": "^1.11.1",
         "@actions/exec": "^1.1.1",
         "@actions/io": "^1.1.3"
@@ -36,9 +36,9 @@
       }
     },
     "node_modules/@actions/cache": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/@actions/cache/-/cache-4.0.1.tgz",
-      "integrity": "sha512-u2NrTo95PDmk145wrr+fMhrvpF0hfPmD6cLkR7NozvNHqanR0BmRHBzEe1yiGZFFEHbu6/e6EOEX7qoM7fWVTA==",
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/@actions/cache/-/cache-4.0.3.tgz",
+      "integrity": "sha512-SvrqFtYJ7I48A/uXNkoJrnukx5weQv1fGquhs3+4nkByZThBH109KTIqj5x/cGV7JGNvb8dLPVywUOqX1fjiXg==",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^1.11.1",
@@ -3598,7 +3598,6 @@
       "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
       "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "fill-range": "^7.1.1"
       },
@@ -4701,7 +4700,6 @@
       "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
       "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "to-regex-range": "^5.0.1"
       },
@@ -5223,7 +5221,6 @@
       "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz",
       "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
       "dev": true,
-      "license": "MIT",
       "engines": {
         "node": ">=0.12.0"
       }
@@ -9226,7 +9223,6 @@
       "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
       "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "is-number": "^7.0.0"
       },
@@ -9604,9 +9600,9 @@
   },
   "dependencies": {
     "@actions/cache": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/@actions/cache/-/cache-4.0.1.tgz",
-      "integrity": "sha512-u2NrTo95PDmk145wrr+fMhrvpF0hfPmD6cLkR7NozvNHqanR0BmRHBzEe1yiGZFFEHbu6/e6EOEX7qoM7fWVTA==",
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/@actions/cache/-/cache-4.0.3.tgz",
+      "integrity": "sha512-SvrqFtYJ7I48A/uXNkoJrnukx5weQv1fGquhs3+4nkByZThBH109KTIqj5x/cGV7JGNvb8dLPVywUOqX1fjiXg==",
       "requires": {
         "@actions/core": "^1.11.1",
         "@actions/exec": "^1.0.1",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cache",
-  "version": "3.4.1",
+  "version": "4.2.3",
   "private": true,
   "description": "Cache dependencies and build outputs",
   "main": "dist/restore/index.js",
@@ -23,7 +23,7 @@
   "author": "GitHub",
   "license": "MIT",
   "dependencies": {
-    "@actions/cache": "^4.0.1",
+    "@actions/cache": "^4.0.3",
     "@actions/core": "^1.11.1",
     "@actions/exec": "^1.1.1",
     "@actions/io": "^1.1.3"

restore/README.md

@@ -35,9 +35,9 @@ If you are using separate jobs to create and save your cache(s) to be reused by
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
+  - uses: actions/checkout@v4
 
-  - uses: actions/cache/restore@v3
+  - uses: actions/cache/restore@v4
     id: cache
     with:
       path: path/to/dependencies
@@ -64,12 +64,12 @@ In case of multi-module projects, where the built artifact of one project needs
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
+  - uses: actions/checkout@v4
 
   - name: Build
     run: /build-parent-module.sh
 
-  - uses: actions/cache/save@v3
+  - uses: actions/cache/save@v4
     id: cache
     with:
       path: path/to/dependencies
@@ -80,9 +80,9 @@ steps:
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
+  - uses: actions/checkout@v4
 
-  - uses: actions/cache/restore@v3
+  - uses: actions/cache/restore@v4
     id: cache
     with:
       path: path/to/dependencies
@@ -107,9 +107,9 @@ To fail if there is no cache hit for the primary key, leave `restore-keys` empty
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
+  - uses: actions/checkout@v4
 
-  - uses: actions/cache/restore@v3
+  - uses: actions/cache/restore@v4
     id: cache
     with:
       path: path/to/dependencies

restore/action.yml

@@ -9,7 +9,7 @@ inputs:
     description: 'An explicit key for restoring the cache'
     required: true
   restore-keys:
-    description: 'An ordered list of keys to use for restoring stale cache if no cache hit occurred for key. Note `cache-hit` returns false in this case.'
+    description: 'An ordered multiline string listing the prefix-matched keys, that are used for restoring stale cache if no cache hit occurred for key. Note `cache-hit` returns false in this case.'
     required: false
   enableCrossOsArchive:
     description: 'An optional boolean when enabled, allows windows runners to restore caches that were saved on other platforms'
@@ -31,7 +31,7 @@ outputs:
   cache-matched-key:
     description: 'Key of the cache that was restored, it could either be the primary key on cache-hit or a partial/complete match of one of the restore keys'
 runs:
-  using: 'node16'
+  using: 'node20'
   main: '../dist/restore-only/index.js'
 branding:
   icon: 'archive'

save/README.md

@@ -23,7 +23,7 @@ If you are using separate jobs for generating common artifacts and sharing them
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
+  - uses: actions/checkout@v4
 
   - name: Install Dependencies
     run: /install.sh
@@ -31,7 +31,7 @@ steps:
   - name: Build artifacts
     run: /build.sh
 
-  - uses: actions/cache/save@v3
+  - uses: actions/cache/save@v4
     id: cache
     with:
       path: path/to/dependencies
@@ -47,7 +47,7 @@ Let's say we have a restore step that computes a key at runtime.
 #### Restore a cache
 
 ```yaml
-uses: actions/cache/restore@v3
+uses: actions/cache/restore@v4
 id: restore-cache
 with:
     key: cache-${{ hashFiles('**/lockfiles') }}
@@ -55,7 +55,7 @@ with:
 
 #### Case 1 - Where a user would want to reuse the key as it is
 ```yaml
-uses: actions/cache/save@v3
+uses: actions/cache/save@v4
 with:
     key: ${{ steps.restore-cache.outputs.cache-primary-key }}
 ```
@@ -63,26 +63,54 @@ with:
 #### Case 2 - Where the user would want to re-evaluate the key
 
 ```yaml
-uses: actions/cache/save@v3
+uses: actions/cache/save@v4
 with:
     key: npm-cache-${{hashfiles(package-lock.json)}}
 ```
 
 ### Always save cache
 
-There are instances where some flaky test cases would fail the entire workflow and users would get frustrated because the builds would run for hours and the cache couldn't be saved as the workflow failed in between. For such use-cases, users now have the ability to use the `actions/cache/save` action to save the cache by using an `if: always()` condition. This way the cache will always be saved if generated, or a warning will be generated that nothing is found on the cache path. Users can also use the `if` condition to only execute the `actions/cache/save` action depending on the output of previous steps. This way they get more control of when to save the cache.
+There are instances where some flaky test cases would fail the entire workflow and users would get frustrated because the builds would run for hours and the cache couldn't be saved as the workflow failed in between.
+For such use-cases, users now have the ability to use the `actions/cache/save` action to save the cache by using an [`always()`](https://docs.github.com/actions/writing-workflows/choosing-what-your-workflow-does/expressions#always) condition.
+This way the cache will always be saved if generated, or a warning will be generated that nothing is found on the cache path. Users can also use the `if` condition to only execute the `actions/cache/save` action depending on the output of previous steps. This way they get more control of when to save the cache.
+
+To avoid saving a cache that already exists, the `cache-hit` output from a restore step should be checked.
+
+The `cache-primary-key` output from the restore step should also be used to ensure
+the cache key does not change during the build if it's calculated based on file contents.
+
+Here's an example where we imagine we're calculating a lot of prime numbers and want to cache them:
 
 ```yaml
-steps:
-  - uses: actions/checkout@v3
-  .
-  . // restore if need be
-  .
-  - name: Build
-    run: /build.sh
-  - uses: actions/cache/save@v3
-    if: always() // or any other condition to invoke the save action
-    with:
-      path: path/to/dependencies
-      key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }}
+name: Always Caching Prime Numbers
+
+on: push
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Restore cached Prime Numbers
+      id: cache-prime-numbers-restore
+      uses: actions/cache/restore@v4
+      with:
+        key: ${{ runner.os }}-prime-numbers
+        path: |
+          path/to/dependencies
+          some/other/dependencies
+
+    # Intermediate workflow steps
+
+    - name: Always Save Prime Numbers
+      id: cache-prime-numbers-save
+      if: always() && steps.cache-prime-numbers-restore.outputs.cache-hit != 'true'
+      uses: actions/cache/save@v4
+      with:
+        key: ${{ steps.cache-prime-numbers-restore.outputs.cache-primary-key }}
+        path: |
+          path/to/dependencies
+          some/other/dependencies
 ```

save/action.yml

@@ -16,7 +16,7 @@ inputs:
     default: 'false'
     required: false
 runs:
-  using: 'node16'
+  using: 'node20'
   main: '../dist/save-only/index.js'
 branding:
   icon: 'archive'

src/restoreImpl.ts

@@ -10,7 +10,8 @@ import {
 import * as utils from "./utils/actionUtils";
 
 export async function restoreImpl(
-    stateProvider: IStateProvider
+    stateProvider: IStateProvider,
+    earlyExit?: boolean | undefined
 ): Promise<string | undefined> {
     try {
         if (!utils.isCacheFeatureAvailable()) {
@@ -50,6 +51,9 @@ export async function restoreImpl(
         );
 
         if (!cacheKey) {
+            // `cache-hit` is intentionally not set to `false` here to preserve existing behavior
+            // See https://github.com/actions/cache/issues/1466
+
             if (failOnCacheMiss) {
                 throw new Error(
                     `Failed to restore cache entry. Exiting as fail-on-cache-miss is set. Input key: ${primaryKey}`
@@ -61,7 +65,6 @@ export async function restoreImpl(
                     ...restoreKeys
                 ].join(", ")}`
             );
-
             return;
         }
 
@@ -83,6 +86,9 @@ export async function restoreImpl(
         return cacheKey;
     } catch (error: unknown) {
         core.setFailed((error as Error).message);
+        if (earlyExit) {
+            process.exit(1);
+        }
     }
 }
 
@@ -90,14 +96,7 @@ async function run(
     stateProvider: IStateProvider,
     earlyExit: boolean | undefined
 ): Promise<void> {
-    try {
-        await restoreImpl(stateProvider);
-    } catch (err) {
-        console.error(err);
-        if (earlyExit) {
-            process.exit(1);
-        }
-    }
+    await restoreImpl(stateProvider, earlyExit);
 
     // node will stay alive if any promises are not resolved,
     // which is a possibility if HTTP requests are dangling

src/save.ts

@@ -1,10 +1,3 @@
-import saveImpl from "./saveImpl";
-import { StateProvider } from "./stateProvider";
+import { saveRun } from "./saveImpl";
 
-async function run(): Promise<void> {
-    await saveImpl(new StateProvider());
-}
-
-run();
-
-export default run;
+saveRun(true);

src/saveImpl.ts

@@ -2,7 +2,11 @@ import * as cache from "@actions/cache";
 import * as core from "@actions/core";
 
 import { Events, Inputs, State } from "./constants";
-import { IStateProvider } from "./stateProvider";
+import {
+    IStateProvider,
+    NullStateProvider,
+    StateProvider
+} from "./stateProvider";
 import * as utils from "./utils/actionUtils";
 
 // Catch and log any unhandled exceptions.  These exceptions can leak out of the uploadChunk method in
@@ -10,7 +14,9 @@ import * as utils from "./utils/actionUtils";
 // throw an uncaught exception.  Instead of failing this action, just warn.
 process.on("uncaughtException", e => utils.logWarning(e.message));
 
-async function saveImpl(stateProvider: IStateProvider): Promise<number | void> {
+export async function saveImpl(
+    stateProvider: IStateProvider
+): Promise<number | void> {
     let cacheId = -1;
     try {
         if (!utils.isCacheFeatureAvailable()) {
@@ -72,4 +78,47 @@ async function saveImpl(stateProvider: IStateProvider): Promise<number | void> {
     return cacheId;
 }
 
-export default saveImpl;
+export async function saveOnlyRun(
+    earlyExit?: boolean | undefined
+): Promise<void> {
+    try {
+        const cacheId = await saveImpl(new NullStateProvider());
+        if (cacheId === -1) {
+            core.warning(`Cache save failed.`);
+        }
+    } catch (err) {
+        console.error(err);
+        if (earlyExit) {
+            process.exit(1);
+        }
+    }
+
+    // node will stay alive if any promises are not resolved,
+    // which is a possibility if HTTP requests are dangling
+    // due to retries or timeouts. We know that if we got here
+    // that all promises that we care about have successfully
+    // resolved, so simply exit with success.
+    if (earlyExit) {
+        process.exit(0);
+    }
+}
+
+export async function saveRun(earlyExit?: boolean | undefined): Promise<void> {
+    try {
+        await saveImpl(new StateProvider());
+    } catch (err) {
+        console.error(err);
+        if (earlyExit) {
+            process.exit(1);
+        }
+    }
+
+    // node will stay alive if any promises are not resolved,
+    // which is a possibility if HTTP requests are dangling
+    // due to retries or timeouts. We know that if we got here
+    // that all promises that we care about have successfully
+    // resolved, so simply exit with success.
+    if (earlyExit) {
+        process.exit(0);
+    }
+}

src/saveOnly.ts

@@ -1,15 +1,3 @@
-import * as core from "@actions/core";
+import { saveOnlyRun } from "./saveImpl";
 
-import saveImpl from "./saveImpl";
-import { NullStateProvider } from "./stateProvider";
-
-async function run(): Promise<void> {
-    const cacheId = await saveImpl(new NullStateProvider());
-    if (cacheId === -1) {
-        core.warning(`Cache save failed.`);
-    }
-}
-
-run();
-
-export default run;
+saveOnlyRun(true);

src/utils/actionUtils.ts

@@ -7,7 +7,13 @@ export function isGhes(): boolean {
     const ghUrl = new URL(
         process.env["GITHUB_SERVER_URL"] || "https://github.com"
     );
-    return ghUrl.hostname.toUpperCase() !== "GITHUB.COM";
+
+    const hostname = ghUrl.hostname.trimEnd().toUpperCase();
+    const isGitHubHost = hostname === "GITHUB.COM";
+    const isGitHubEnterpriseCloudHost = hostname.endsWith(".GHE.COM");
+    const isLocalHost = hostname.endsWith(".LOCALHOST");
+
+    return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
 }
 
 export function isExactKeyMatch(key: string, cacheKey?: string): boolean {

tips-and-workarounds.md

@@ -12,7 +12,7 @@ A cache today is immutable and cannot be updated. But some use cases require the
 
   ```yaml
       - name: update cache on every commit
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: prime-numbers
           key: primes-${{ runner.os }}-${{ github.run_id }} # Can use time based key as well
@@ -37,9 +37,8 @@ From `v3.2.3` cache is cross-os compatible when `enableCrossOsArchive` input is
 
 ## Force deletion of caches overriding default cache eviction policy
 
-Caches have [branch scope restriction](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#restrictions-for-accessing-a-cache) in place. This means that if caches for a specific branch are using a lot of storage quota, it may result into more frequently used caches from `default` branch getting thrashed. For example, if there are many pull requests happening on a repo and are creating caches, these cannot be used in default branch scope but will still occupy a lot of space till they get cleaned up by [eviction policy](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy). But sometime we want to clean them up on a faster cadence so as to ensure default branch is not thrashing. In order to achieve this, [gh-actions-cache cli](https://github.com/actions/gh-actions-cache/) can be used to delete caches for specific branches.
+Caches have [branch scope restriction](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#restrictions-for-accessing-a-cache) in place. This means that if caches for a specific branch are using a lot of storage quota, it may result into more frequently used caches from `default` branch getting thrashed. For example, if there are many pull requests happening on a repo and are creating caches, these cannot be used in default branch scope but will still occupy a lot of space till they get cleaned up by [eviction policy](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy). But sometime we want to clean them up on a faster cadence so as to ensure default branch is not thrashing.
 
-This workflow uses `gh-actions-cache` to delete all the caches created by a branch.
 <details>
   <summary>Example</summary>
 
@@ -60,29 +59,23 @@ jobs:
       actions: write
       contents: read
     steps:
-      - name: Check out code
-        uses: actions/checkout@v3
-
       - name: Cleanup
         run: |
-          gh extension install actions/gh-actions-cache
-          
-          REPO=${{ github.repository }}
-          BRANCH=refs/pull/${{ github.event.pull_request.number }}/merge
-
           echo "Fetching list of cache key"
-          cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH | cut -f 1 )
+          cacheKeysForPR=$(gh cache list --ref $BRANCH --limit 100 --json id --jq '.[].id')
 
-          ## Setting this to not fail the workflow while deleting cache keys. 
+          ## Setting this to not fail the workflow while deleting cache keys.
           set +e
           echo "Deleting caches..."
           for cacheKey in $cacheKeysForPR
           do
-              gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm
+              gh cache delete $cacheKey
           done
           echo "Done"
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_REPO: ${{ github.repository }}
+          BRANCH: refs/pull/${{ github.event.pull_request.number }}/merge
 ```
 
 </details>